Interesting People mailing list archives
Microsoft anti-phishing tool sends Microsoft a list of sites visited [priv]
From: David Farber <dave () farber net>
Date: Sat, 10 Sep 2005 16:19:30 -0400
Begin forwarded message: From: Declan McCullagh <declan () well com> Date: September 10, 2005 2:32:49 PM EDT To: politech () politechbot comSubject: [Politech] Microsoft anti-phishing tool sends Microsoft a list of sites visited [priv]
-------- Original Message --------Subject: Microsoft anti-phishing tool sends Microsoft a list of sites visited
Date: Thu, 8 Sep 2005 14:56:33 -0700 From: Joshua Weinberg <joshua () theWeinbergs com> Reply-To: <joshua () theWeinbergs com> To: <declan () well com> Declan, for Politech if you'd like. This article says that Microsoft's new anti-phishing filter will work bysending Microsoft the address of every site visited that is not already on a
safe/unsafe list. It quotes the EFF worrying that this is "a wholesale handing over of one's privacy to Microsoft."I'm surprised I have not seen much else on this in the press or from privacy
advocates. Thanks, -joshua Joshua Weinberg joshua () theWeinbergs com Does anti-phishing tool angle for too much data?http://www.dallasnews.com/sharedcontent/ptech/ generalstories2/082705ccdrptechphishing.3eb9bea7.html (registration required)
August 27, 2005 By MIKE GOLDFEIN / The Dallas Morning NewsMicrosoft Corp. will soon release a security tool for its Internet browser
that privacy advocates say could allow the company to track the surfing habits of computer users. Microsoft officials say the company has no intention of doing so.The new feature, which Microsoft will make available as a free download within the next few weeks, is prompting some controversy, since it will tell
the company what Web sites users are visiting.The browser tool is being called a "phishing filter." It is designed to warn
computer users about "phishing," an online identity theft scam.The Federal Trade Commission estimates that about 10 million Americans were
victims of identity theft in 2005, costing the economy $52.6 billion.But privacy groups are already raising questions about how this feature will work, and some computer security experts are questioning whether it will be
effective.Phishing fraud normally begins when computer users receive e-mails appearing
to be from banks, eBay, or credit card companies, requesting account updates.Links are provided to Web sites that seem legitimate. Unwary users are duped
into giving up their Social Security, credit card and banking account information.In an effort to protect Internet users, Microsoft's anti-phishing tool is
designed to verify the safety of every Web site and to issue warnings ifusers encounter a suspected or known phishing site. It will use a three-step
process.First, the browser will automatically check the address of every Web site a user visits against a list of sites Microsoft has verified to be legitimate.
This list will be kept on users' computers. If no match is found, the Phishing filter will send the address toMicrosoft, where it will be checked against a list of known phishing sites that the company intends to update every 20 minutes. A match will trigger a
warning that will pop up in the browser. [...remainder snipped...] _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Microsoft anti-phishing tool sends Microsoft a list of sites visited [priv] David Farber (Sep 10)