Chromium Engine to Implement Protective Feature for User Resources
The Chromium engine, which forms part of the Google Chrome browser, will soon add the Private Network Access (PNA) function. This feature will protect users’ internal resources from attempts by malicious websites to breach their security.
Security Risks in Home Networks
Devices in home networks, such as Internet of Things and smart home components, are typically viewed as secure, as they are meant to be inaccessible from the internet. However, in reality, there exist methods through which malicious web resources gain access to devices within these home networks.
PNA as a Solution
The PNA function, based on CORS-RFC1918, offers a solution to this problem. This is a web specification designed to protect sites accessible via private networks (through localhost or local IP addresses) from harmful queries from websites located outside the private network.
How will PNA Function?
PNA aims to resolve this issue in several ways. For example, it anticipates blocking access from sites without HTTPS from outside IP addresses to internal resources. As it is still under development, PNA’s capabilities will progressively increase from executing actions based on request to complete blocking. Ultimately, PNA will operate in the background, keeping the ordinary user undistracted.