Firefox 2.0 Wins Phishfight Against IE7

An anonymous reader writes "A new study that pitted the anti-phishing technology in Firefox 2.0 against that of IE7 generated some interesting results. From the Washingtonpost.com story: 'Firefox blocked 243 phishing sites that IE7 overlooked, while IE7 locked 117 sites that Firefox did not.' Microsoft responded by pointing to its own supposed comparison study that put it in front of Mozilla and others in phish fighting, but the story notes: '3Sharp, the company that authored the Microsoft study, clearly state on their site that their goal in creating 3Sharp was "to use the robustness, flexibility, and sheer native capabilities of the Microsoft communication and collaboration technologies to enhance the business of our customers."'"

It's really Google vs. Microsoft

[SimplexO]

It's really Google vs. Microsoft because Firefox 2 essentially integrated Google's Safe Browsing extension into the core browser. And while Firefox has the ability to change phishing-list providers (Tools -> Options -> Security), the only one it ships with is from Google.

Re:A suggested improvement

[LiquidCoooled]

Its pretty hard to miss.

Here is the hard-coded example of a phishing site from firefox: its-a-trap!.

The info is here

Re:If these are known phishing sites...

[jfengel]

They come and go very quickly. Shutting something down legally is a tremendous hassle. You have to go to a judge and get a court order to do it. You have to find the ISP responsible for hosting it, assuming its in a jurisdiction you can get a hold of. You have to get the ISP to pay attention to you in the first place.

It's probably a few hours of work, and then 30 seconds later the same site appears elsewhere. Marking it as "phishing" in a database doesn't have any due process protections, but it's not as severe as shutting it down.