You'll be interested to know that Safe Browsing was introduced in Firefox 2 in 2006, and the malware check feature was introduced in 2014! I suggest you search using your favorite search engine to see how this feature works while also preserving the privacy of your URLs and downloads. It uses hashing! Here's a good link, I suggest you scroll down to the Privacy section and read carefully: https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-...

Yes, but the phrasing about being "more proactive" seems to suggest that perhaps this approach has now been adjusted.

However, according to Bugzilla [0] it seems to be about blocking HTTP downloads on all pages compared to previously only blocking HTTP downloads on HTTPS pages, and then someone tweaked the wording to add the sinister-sounding part about being "more proactive".

[0] https://bugzilla.mozilla.org/show_bug.cgi?id=1877195#c12

More likely it either keeps a local copy of the DB or sends a hash.

I would imagine it syncs down block lists rather than checking each download with a 3rd party.

Bloom filter or cuckoo hash.

They could just pass the browser a blocklist?