All About Safe Browsing

Discussion in 'other software & services' started by Hungry Man, Jan 31, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    http://blog.chromium.org/2012/01/all-about-safe-browsing.html

    Reputation + Heuristics.
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's likely just a Firefox test page so it wouldn't ever be in Chrome - just a way to show Firefox users what the page looks like. It seems to be way back from Firefox 2 so perhaps it just doesn't work anymore.
     
  4. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    Well, let's hope it's just an old page. Does Iron use the same phishing and malware protection as Chrome? What about Firefox?

    I know that Google's malware detectors work because it was Google, via Google Translate (in SeaMonkey's Translator), that informed me that I had contracted a trojan on a Russian site about three years ago. Something SpyBot S&D, Norton & SpywareBlaster missed. Thankfully I had SUPERAntiSpyware.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Iron should use the same thing though it updates less frequently I believe. Firefox should use it as well though for whatever reason Chrome seems to do better in malware blocking - not sure why, there haven't been tests like the one by NSS labs in a long time.

    I've seen Google's SBAPI work many many times.
     
  6. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    Well, it works anyway.
     
  7. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Firefox shares the same webpage reputation service right?
     
  8. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I just checked the above link in Firefox on my Win 7 desktop machine (post #2) & got this:

    Reported Web Forgery!


    This web page at www.mozilla.org has been reported as a web forgery and has been blocked based on your security preferences.

    Web forgeries are designed to trick you into revealing personal or financial information by imitating sources you may trust.Entering any information on this web page may result in identity theft or other fraud.


    No other browser I have tried it in (including Chrome) shows the above warning.
     
    Last edited: Feb 1, 2012
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Firefox does use SafeBrowsing API but they probably have something else in there as well. At least they have the one extra test page.
     
  10. pandorax

    pandorax Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    330
    Firefox takes the list from google, uses same technology. I uninstalled Chrome and installed Firefox. And turned off this protection. That's why they released this article :D
     
  11. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    Well, if the protection is effective, personally I'd rather leave it on.
     
  12. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    I have it turned off as well (in both Chrome and Firefox). I'm relying on Privoxy and my well-developed paranoia to keep me secure.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Why do you have it turned off?
     
  14. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    I once had a capped 'net plan and got the impression that safe browsing consumed more bandwidth than it was worth to me. I had no problem then and have got used to doing without. For people with high speeds and unlimited plans there's no reason to turn off safe browsing.
     
  15. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    It might be time to consider moving from dial-up to broadband in the near future. ;)
     
  16. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    It's between dial-up and genuine broadband = 384 kbps or something like that. K or k? b or B?
     
  17. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    OK. Either way, it was Google's 'Safe Browsing' (via SeaMonkey's inbuilt Google translator) that clocked the trojan that passed through two firewalls (hardware & software), Norton, SpyBot S&D & SpywareBlaster for me. Admittedly, I wasn't using ABP or NoScript at the time, but as much as I moan about many of Google's privacy policies, I can't fault their Safe Browsing filter. It even informed me that my computer had actually been compromised & blocked me from going further on that particular page. It was only SAS that discovered what malware type it actually was when I did a full scan a bit later. I think that kind of protection is worth a bit of bandwidth.
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    How capped? I'm pretty sure updating a text file takes kb of bandwidth, and performing simple checks probably takes even less.

    @Daveski - IDK if Safebrowsing checks for infection but Google Search does. When you search on Google and it notices specific requests/ redirects/ behaviors it will warn you that you're infected and I believe it links you to MBAM/ removal toosl.
     
  19. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    It's been around three years ago now, but I'm pretty sure it was a Google page that opened. It was while using the 'Google Translate' in SeaMonkey (#SM 1.1.12. I think) - Tools - Translate Page (when it still worked in SeaMonkey that is).

    I was surfing in a Russian newspaper clicking on articles that looked interesting, I reckon I may have accidentally clicked an ad, my Russian isn't that good, when a page suddenly opened. It stated that it was a Google warning & that it had detected malware on the page & my computer was very probably compromised. It stopped me going any further for my own safety. I don't remember any links to removal tools, although I am not saying they weren't there. I was so 'gobsmacked' by what I was reading I closed the browser & ran a full Norton scan. I followed this with SpyBot & eventually SUPERAntiSpyware. This was quite a few hours! SAS found the trojan & the next day I downloaded MBAM & ran a full scan. Everything was fine.
     
  20. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,198
    Location:
    Surrey, England.
    "Something Fishy about Google Chrome's Safe Browsing API lab says" : http://www.csoonline.com/article/69...t-google-chrome-s-safe-browsing-api-lab-says-

    "Internet Explorer dominates browser security as Google faces accusations" : https://www.infoworld.com/t/anti-sp...wser-security-google-faces-accusations-185938

     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    lol NSS Labs. Asking around a bit (a few friends) I've found they aren't exactly 100% reliable.

    Important to note.

    Still, interesting that they found Chrome now blocks somewhere about 36% of malware. I'll read the report later/ if it's available.
     
  22. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Interesting development, although expected. I don't really care about Mozilla implementing the improved API, but it should be available to average users who don't really care about privacy, but regularly lacks security.
     
  23. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    But that won't stop us from repeatedly citing their "independent research" :D
     
  24. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    As with the Accuvant report I'll read it and draw my own conclusions. NSS has been a bit too friendly to MS for a bit too long.

    At least they make it somewhat clear that this is only a single metric. Of course they don't look into any other metrics...

    Interesting how they criticize Accuvant for not covering enough and yet their reports focus on the one area that MS exceeds lol
     
  25. guest

    guest Guest

    Baseless suspicion.

    NSS Labs has been focusing on the area that Microsoft now exceeds way before Microsoft "exceeded" on that...
     
Loading...
Thread Status:
Not open for further replies.