That's assuming that it's a simple process to publish a huge list. Keep in mind that Safe Browsing is much more complex than an adblock list. They allow actions from site owners via Search Console, and track many types of threats (phishing sites, malicious downloads).
My guess would be there isn't a simple canonical list, and it's more of a heuristic evaluation where certain thresholds will trigger site warnings.
In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists. It was likely just the more logical choice. Though I'm assuming the new ads functionality uses the same Safe Browsing infrastructure.
>Sure they can say they don't want the offenders to know they are offending
Actually not the case at all. They send alerts to sites that are affected by Safe Browsing via Search Console.
Google Search works like an API. You search the keyword, they run it through their algorithms. There's no download of their entire search index because that would be impossible.
Makes you type-in a single URL. There is no way to use a keyword to get a list of items back. My point is that it should be trivial for google to do this, since this is their core competency.
I fail to understand whats so special about maintaining a tiny list of website URLs that anybody can access at any time? I'd wager you can fit 10+ million URLs per GB. The wayback machine has 300 billion+ pages of full page historical content and you can access all of it. This is entirely within Google's wheelhouse. Certainly, there could be other factors to not handout the list, but I'm merely speaking about the engineering aspect here.
All true. And I have found a place to obtain the list (see other comments). I do think the list as it relates to how the browser uses it is not that complex (is or isn't an "unsafe" or "bad ads" site).
I didn't say they couldn't. What I said is that such a list wouldn't make as much sense because it would always be out of date. A programmer looks at that problem and sees that an API makes more sense.
I downloaded the entire list via the API just fine. What is the difference between an API and a download? Answer: authorization control. It doesn't have to be a fixed file on their side...a URL can serve just what the API does like a download. But then they wouldn't know who wanted it.
My guess would be there isn't a simple canonical list, and it's more of a heuristic evaluation where certain thresholds will trigger site warnings.
In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists. It was likely just the more logical choice. Though I'm assuming the new ads functionality uses the same Safe Browsing infrastructure.
>Sure they can say they don't want the offenders to know they are offending
Actually not the case at all. They send alerts to sites that are affected by Safe Browsing via Search Console.