Comments on: SiteChecker brings PhishTank into Firefox

By: PhishTank SiteChecker evita que entres a websites fraudulentos | Zona Firefox

Wed, 23 Jul 2008 10:37:56 +0000

[...] PhishTank es ni más ni menos una red social dedicada a la seguridad, que te protege de los fraudes por phishing. Después de registrarte puedes denunciar sitios de los que sospeches incurran en phishing, revisar las denuncias de otros usuarios y hasta desarrollar programas con la API gratuita del servicio. La extensión PhishTank SiteChecker integra la base de datos de PhishTank en tu navegador, mostrándote una página informativa cada vez que entres a un website que se encuentre en esa base de datos. Desde esa página podrás regresar a la página anterior, ir a tu página de inicio, conocer los detalles del site sospechoso o, a tu riesgo, entrar al site. Adicionalmente verás un icono en la barra de estado que te indicará si el site que estás visitando es seguro o no, y puedes configurarlo para que al hacer click en él vayas a la página de PhishTank o incluso reportes un website fraudulento. Firefox 2 incluye una poderosa herramienta antiphishing, pero nunca está de más un poco de ayuda adicional, ¿verdad? [...]

By: Joao Maciel

Joao Maciel — Thu, 20 Sep 2007 14:39:36 +0000

If you need contributions or translations in Brazilian Portuguese, contact me.
Will definetly add it to my next web app.
My hats off for u guys, great work!

By: Tweak FireFox 2.0! » Firefox 2.0 Extensions » Privacy and Security » PhishTank SiteChecker [3.5.1.2]

Mon, 04 Dec 2006 10:31:27 +0000

[...] Rating: [0 votes] Hits: 12Install Now (38.71 KB)Overview PhishTank SiteChecker gives Firefox users a way to bring the community judgment of PhishTank (http://www.phishtank.com/) into their favorite browser, for extra protection against phishing.SiteChecker comes in English, Swedish, Dutch, Chinese (simplified and traditional), Italian, Spanish, French, German, Croatian, and Brazilian translations right away, with more being developed.Visits to known phishing sites are blocked; the user has the option to continue.Additional features:* Customizable status bar* DualChecking system* Preferences for changing the behavior of the icon click* The ability to turn off the phishing filter* SafeView (this is called continue in the extension) allows you to view the phishing site temporarly before reloading the filter)* An Up-To-Date blacklist using data from PhishTank.* AutoUpdating (the extension will auto update)* Very fast* Free and only 39kb!http://www.phishtank.com/blog/2006/11/03/sitechecker-brings-phishtank-into-firefox/ [...]

By: MASA

MASA — Sat, 02 Dec 2006 01:35:13 +0000

Great idea. I will pass it on.

By: Neil Schwartzman

Neil Schwartzman — Fri, 01 Dec 2006 15:53:49 +0000

I’d suggest they sign their code. That’s a best common practice, and given the nature of the add-on …

By: MASA

MASA — Tue, 21 Nov 2006 23:03:09 +0000

Chris-

Thanks man for using the PhishTest system, that’s really cool. And now here is my really long paragraph about the default phishing filter for all who give a care.

Mozilla took the easy way out with their phishing filter. Why do I say this? Because their phishing filter was really an extension. Seriously. When google started making extensions, they made one called Google SafeBrowsing. This extension made silent requests to google’s database (every 30 min to download a feed like the one big XML data file that phishtank has has [and store the google feed in memory, thus taking more RAM]) and would see if the site is phishing or not. Later, Google Bundled the Extension with their Google Toolbar, and Mozilla desided that they liked Google SafeBrowsing and asked Google to “donate” it to Mozilla. It was later added to the Firefox code in version 2.0.

Yeah, but it all depends on data that is updated every 30 min (however, there is one javascript file in google safebrowsing that suggests that the site can be individually looked up after the url being encoded to what seems 3 times).

It’s best to have two anti-phishing systems as that way you have a fallback if one of them fails to catch a site.

By: MASA

MASA — Tue, 21 Nov 2006 06:14:43 +0000

Ah, I see.

Yeah SiteChecker is like SiteAdvisor but for phishing sites and it’s less obtrusive and big. And it doesn’t natively steal your data (despite what the license currently says [It's being updated for the new method]).

By: Christopher Woods

Christopher Woods — Tue, 21 Nov 2006 02:19:54 +0000

Now here’s something funny…

I just tried one of the random sites which the PhishTankSiteChecker site passes to you, so you can test the widget once it’s installed…

… Now understand, I hadn’t actually installed it at this point…

… And Firefox came up with its own warning:

“Suspected Web Forgery

This page has been reported as a web forgery designed to trick users into sharing personal or financial information. Entering any personal information on this page may result in identity theft or other fraud.

These types of web forgeries are used in scams known as phishing attacks, in which fraudulent web pages and emails are used to imitate sources you may trust. You can find out more about how Firefox protects you from phishing attacks. [the 'how Firefox protects you' is hyperlinked.]

Get me out of here! Ignore this warning [both hyperlinked]“

And below, a small ‘This isn’t a web forgery’ link, which I didn’t click. The ‘how Firefox protects you’ link, however, goes to http://en-us.www.mozilla.com/en-US/firefox/phishing-protection/.

Now, I never even knew that FF2 does this! I still think I’ll install SiteChecker though.

By: craigb

craigb — Sun, 19 Nov 2006 15:06:49 +0000

Joe,

That’s nothing to do with SiteChecker.

If firefox doesn’t handle cookies to your liking, take a look at the CookieSafe extension – it does for cookies what NoScript does for javascript. It has an option to reject third-party cookies.

By: MASA

MASA — Fri, 17 Nov 2006 23:32:53 +0000

What do you mean firefox cookies/bad web sites immunization?

Please explain