Firefox's Phishing Filter

[Ehtyar]

Hi all.

Firstly, for those of you who aren't aware, Firefox 3 includes a mechanism to protect its users from harmful websites. It is called "Phishing Protection" or as it was previously known, "Safe Browsing". This service operates by sending a request to a specific Google server, namely sb.google.com, for a list of identified harmful websites. Every half-hour (see Update Interval) thereafter, the request is repeated to ensure the list is up-to-date.
When a user hits one of the websites specified in the Phishing Filter list, they are warned and given the option to either ignore the warning, or navigate away from the suspect site. Either response sees Google notified of the selected action, and the site it related to (see User Response). Google claim that this is necessary and is not some "smoke and mirrors attempt to violate privacy". I can't really see anywhere in Mozilla's Need for Data Collection section an acceptable justification for this, personally all they'd need to make the service useful is the possibility to report false positives.
Perhaps I'm being paranoid or maybe others think this is a little fishy also..what do you think?

Ehtyar.

P.S. If you'd like to see the requests being made in realtime, download Live HTTP Headers for Firefox > 1.0.

[Lashiec]

Mmmm, are we sure that this is what Firefox 3 is doing right now? The sites you're linking to provide information about how the mechanism works in 2.x, not 3.x, and I don't see they were updated for the new version, maybe because the feature works in the same way in 3.x, or maybe because they're lazy to update it.

In any case, I think it's an acceptable compromise, the URL is only submitted when you encounter a phishing site, and frankly, in the case of these kind of pages, I don't see a privacy concern. It would be a good idea to submit only the domain, but the URL is also OK when it comes to this (mostly because phishing sites usually don't have anything else than a front page).

But there's a problem. The safe browsing feature was also expanded to include malware-infested sites, and perhaps not many people would be happy that Google knows about their ventures on warez and/or porn sites. While the current way safe browsing works is much better than the Google-backed option in Firefox 2.x (which meant your entire history was seen by Google), the explanation given by Google in the wiki (that again, could not be correct with 3.x) is at least nonexistent.

"We need to collect these information to improve our statistics". What's the ultimate outcome of this? In which way is Google using the information users are submitting to improve the service they're providing?

"You don't have to contribute any info to the service if you do not want", but from what I understand, this is unavoidable if you encounter a "bad" site, as it's performed automatically whatever option you choose, well, I guess if you close the tab nothing is submitted then.

While it's the typical Google behavior, perhaps the Mozilla team should try to provide the technical details over how everything works, at least for the sake of information, which would be beneficial to clear a bit my perception that maybe Google ways are getting too much presence in the Firefox project.

[Ehtyar]

I realize the links I provided relate to Firefox 2.x, though as far as my research has taken me, the behavior appears unchanged in Firefox 3.x, though I do submit that my research is not near thorough enough to rule out altered behavior altogether.
The name Phishing Filter is indeed misleading due to the fact, as you pointed out Lash man, that it now includes malware protection also, which would indeed be triggered by sites you'd most likely not wish google to know you visit/frequent.

"We need to collect these information to improve our statistics". What's the ultimate outcome of this? In which way is Google using the information users are submitting to improve the service they're providing?

-Lashiec (July 06, 2008, 10:30 AM)

That was the main issue I took to the provision of this service.

"You don't have to contribute any info to the service if you do not want", but from what I understand, this is unavoidable if you encounter a "bad" site, as it's performed automatically whatever option you choose, well, I guess if you close the tab nothing is submitted then.

-Lashiec (July 06, 2008, 10:30 AM)

Indeed.

While it's the typical Google behavior, perhaps the Mozilla team should try to provide the technical details over how everything works, at least for the sake of information, which would be beneficial to clear a bit my perception that maybe Google ways are getting too much presence in the Firefox project.

-Lashiec (July 06, 2008, 10:30 AM)

I have to say as much as I have developed a tawdry love affair with Mozilla, I'm rather disappointed they would allow themselves to be involved in something this invasion-of-privacy-y.

Ehtyar.

[Lashiec]

Just checking this morning the release notes of 3.0.1, and I noticed a link to the SafeBrowsing privacy policy. I wish that Google would discard so soon logs from their other services.

[Ehtyar]

For those of you unaware of to what lash man is referring, check this out.

Ehtyar.

[Lashiec]

Yeah, but Viacom and Google agreed to anonymize user information before handing out the info, otherwise Viacom would be suing the entire Internet. Not that it changes the fact that the information is still there.

[Ehtyar]

Not that it changes the fact that the information is still there.

-Lashiec (July 17, 2008, 08:57 AM)

That's mainly what I was getting at, yes.

Ehtyar.