Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Sponsors Antiphishing Bakeoff

Posted by ryuzaki0 on from the here-phishie-phishie dept.

uniquebydegrees writes, "InfoWorld is blogging about the (predictable) results of a Microsoft-sponsored antiphishing technology bakeoff. From the TechWatch blog: 'Microsoft's Phishing Filter (MPF) in IE 7 Beta 3 received the highest "composite score" at 172, followed closely by NetCraft's toolbar with a composite score of 168. But when you dig into the numbers, another story emerges... IE's MPF antiphishing toolbar doesn't top out any of the individual tests that make up the composite score... So how did MPF end up on top?... Microsoft didn't do the best job of spotting phish sites, but it did do the best job of blocking the ones it did spot, and blocking was what garnered the most points... Blocking a phishing Web site earned you twice as many points as just warning about it in this test, but is blocking really twice as effective as just warning users?'"

21 of 94 comments (clear)

  1. What a silly question. by Saint+Aardvark · · Score: 4, Funny

    ...but is blocking really twice as effective as just warning users?

    No, of course not. That's why I tape the root password for the file server to users' monitors, but warn them strongly not to use it.

    --
    Carousel is a lie!
  2. What do most users do when they get a warning box? by chroot_james · · Score: 4, Insightful

    "What is this window doing here?! I just want to get to paypal already..." *clicks ok* "There. Now I can finish this ssn and cc verification..."

    --
    Reality is nothing but a collective hunch.
  3. I hate slashdot so much by anotherone · · Score: 5, Insightful

    If anything, blocking a site should be worth more than double, since most people I know seem to just ignore warning dialogs.

    --
    Username taken, please choose another one.
    1. Re:I hate slashdot so much by jrumney · · Score: 3, Insightful

      If anything, blocking a site should be worth more than double, since most people I know seem to just ignore warning dialogs.

      My first thought was that the false positive rate is probably going to be about the same as WGA, blocking far too many sites, but you're right. The ideal solution would be to have it configurable and default to blocking, since the users who click through without reading are probably not going to go anywhere near the Options dialog.

  4. BS composite scores didn't make a huge difference. by dtfinch · · Score: 3, Informative

    Disregarding their arbitrary scoring BS, and only looking at detection percentages, IE7 still did a good job, as expected from a Microsoft commissioned study.
    GeoTrust TrustWatch caught 99%, but had a 32% false positive rate.
    IE7 - 89%
    Netcraft Toolbar - 84%
    EarthLink ScamBlocker - 64%
    Firefox/Google - 53%
    eBay Toolbar - 46%
    Netscape 8.1 - 28%
    McAfee Site Advisor - 3%

    How they came out with only 89% when they selected the sites themselves is anyone's guess.

  5. Stupid questions by Solkre · · Score: 3, Insightful

    Why do all article descriptions end with a stupid question?

    And for those who disagree, there ARE stupid questions.

    1. Re:Stupid questions by kfg · · Score: 3, Funny

      Q.E.D. :)

      KFG

  6. Actually.... by zappepcs · · Score: 3, Insightful

    It is the blocking part without user interaction that provokes that 'just click ok' reflex all the time. When the OS (or any machine, service, etc.) coddles the user to the point that they don't know what they are doing, or having the computer do, it breeds ignorance. No, I'm not dumb enough to think that all computer users must be sysadmins, but software that deepens their ignorance is not good software. Intelligent software should tell user's what is happening, why(if possible), and what the software can do about it, and/or what the user should do about it. I know that clippy was pretty annoying, but a less annoying and more intelligent approach like clippy would help user's to make better security decisions in the future. Just two cents worth.

    --
    Support NYCountryLawyer RIAA vs People
    1. Re:Actually.... by merreborn · · Score: 2, Insightful

      As much as I'd love to agree with you, your average user doesn't *care* what the computer's doing, or what their options are. They just want their email. They don't *want* to know any more than they absolutely have to.

      That, bundled with way too many dialogs asking them questions they don't know the answers to, has resulted in the "Just click yes" reflex.

      By way of example -- the first time you submit a form in any browser, you get that "You're about to send unsecured information over the internet!" dialog. Do you know *anyone* who's ever pressed anything other than the "Never tell me this again" button?

      Sure, it tells the user exactly what the computer's doing, but honestly, it's just not useful. Either you already understand what that means, and don't need the dialog at all, or you haven't a god damn clue -- in which case, a 12-word dialog isn't really going to educate you on HTTP, packet sniffing, SSL, and HTML forms.

  7. Re:Do a lot of people still get phished? by xenoarch · · Score: 3, Informative

    untill December of last year i was a sysadmin for a large ISP, and when i left we still had 30+ phsing scams caught per day. Phishing is a social hack, and those are always more effective then just plain tech hacks. And yes blocking is more effective then warning.

