Cookies set by the Safe Browsing servers to
    protect the service from abuse are stored in
    a separate cookie jar so that they are not
    mixed with regular browsing/session cookies.

And how are these cookies cleared? Seems like as soon as some sort of ID appears in one of these cookies, XKeyScore will track your every (physical) move with it even if you take care to delete all your regular cookies and don't browse the same sites on different networks. Why does this protocol even allow for cookies to be set at all in the first place?

Since Firefox 41 [1] Safe Browsing traffic all uses https, so it should not be vulnerable to passive collection techniques like XKeyScore.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1109475

> Why does this protocol even allow for cookies to be set at all in the first place?

The answer is right there in the sentence you quoted: "to protect the service from abuse". How that's supposed to work (i.e. how cookies are supposed to protect against abuse) is another question.

> And how are these cookies cleared?

They are cleared the same way as normal cookies: they are visible in the cookie manager where they can be manually deleted, and they are generally included in all of the other cookie-clearing mechanisms.

You can find out more about the ways to control cookies in Firefox here: https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-pri...

By default, doesn't firefox query OCSP responder for every TLS connection (unless the server offers OCSP stapling [1]) ? The privacy implications are pretty similar to Safe Browsing.

[1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-i...

Not quite. In the case of OCSP, in the absence of OCSP stapling, all TLS connections are verified with an external server(s).

In that case of SafeBrowsing however, as noted in the article, for those URLs whose hash prefix doesn't match one of the hashes on one of the blacklists, the browser doesn't contact any other server. Only when there's a partial match does the browser ask for a full hash from the SafeBrowsing server.

Source: I'm a Chrome SafeBrowsing engineer.

How does it compare to other browsers? Does Chrome, Opera or IE/Edge use similar (or better) techniques?

Chrome SafeBrowsing engineer here.

Google has published the protocol that clients need to follow to fetch updates from the SafeBrowsing servers here: https://developers.google.com/safe-browsing/developers_guide...

Both Chrome and Firefox implement that protocol. I believe Edge uses Microsoft's own service. Not sure about Opera.

Why doesn't this use a bloom filter? It seems like an ideal application for that data structure.

A Quora answer to this question linked to this Google Chrome commit: https://bugs.chromium.org/p/chromium/issues/detail?id=71832

In short, it says that the prefix set uses less memory than a bloom filter.

It seems to be saying that they first used bloom then switched to save space.

Very informative. Thanks for locating that!

"Safe browsing" is one of the first things I turn off when installing a new profile in a browser. I personally dislike any commercial service turned on by default in my software that continually and without my consent pings back to some place on the net - using my real IP address and leaking anything remotely related to destination addresses. And cookies?

I think there should be better ways of protection than trusting such a service anyway.