[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <312f7d5f0701040056p32492303ue40578543da10ddf@mail.gmail.com>
Date: Thu, 4 Jan 2007 16:56:31 +0800
From: "Am Razak" <pinangs@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Google's blacklisted url database (phishing
url database)
Sent to the wrong place.... sorry.
On 1/4/07, Am Razak <pinangs@...il.com> wrote:
>
> Checked Google page
>
> it says that entire URL will be transmitted to Google. If the site
> authentication is posted on the URL, it will be captured by google.
>
> GOOGLE SAYS......
> 12. What information is sent to Google when I enable the Enhanced
> Protection Feature?
>
> When enabled, the entire URL of the site that you're visiting will be
> securely transmitted to Google for evaluation. In addition, a very condensed
> version of the page's content may be sent to compare similarities between
> authentic and forged pages. For example, if the condensed 'fingerprint' of
> the page you are visiting matches the 'fingerprint' of a popular bank's site
> but the page's URL is different, that's a good sign that the page you are on
> is designed to mislead users.
>
> If you disable Enhanced Protection, no information about the pages you
> visit will be sent to Google unless you visit a page Google Safe Browsing
> identifies as potentially unsafe. In this case, we will only send the action
> you choose to take to help refine our anti-phishing algorithms. Please note
> that enabling Enhanced Protection gives the Google Safe Browsing extension
> access to the most up-to-date fraud information about each page you visit.
>
> Please see our Privacy Notices<http://www.google.com/tools/firefox/extensions_privacy.html>for privacy information regarding Google Safe Browsing
>
>
>
> On 1/4/07, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote:
> >
> > Stan Bubrouski wrote:
> >
> > > You're forgetting that gmail has a feature to report phishing
> > > messages, that alone could give google quite a list of phishing sites
> > > given its userbase.
> >
> > _And_ the "Report Web Forgery..." option in Firefox' Help menu also
> > reports the suspect URL to Google at:
> >
> > http://www.google.com/safebrowsing/report_phish/
> >
> >
> > Regards,
> >
> > Nick FitzGerald
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists