Antiphishing

Pau Garcia i Quiles pgquiles at elpauer.org
Fri Jun 22 08:27:36 BST 2007


Quoting George Staikos <staikos at kde.org>:

>
> On 22-Jun-07, at 2:23 AM, Josef Spillner wrote:
>
>> On Thursday 21 June 2007 21:51:11 Tom Albers wrote:
>>> I have a very simple antiphishing check already (for html mails compare the
>>> visible link with the actual link, see screenie (yes, i know the typo)) and
>>> I would like to extend it to something more professional.
>>
>> When I proposed this to security@ a while ago, I was told that you   
>> would never
>> be able to catch all cases with such a warning, and therefore it   
>> doesn't make
>> sense to implement something like this.
>> What's the take now?
>
>    What I suggest is something primarily based on an actively updated
> database, and that's a proven good approach.

Would the Google Safe Browsing database be OK?
http://code.google.com/apis/safebrowsing/key_signup.html

The only problem is it requires a key which is connected to a Google  
Account but that has an easy solution: make safe browsing optional and  
tell people they have to apply for a Google account and a Safe  
Browsing API key if they want to have safe browsing. Maybe we could  
even create an assistant to do that within Konqueror (I don't know if  
Google allows this).

-- 
Pau Garcia i Quiles
http://www.elpauer.org
(Due to the amount of work, I usually need 10 days to answer)




More information about the kde-core-devel mailing list