Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 3 Antiphishing Sends Your URLs To Google

Posted by kdawson on from the clickstream-of-the-world dept.

iritant writes "As we were discussing, Gran Paradiso — the latest version of Firefox — is nearing release. Gran Paradiso includes a form of malware protection that checks every URL against a known list of sites. It does so by sending each URL to Google. In other words, if people enable this feature, they get some malware protection, and Google gets a wealth of information about which sites are popular (or, for that matter, which sites should be checked for malware). Fair deal? Not to worry — the feature is disabled by default."

5 of 296 comments (clear)

  1. And Google does it again! by lecithin · · Score: 4, Interesting

    Does anybody remember Google Web Accelerator? This also came out with the 'selling point' that it would help the customer:

    http://slashdot.org/article.pl?sid=05/05/04/2223238&tid=217

    Google has your mail. They have your searches. Now they are going for your browsing history.

    Add it all together and you have a lot of business intelligence. Time to target consumers and influence opinions?

    Smart yes, but still quite scary.

    What information are they going to collect next? What are they doing with all the information that they are already collecting?

    --
    It could be worse, it could be Monday.
    1. Re:And Google does it again! by TorKlingberg · · Score: 4, Interesting

      How about http://www.bankofarnerica.com/?

    2. Re:And Google does it again! by Zaatxe · · Score: 5, Interesting

      Here in Brazil, Petrobras gasoline stations have the brand BR over a green and yellow pair of stripes. And then somebody had the idea of branding their gasoline stations 13R, using a font almost impossible to tell the differrence between BR and 13R. And of course this 13R stations sell very low quality fuel...

      But you don't need to believe me, you can believe your own eyes. This is the 13R station and This is a real BR station.

      --
      So say we all
  2. Re:Already there by Todd+Knarr · · Score: 4, Interesting

    Because http://thief.com/login.html and http://thief.com/Login.html both hash to radically different values, but both have in the plaintext a characteristic fingerprint of a phishing attempt. A service that gets the plaintext can trivially identify both, but a service that only gets a hash would be fooled by the second if it only had seen the first before.

  3. Re:Does a master list exist? by elyk · · Score: 5, Interesting

    In firefox 2.0, if you look in preferences > security, there are two options for antiphishing. One is the "use a downloaded list" option, and the other is the "check by asking google for each site I visit". But the word google is a dropdown box - it appears that there will eventually be more choices, but they haven't made deals with (or been offered money from, depending on how cynical you are) other providers yet.

    --
    MS-DOS: Most Severe Denial of Service
    Free Online Backup