1 - The first 4 bytes of all url hashes in the blocklist are cached in the browser.
2 - When there is a match, you request of Google the actual urls on the blocklist.
3 - Client side your browser blocks loading the url.
Google only knows that the site had a hash collision with the first 4 bytes of something in the blocklist.
I, personally, think that's a fair price for otherwise free malware protection. It's also built into Firefox and on by default. [2]
[1] https://developers.google.com/safe-browsing/v4#update-api-v4
[2] https://wiki.mozilla.org/Security/Safe_Browsing
1 - The first 4 bytes of all url hashes in the blocklist are cached in the browser.
2 - When there is a match, you request of Google the actual urls on the blocklist.
3 - Client side your browser blocks loading the url.
Google only knows that the site had a hash collision with the first 4 bytes of something in the blocklist.
I, personally, think that's a fair price for otherwise free malware protection. It's also built into Firefox and on by default. [2]
[1] https://developers.google.com/safe-browsing/v4#update-api-v4
[2] https://wiki.mozilla.org/Security/Safe_Browsing