[ImPostingOnHN]

> I think there's an unevaluated tension in goals between keeping users safe from malware here and making it easy for new sites to reach people

To be fair, I evaluated that trade off before replying. It's also not just "new sites", but literally any site or person which could be victimized by "safe browsing".

> Those "false negatives" mean users lose things (bank accounts, privacy, access to their computer) through no fault of their own.

That was already happening, and will continue to happen, no matter what. The only thing that the false negative caused is, a stranger didn't swoop in to save a 2nd stranger from a 3rd stranger. That's ok: superheros are bad government. The government should be the one protecting citizens.

[shadowgovt]

> no matter what

Well, no... That's the thing about false negatives vs. true negatives. The more effective the safe browsing protection is, the fewer false negatives. I think we can agree to disagree on where one should tune the knob between minimizing false negatives and minimizing false positives, especially since

a) you have to be doing something pretty unusual to trigger a false positive (such as "setting up an elaborate mechanism to let user-generated content be hosted off of a subdomain you own")

b) there is a workaround once a publisher is aware of the issue.

> The government should be the one protecting citizens.

This seems to be a claim "Safe browsing should be a government institution." I don't immediately disagree, but we must ask ourselves "Which government do we trust with that responsibility?" In America, that's a near-vertical cliff to scale (and it was even before the current government proved a willingness to weaponize its enforcement capacity against speech that should by rights be protected).

If I don't like Chrome safe browsing protection, I can turn it off or change browsers. What do I do if I don't like my government's safe browsing protection? Is it as opt-out as a corporate-provided one is?

[ImPostingOnHN]

> Well, no... That's the thing about false negatives vs. true negatives. The more effective the safe browsing protection is, the fewer false negatives.

That reiterates what I said: the harms happened before, and will continue happening, no matter what. No action will reduce them to 0.

> a) you have to be doing something pretty unusual to trigger a false positive

I don't think that's true here. Many people have been harmed due to trivial, common actions. Other victims, their charges are secret, and they are not afforded due process, an impartial judge, or even the right to face their accusers. Very tyrannic and kafka-esque. Without transparency into the precise rules and process, we categorically cannot make the above claim, and evidence seems to belie it.

> This seems to be a claim "Safe browsing should be a government institution."... What do I do if I don't like my government's safe browsing protection? Is it as opt-out as a corporate-provided one is?

Good news! It isn't. Who says the government needs to provide safe browsing protection? There are other levers governments can take, like investigating and prosecuting criminals, and making victims whole. "Safe browsing" exists because the government has so far failed at that. Law enforcement is more focused on rounding up & perpetrating violence upon people with different skin color than them, I guess.

All that said, I feel like I articulated a pretty good alternative if google really wants to keep safe browsing going: just provide due process to their victims, which includes: a presumption of innocence (one even weaker than in public policy); the right to face their accusers; the right to a speedy, public trial; the right to defend themselves; and the right to an impartial judge/jury.

[shadowgovt]

> No action will reduce them to 0.

I gave the grace of assuming you weren't making the absurd argument "You can't ever protect against all ills, therefore you shouldn't try." I won't continue in making that error if that was an error.

> Many people have been harmed due to trivial, common actions

[citation needed]. 100% of safe browsing flaggings I am familiar with are "We let users put content on our site without vetting it," or "We hosted binaries without vetting them and one was malware," or "We got owned and didn't know it." I'm sure there are false positives that are truly false, but I'm aware of zero. Google isn't generally in the business of being preemptive about this sort of thing; they tend to add a site to safe browsing warning only after their crawlers have detected an actual threat behavior. Even in the case of immich.cloud, I don't see any evidence that Immich audited 100% of the *.immich.cloud sites against malware or against users using it intentionally to put up a "This is definitely the Bank of America login page" site with Immich de-facto signing off on the legitimacy of that site.

> they are not afforded due process, an impartial judge, or even the right to face their accusers

I would be in favor of improvements to the restoration process, but there are very good reasons to make addition to the safe browsing list fast; sites on the safe browsing list demonstrated an actual harm vector. Being added to the list isn't being found guilty; it's being arrested by a cop on the street on suspicion of guilt. I will concur that Google is under-incentivized to aggressively crawl red-paged sites to see if they are recovered.

> Very tyrannic and kafka-esque

The key difference is that users may stop using Chrome if it bothers them. Since they don't, I think we can make the educated guess that the benefit outweighs the harm for Chrome users.

> Without transparency into the precise rules and process

Non-starter. The process is a cat-and-mouse against hostile actors. They can't inform the public of all the rules without informing the hostile actors at the same time. This is similar to the reason they don't publish an exhaustive list of what gets an ad banned.

> Who says the government needs to provide safe browsing protection?

Perhaps I misunderstood you. Two posts up: "a stranger didn't swoop in to save a 2nd stranger from a 3rd stranger. That's ok: superheros are bad government. The government should be the one protecting citizens." I thought this meant that it was not okay for private companies to be providing safe browsing protection, but it would be okay for a government to do so? Perhaps the superhero metaphor is lost on me.

> There are other levers governments can take, like investigating and prosecuting criminals, and making victims whole. "Safe browsing" exists because the government has so far failed at that.

Here we are in agreement. But I think rounding up and prosecuting criminals and making victims whole in this context would require sweeping and trans-national law changes to e.g. give a grandmother in Idaho her life savings back after operatives in Russia steal it, with at least two governments conducting inter-country data forensics to resolve the question of who the culprit was that may cost an order of magnitude of resources atop said life savings. I'm not holding my breath (especially since one of those countries is currently under sanctions from the other country).

> just provide due process to their victims, which includes: a presumption of innocence

It's a non-starter. The "victims" here are websites with dodgy reputations and dodgier methods of even contacting them to let them know they look sketchy, much less expectation they will respond to that information. Google red-paging the site is the method of contacting them; the only one that works reliably. The rights you claim necessary are necessary to protect against a government, which one cannot choose to not be a citizen of. Not the safe-access policies of a browser that people can choose not to use.

Your fundamental concern is that the current status quo is tilted towards user safety and against new site admins vs. incumbent sites. Yes. This is the correct place for a browser to put the risk-reward weights. Email has already followed the same pattern for very similar reasons.

p.s: FWIW, Immich tried to switch from immich.cloud to immich.build and immediately tripped over another issue: their SSL certificate was signed for immich.cloud, and it can't validate a site with the TLD immich.build. Independent of all other issues here about safe browsing in general, Immich seems to be demonstrating a spooky lack of understanding about architecting web services from the point of view of multiple features paid for in blood to keep end-users safe, and I don't feel a lot of trust of the project (or its parent, Futo) in general at this time.