Antiphishing
Pau Garcia i Quiles
pgquiles at elpauer.org
Fri Jun 22 08:27:36 BST 2007
Quoting George Staikos <staikos at kde.org>:
>
> On 22-Jun-07, at 2:23 AM, Josef Spillner wrote:
>
>> On Thursday 21 June 2007 21:51:11 Tom Albers wrote:
>>> I have a very simple antiphishing check already (for html mails compare the
>>> visible link with the actual link, see screenie (yes, i know the typo)) and
>>> I would like to extend it to something more professional.
>>
>> When I proposed this to security@ a while ago, I was told that you
>> would never
>> be able to catch all cases with such a warning, and therefore it
>> doesn't make
>> sense to implement something like this.
>> What's the take now?
>
> What I suggest is something primarily based on an actively updated
> database, and that's a proven good approach.
Would the Google Safe Browsing database be OK?
http://code.google.com/apis/safebrowsing/key_signup.html
The only problem is it requires a key which is connected to a Google
Account but that has an easy solution: make safe browsing optional and
tell people they have to apply for a Google account and a Safe
Browsing API key if they want to have safe browsing. Maybe we could
even create an assistant to do that within Konqueror (I don't know if
Google allows this).
--
Pau Garcia i Quiles
http://www.elpauer.org
(Due to the amount of work, I usually need 10 days to answer)
More information about the kde-core-devel
mailing list