Firefox anti-phishing feature - how "safe" is it?

View previous topic View next topic Go down

Firefox anti-phishing feature - how "safe" is it?

Post by Ruhe on 30/1/2011, 03:30

My Firefox sandbox has these settings

...
Template=Firefox_Cookies_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=Firefox_Bookmarks_DirectAccess
Template=BlockPorts
Template=Firefox_Force
...
OpenFilePath=firefox.exe,%Local AppData%\Mozilla\Firefox\Profiles\*\Cache\*
OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\NoScriptSTS.db
OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\formhistory.sqlite
OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\adblockplus\patterns.ini
OpenFilePath=D:\Downloads\
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by ssj100 on 30/1/2011, 03:34

Yes, it's there by default. Any reason in particular you're keeping it there Ruhe?

EDIT: never mind, it seems you don't mind OpenFilePath rules.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by Ruhe on 30/1/2011, 03:36

Yes, as I have both options ("Block...") enabled in Firefox. And to make use of both options the file has to be updated.

@your edit: Hey, I still want "use" the software (Firefox in this case). It's not all about security. There is still something like usability.
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by ssj100 on 30/1/2011, 03:39

Yes mate, I was merely looking for a "show of hands".

Do you think the Firefox anti-phishing database is really useful to you?

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by Ruhe on 30/1/2011, 04:01

As long as there is no problem by opening access to this file (I don't see one), why not make use of these features?! In other words, there is more a benefit to keep both enabled than deactivating them.
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by ssj100 on 30/1/2011, 04:16

I think my browser stability has been better since disabling those Firefox features.

With regards to security, I suspect only professional malware writers will know whether there is a "problem" or not.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by p2u on 30/1/2011, 11:28

Ruhe wrote:why not make use of these features?!
Although it's off-topic here, but I can think of at least a couple of reasons:
1) every link, every site, everything you do is sent "home" to Google and compared to their database. I am not comfortable with that. I just don't want to be "profiled". Period.
2) when everything on your computer goes online automatically, all the time and without control, that's just irrational usage of resources, lots of "background noise", etc., even if you have a broadband connection with no traffic limits. I'm sure we will be punished for walking with our heads "in the cloud".
3) from the security point of view it's just misleading and causes unnecessary censorship. Infection rarely comes from first parties; it's almost always a third-party link on a domain that leads to infection. Why not block that instead and leave the first parties alone? You have NoScript that does that for you.
4) As soon as they start blocking themselves (Yahoo, Fox and Google Inadvertently Spread Malware through Ads), I'll jump in and use their services. For the time being, though, their ads lead to first-party infectors (mainly fake-AV etc.). If you want evidence of this, just ask and I'll give it to you.
P.S.: I do have the MVPS hosts file, which blocks mostly really bad advertising channels, trackers and aggressive p0rn resources. Not ideal, I know, but closer to what I call a rational approach.

Paul

p2u
Valued Member
Valued Member

Posts : 211
Join date : 2010-12-14

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by Ruhe on 30/1/2011, 15:28

p2u wrote:1) every link, every site, everything you do is sent "home" to Google and compared to their database.
No, the URLs are checked against the local database, urlclassifier3.sqlite
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by p2u on 30/1/2011, 15:41

Ruhe wrote:
p2u wrote:1) every link, every site, everything you do is sent "home" to Google and compared to their database.
No, the URLs are checked against the local database, urlclassifier3.sqlite
Which is updated to abnormal proportions not when you tell it, but every x minutes, yes. Together with "suggestions" and "autocomplete", that's a lot of Google traffic, I can tell you for sure. I check that stuff with a sniffer... Wink

Paul


Last edited by p2u on 30/1/2011, 15:43; edited 1 time in total

p2u
Valued Member
Valued Member

Posts : 211
Join date : 2010-12-14

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by Ruhe on 30/1/2011, 15:43

Firefox 3 contacts Google at each startup to get an updated list of known phishing websites and updates the same in the urlclassifier3.sqlite file.
Added to it is the fact that upon each startup, FF contacts the Google servers to get an updated list
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by p2u on 30/1/2011, 15:49

Ruhe wrote:
Added to it is the fact that upon each startup, FF contacts the Google servers to get an updated list
Only at startup? Better check that with a sniffer.
http://www.mozilla.com/en-US/firefox/phishing-protection/
According to Mozilla, the norm = every 30 minutes. I repeat: that's the norm.
P.S.: @ the administrator:
It's probably best to move this discussion to another topic, since it has nothing to do with Sandboxie.

Paul

p2u
Valued Member
Valued Member

Posts : 211
Join date : 2010-12-14

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by MrBrian on 8/2/2011, 05:19

Ruhe wrote:
p2u wrote:1) every link, every site, everything you do is sent "home" to Google and compared to their database.
No, the URLs are checked against the local database, urlclassifier3.sqlite

That's true, but with one wrinkle: if a given site is in the local database, an additional check is made to the online database, to make sure the given site is still blacklisted.

MrBrian
Member
Member

Posts : 14
Join date : 2010-07-01

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by p2u on 8/2/2011, 11:16

MrBrian wrote:if a given site is in the local database, an additional check is made to the online database, to make sure the given site is still blacklisted.
That's right. Besides, their blacklisting scheme sucks. The funny thing is that Google Adsense advertises fake anti-viruses, even on security-related resources, and nobody does anything about them. That's why I get a feeling sometimes that most of those online "services" claiming to help you are just another way to get user data...

Paul

p2u
Valued Member
Valued Member

Posts : 211
Join date : 2010-12-14

View user profile

Back to top Go down

Re: Firefox anti-phishing feature - how "safe" is it?

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum