[Gllug] Microsoft anti-phishing tool sends Microsoft a list of sites
M.Blackmore
mblackmore at oxlug.org
Sat Sep 10 20:49:46 UTC 2005
-------- Original Message --------
Subject: Microsoft anti-phishing tool sends Microsoft a list of sites
visited
Date: Thu, 8 Sep 2005 14:56:33 -0700
From: Joshua Weinberg <joshua at theWeinbergs.com>
Reply-To: <joshua at theWeinbergs.com>
To: <declan at well.com>
Declan, for Politech if you'd like.
This article says that Microsoft's new anti-phishing filter will work by
sending Microsoft the address of every site visited that is not already
on a
safe/unsafe list. It quotes the EFF worrying that this is "a wholesale
handing over of one's privacy to Microsoft."
I'm surprised I have not seen much else on this in the press or from
privacy
advocates.
Thanks,
-joshua
Joshua Weinberg
joshua at theWeinbergs.com
Does anti-phishing tool angle for too much data?
http://www.dallasnews.com/sharedcontent/ptech/generalstories2/082705ccdrptechphishing.3eb9bea7.html
(registration required)
August 27, 2005
By MIKE GOLDFEIN / The Dallas Morning News
Microsoft Corp. will soon release a security tool for its Internet
browser
that privacy advocates say could allow the company to track the surfing
habits of computer users. Microsoft officials say the company has no
intention of doing so.
The new feature, which Microsoft will make available as a free
download
within the next few weeks, is prompting some controversy, since it will
tell
the company what Web sites users are visiting.
The browser tool is being called a "phishing filter." It is designed to
warn
computer users about "phishing," an online identity theft scam.
The Federal Trade Commission estimates that about 10 million Americans
were
victims of identity theft in 2005, costing the economy $52.6 billion.
But privacy groups are already raising questions about how this feature
will
work, and some computer security experts are questioning whether it will
be
effective.
Phishing fraud normally begins when computer users receive e-mails
appearing
to be from banks, eBay, or credit card companies, requesting account
updates.
Links are provided to Web sites that seem legitimate. Unwary users are
duped
into giving up their Social Security, credit card and banking account
information.
In an effort to protect Internet users, Microsoft's anti-phishing tool
is
designed to verify the safety of every Web site and to issue warnings if
users encounter a suspected or known phishing site. It will use a
three-step
process.
First, the browser will automatically check the address of every Web
site a
user visits against a list of sites Microsoft has verified to be
legitimate.
This list will be kept on users' computers.
If no match is found, the Phishing filter will send the address to
Microsoft, where it will be checked against a list of known phishing
sites
that the company intends to update every 20 minutes. A match will
trigger a
warning that will pop up in the browser.
[...remainder snipped...]
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list