After years of issues with rogue Chrome extensions , hijacks, and malware, Google announced a slew of new policies Thursday to ensure the little browser applets are secure. The changes announced Thursday will make it harder for Chrome extensions distributed through Google's Chrome Web Store to quietly grab user data.
The next version of the Chrome browser, version 83, will include a bunch of updates that make it slightly easier to cleanse some of the data Google collects about you and reduce the chances of you getting hacked. Here’s what’s changing.
Real-Time Threat Checking
On the web, scammers act quickly. The coronavirus crisis has proven this: scammers and criminals have quickly re-tooled their online tricks to prey on people’s desperation and curiosity.Chrome’s new Enhanced Safe Browsing mode will attempt to play catchup. If you turn the feature on the address of websites you’re visiting will be shared with Google in real-time and the company will compare it to its blocklist of unsafe sites. This builds on its existing Safe Browsing mode.
As part of this internal advocacy work, Fong-Jones had become attuned to the way discussions about diversity on internal forums were beset by men like Cernekee, Damore, and other coworkers who were “just asking questions.” To her mind, Google's management had allowed these dynamics to fester for too long, and now it was time for executives to take a stand.
"Chrome checks the URL of each site you visit or file you download against a local list, which is updated approximately every 30 minutes," Google explains in a blog post about the new setting. "Increasingly, some sophisticated phishing sites slip through that 30-minute refresh window by switching domains very quickly."If you’re signed in to a Google account while you’re using Chrome, the system will be able to pull data from other Google apps you use: such as Gmail or Google Drive. If there’s a suspicious link in a document you’re working on in Drive then the tool could inform Chrome when you click on it.
There is one big caveat to this update—Google will be processing more information about where you’re going on the web, faster. The company has said that when its Safe Browsing algorithm has figured out the website you’re visiting isn’t a threat it will anonymize and eventually delete the data when it is no longer being used. Google hasn’t put a time frame hasn’t been put on this deletion.
You should be using a password manager to keep your login details secure. As part of this your passwords should be unique and secure.
Google has its own password manager built into Chrome. This can save the passwords you use to login through your browser and can recommend if your passwords are insecure. We recommend using a third-party password manager so all your data isn’t held by one company, in this case Google. But generally, Google’s password management system is better than not using anything at all.A Safety Check tool is being added to Chrome’s settings. When you visit the tool it will run a quick scan of your Chrome setup to recommend extra privacy or security steps you could take. This includes a check on your Chrome extensions, whether you’re using the most up-to-date version of Chrome, if Safe Browsing is running, and whether any of your stored passwords have been compromised.
Google checks the passwords you have saved against a list of exposed details from previous data breaches. It works in a similar way to Have I Been Pwned but inside your browser. If Google spots a password that you’re using has been previously compromised it will prompt you to update it to something that’s more secure.
Incognito mode has never been private and it never will be. For the most private browsing experiences you need to use a VPN and a browser that doesn’t collect user information—see below for more on this.