Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google's blacklisted url database (phishing url database)

From: "Ronald MacDonald" <ronald () rmacd com>
Date: Thu, 4 Jan 2007 14:56:10 +0000
12. What information is sent to Google when I enable the Enhanced

Protection Feature?


When enabled, the entire URL of the site that you're visiting will be

securely transmitted to Google for evaluation. In addition, a very condensed
version of the page's content may be sent to compare similarities between
authentic and forged pages. For example, if the condensed 'fingerprint' of
the page you are visiting matches the 'fingerprint' of a popular bank's site
but the page's URL is different, that's a good sign that the page you are on
is designed to mislead users.


<snip>

well, there we go - that's google's response to the problem, and I
suppose it's hardly google's fault if we use crap passwords anyway.

BUT at the same time, it springs to mind, why would google opt for a
mechanism which sends all of this information, in plain text, to the
client? surely it would be possible to run the site checking mechanism
server-side, and if not, at least make it a bit more difficult to get
to the data?

I didn't spend too much time reading how the information was gathered,
but I'm guessing it was just your standard interception through a
paraos-type proxy. However, this begs the question of how much
personal data google should be allowed to store - let *alone* send it
to other users of the internet.

Regards,
Ronald.

-- 
Ronald MacDonald
http://www.rmacd.com/
0777 235 1655

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: