Google: We'll Test Hiding The Full URL In Chrome 86 To Combat Phishing

Google will subject Chrome users to a large-scale test in the next version of its browser to discover how people respond to just seeing a site's domain name without the full URL for pages on that site. 

The test will be carried out on Chrome 86, which is due for a stable release at the end of this month. 

Chrome 86 is already known to include a feature that detects and unloads heavy ads and throttles JavaScript timers used on websites to deliver better battery life for end-user devices.

SEE: How to become a developer: A cheat sheet (TechRepublic)    

Google's new experiment will involve some "randomly assigned" users of Chrome 86. These users will have two choices when the full URL (Uniform Resource Locator) is concealed. Those in the experiment would, for example, only see en.wikipedia.org rather than the full address of the specific Wikipedia page.  

As a first step, users in the experiment can hover over the limited URL to display the full URL. The other option is to right-click on the URL, and choose 'Always show full URLs' in the context menu. This will make Chrome show the full URL for all future sites being visited.

The purpose of the experiment is to see whether this approach helps people spot phishing URLs.

As Google points out, there are a bunch of ways scammers and attackers can tweak a URL to trick users into thinking they're opening a legitimate and authentic page.  

Apple Safari is one browser that already only shows the domain name by default and like Chrome, no longer shows the HTTPS part of the URL. 

"In Chrome 86, we're likewise going to experiment with how URLs are shown in the address bar on desktop platforms. Our goal is to understand – through real-world usage – whether showing URLs this way helps users realize they're visiting a malicious website, and protects them from phishing and social-engineering attacks," the Chrome security team states. 

Chrome users can test the approach Google is exploring in the Chrome Canary and Dev channels. Users will need to open chrome://flags in Chrome 86 and enable several flags before relaunching Chrome. 

The flags include:  

  • #omnibox-ui-reveal-steady-state-url-path-query-and-ref-on-hover
  • #omnibox-ui-sometimes-elide-to-registrable-domain
  • Optionally, #omnibox-ui-hide-steady-state-url-path-query-and-ref-on-interaction to show the full URL on page load until you interact with the page.
kapture-2020-08-04-at-18-22-291.gif

Those in Google's Chrome 86 experiment would, for example, only see en.wikipedia.org rather than the full page address.  

Image: Google
RECENT NEWS

Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals

The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more

AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments

Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more

Technology Sector Fuels U.S. Economic Growth In Q2

The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more

Tech Start-Ups Advised To Guard Against Foreign Investment Risks

The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more

Global IT Outage Threatens To Cost Insurers Billions

Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more

Global IT Outage Disrupts Airlines, Financial Services, And Media Groups

On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more