Here are some interesting things

Powered by Blogger

Friday, December 16, 2005

Google’s Dodgy New Firefox Extension

Google just released a new Firefox extension called “Safe Browsing for Firefox”. From the 'Introduction' section of the plug-in website, here is what it does:

'Google Safe Browsing is an extension to Firefox that alerts you if a web page that you visit appears to be asking for your personal or financial information under false pretences. This type of attack, known as phishing or spoofing, is becoming more sophisticated, widespread and dangerous. That's why it's important to browse safely with Google Safe Browsing. By combining advanced algorithms with reports about misleading pages from a number of sources, Safe Browsing is often able to automatically warn you when you encounter a page that's trying to trick you into disclosing personal information.'

Good enough. I clicked on the FAQ section of the web-site to learn how the extension works, and here is the explanation given:

'6. How does Google know a page is bogus?
We use several techniques to determine whether a page is genuine, including the use of a blacklist containing pages that have been identified as suspicious and/or misleading based on automated detection or user reports. Our software also examines pages' content and structure in order to catch potentially misleading pages. Google Safe Browsing can't offer perfect protection, so you should always be on the lookout for indications that a site isn't what it appears to be. But Google Safe Browsing can help identify and protect you against many of the sites designed to trick users.'

techie explanation ...

Then the conclusion:

This extension is designed to help protect users from illegitimate resources, but the irony is that it has the potential to expose sensitive information about you when you visit legitimate resources!

Bit of a bugger. Your anti-nasty-site toolbar from your trusted friend Google sends all your sensitive info (including credit card numbers, etc. ) in plain text because of bad programming.

I wonder if other anti-nasty-site toolbars such as eBay's do the same thing?



Post a Comment

<;p class="comment-timestamp"> << Home