Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Blocking Google Image Search?

Posted by ryuzaki0 on from the play-nicely-now dept.

An anonymous reader writes, "I just tried a Google Image Search in IE7 for the first time. Whenever I click on an image, my browser tells me in big bold letters, "This is a reported phishing website." Try it yourself: make sure automatic phishing detection is turned on and do an (adorable) image search; click on one of the result thumbnails. MSN Live Image Search has no such issues. Insert Microsoft evil conspiracy theory here." I get this behavior under IE7, Win XP Pro, SP2, Parallels, Mac OS X.

3 of 253 comments (clear)

  1. Strange by mingot · · Score: 5, Informative

    I just tried it. Works fine.

  2. Re:And your point is? by toopc · · Score: 2, Informative

    Works fine for me in IE7. Turn on Anti-Fisihing, started Google, Image Search "Ferrari". First image opened with no problems.

  3. Re:Meanwhile a bigger conspiracy is afoot by DavidD_CA · · Score: 4, Informative

    No. According to MSDN, only URLs that are not common are sent to the Microsoft server for verification. This list of not-common URLs sit on your machine, and even then only the base of the URL is sent to Microsoft for analysis.

    Here's the blurb from MSDN:

    Phishing Filter does not check every URL on the Microsoft server. It only sends those which are not on a known list of OK sites or those that appear suspicious based on heuristics. If an URL is checked on the Microsoft server, first the URL is stripped down to the path to help remove personal information, then the remaining URL is sent over a secure SSL connection. The communication with the Microsoft server is done asynchronously so that there is little to no effect on your browsing experience.

    So, for example, if you were to visit http://www.msn.com/ nothing will be checked on the Microsoft server because "msn.com" and other major websites are on the client-side list of OK sites. However, let's say the URL looked like this: http://207.68.172.246/result.aspx?u=Tariq&p=Tariq' sPassword, in this scenario phishing filter will remove the query string to help protect my privacy but it will send "http://207.68.172.246/result.aspx" to be checked by the Microsoft Server because 207.68.172.246 is not on the allow list of OK sites. As it turns out, 207.68.172.246 is just the IP address of MSN.com server, so its not a phishing site but this example should help you understand more about how Phishing Filter checks sites on the server.

    But thanks for spreading the FUD.

    --
    -David