{"id":28,"date":"2006-10-24T17:22:27","date_gmt":"2006-10-24T16:22:27","guid":{"rendered":"http:\/\/www.itwriting.com\/blog\/?p=28"},"modified":"2006-10-24T17:22:27","modified_gmt":"2006-10-24T16:22:27","slug":"firefox-20-ie7-both-fail-phishing-test","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/28-firefox-20-ie7-both-fail-phishing-test.html","title":{"rendered":"FireFox 2.0, IE7 both fail phishing test"},"content":{"rendered":"

I’m not in the habit of visiting these sites, but when an email apparently from Bank of America plopped into my inbox a few minutes ago, it seemed the ideal moment to test out my brand new browsers – release versions of IE7 and Firefox 2.0.<\/p>\n

The score is tied at zero for both browsers. Here’s the site in IE7:<\/p>\n

<\/p>\n

Looks good, doesn’t it? No little padlock; so just to be sure I clicked Tools – Phishing filter – Check this website:<\/p>\n

<\/p>\n

Personally I think this dialog is overly reassuring. Further, it strikes me that most sites where you suspect phishing are probably aping a site that uses SSL, so the dialog could usefully alert me to this. Never mind, let’s try Firefox 2.0:<\/p>\n

<\/p>\n

No better, sadly. I tried both the options in the security section, including the scary one that sends all your web activity to Google, but still FireFox failed to warn me that I was about to give away precious financial secrets.<\/p>\n

Luckily I don’t have an account with Bank of America. Still, the lesson here is that that neither browser is magic. There’s a delay between the appearance of a phishing site, and its blacklisting. It’s the same problem with anti-virus signatures: default permit is a broken security model. You have been warned.<\/p>\n

Incidentally I reported the sites in both browsers. No instant change; but I’ll try the url again later.<\/p>\n

PS: see here<\/a> and here<\/a> to see how quickly IE7 and Firefox started detecting this fraudulent site.<\/p>\n

Technorati tags: phishing<\/a>, internet explorer 7<\/a>, ie7<\/a>, firefox<\/a>, security<\/a><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"

I’m not in the habit of visiting these sites, but when an email apparently from Bank of America plopped into my inbox a few minutes ago, it seemed the ideal moment to test out my brand new browsers – release versions of IE7 and Firefox 2.0. The score is tied at zero for both browsers. … Continue reading FireFox 2.0, IE7 both fail phishing test<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[44,75],"tags":[],"class_list":["post-28","post","type-post","status-publish","format-standard","hentry","category-internet","category-security"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/28","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=28"}],"version-history":[{"count":0,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/28\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=28"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=28"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=28"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}