Google Chrome is getting a new security feature that can help prevent websites from attacking your home network. The mechanism has been termed "Private Network Access for Navigation Requests".
To be more specific, the feature which was spotted by XDA, has been designed to protect the devices that are connected to your home network, from being infected. This is done by restricting the navigation requests that may be initiated by a malicious website.
Google Chrome's Private Network Access for Navigation Requests
Normally, when you go from one website to another, the browser will take you to the destination. This is done by the user, i.e. by clicking on links. Some websites can redirect you to other web pages automatically, and this is when things can turn ugly. There are some protocols already in place, such as Google's Safe Browsing, that protect users from dangerous web pages. With the new Private Network Access security feature in place, Chrome will check the origin of the request, i.e. to identify whether it comes from a secure source. It then sends a preflight request to check whether the destination website has a header that allows private network access. In other words, it scans both websites, and the device, to ensure that they are not infected, before allowing the page to load in your web browser.
This is how the Mountain View company describes the feature, "Requests are considered “Private Network Access” if the resulting connection’s IP address space is less-public than the IP address space in the request’s initiator’s policy container”.
Google also wants to disable auto-reloading of web pages in case a request has been blocked by Private Network Access. The official documentation page for the feature, which you can access on Google Docs, has a screenshot that outlines the error message that a user will see when a malicious connection attempt was blocked.
Initially, Chrome will not fail the checks even if the request itself does fail. But this "warning-only version" is likely to exist only during the development phase, Google says that Chrome's DevTools will log the request as a warning to help web developers understand how it works. The feature will later be updated with a setting which a user can use to disable on a per-site basis.
Mozilla and Apple have given their nod of approval for the feature as it will become part of the web standard, but they are not happy with the term "Private" in the name as it could result in some confusion, and feel that "Local Network Access" would better suit the feature.
Google's announcement says the feature will be shipped with Chrome 123 for desktop and Android. According to the browser's roadmap, Chrome version 123 will be available in the Beta channel from February 21, and is set to hit the Stable channel on March 13. The Chrome Status page lists Private Network Access for Navigation Requests among the features that are enabled by default.
This feature might be a good way to protect PCs from being spied upon, or become part of botnets. Of course, it won't be completely foolproof, I recommend using a good ad blocker like uBlock Origin, a reliable antivirus such as Windows Defender. Pay attention to URLs on web pages, avoid HTTP links and sketchy websites.
What do you think about the Private Network Access feature?
Thank you for being a Ghacks reader. The post Google Chrome will soon prevent malicious websites from attacking your home network appeared first on gHacks Technology News.
0 Commentaires