  8. Sadly, yes by Angst+Badger · · Score: 2, Insightful

    [...] but is blocking really twice as effective as just warning users?

    While I am loath to say anything positive about Microsoft, I'd have to agree with the scoring. Most end-users, especially the developmentally challenged ones that are prone to phishing scams, simply do not read warnings. If someone is drooling, it does no good to tell them. Just wipe their chin.

    --
    Proud member of the Weirdo-American community.
  9. Re:Do a lot of people still get phished? by porcupine8 · · Score: 3, Interesting
    Just a few months ago, someone "broke into" my sister's PayPal account, and from there her bank account.

    A couple of months after the fact, my mom let slip that not only was this actually because she fell for phishing, but my mom had fallen for the same email - luckily, they didn't get to her bank account. (Mainly b/c when my sister discovered what had happened, my mom ran to cover her ass.)

    I wanted to whack them both upside the head. But trust me, they are far more representative of the average user than you or I.

    --
    Warning: Apple/Nintendo fangirl. Likes her electronics cute & cuddly. May be rabid.
  10. Yes... by loraksus · · Score: 2, Insightful

    Because your average user is stupid and will click away any phishing warning, especially if the email says "You may see a dialog like this, click yes/ignore (just like installing your printer, scanner, tv card, etc drivers)"

    I really don't want to advocate handholding, but some people really do need it..

    --
    1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcfv gbhnjmk,l.;/
  11. Template for MS Slashdot Articles by derrickh · · Score: 4, Insightful

    Microsoft did something right...but is that something actually not wrong?

    Microsoft performed well...but is performing well more important than performing badly?

    Microsoft isnt all bad...but is not being bad the same as being good?

    D

    --
    The first, last, and only tech news site on the net
  12. Re:BS composite scores didn't make a huge differen by GBWisc · · Score: 2, Funny

    Don't you think 99% or 100% would have been a little "phishy"?

  13. Re:Do a lot of people still get phished? by jd142 · · Score: 2, Informative

    I get calls from people asking about emails from banks that they don't even do business with!

    Them: I got a message from XYZ bank that my account is frozen. Do you think it is a scam?
    Me: Do you have an account with XYZ?
    Them: No, I've never done any business with them.
    Me: Then you can be very sure it's a scam.

  14. Re:Do a lot of people still get phished? by kers · · Score: 2, Interesting

    I am curious, how did they "get to her bank account"? A lot of my international friends have this scare of people getting to know their bank account number and I can't understand why. Is it really that easy to pull money from an account that *belong to another person*? Over here I need a valid ID or a PIN-secured cryptographic device (that look like a simple pocket calculator) just to move money between my own accounts. Is bank security really that terrible?

    --
    life in low-res
  15. False positives = bad site design? by G4from128k · · Score: 2, Interesting

    GeoTrust TrustWatch caught 99%, but had a 32% false positive rate.

    I'd be interested to know about these false positives. I'd bet that some legitimate sites use designs that are are hard to distinguish from phishing sites. I would argue this is bad.

    Perhaps GeoTrust is right and the false positive sites are wrong.

    --
    Two wrongs don't make a right, but three lefts do.
  16. Re:Do a lot of people still get phished? by merreborn · · Score: 4, Interesting

    My fiance just started as a teller at a Wells Fargo. She says that people come in with questions exactly like that every single day, along with "I need a cashiers check to send to this nice man in Nigeria", and

    "I just got an email saying I won the Canadian Lottery, and I need a cashiers check for $4,000 to cover the taxes"
    "Did you ever _enter_ the Canadian lottery?"
    "No."
    "I hate to tell you this ma'am, but it's a scam."

    Every god damn day.

  17. Yes, if you want to win the bakeoff by EmbeddedJanitor · · Score: 2, Insightful

    Of course the rules have been twisted to get the MS offering on top. It 2x had not worked, then it would have been 3x or 10x or whatever mgic multiplier would have got the MS device on top.

    --
    Engineering is the art of compromise.
  18. Results by shiyun074238 · · Score: 2, Informative

    The results of the study as below:
    1. Internet Explorer 7 Beta 3 RC3 with Microsoft Phishing Filter with a score of 172 points
    2. Netcraft Toolbar with a score of 168
    3. Google Safe Browsing on Firefox with a score of 106
    4. eBay Toolbar with a score of 92
    5. Earthlink ScamBlocker with a score of 76
    6. GeoTrust TrustWatch with a score of 67
    7. Netscape 8.1 with score a of 56
    8. McAfee Site Advisor with a score of 3

    Check http://www.3sharp.com/projects/antiphishing/