Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
09-12-2009, 08:48 PM #1
iPhone 3.1 Safari Fraud Warning: FAIL or WIN?
Apple added an anti-phishing feature to Safari in the 3.1 release. Called Fraud Warning (it's in Settings->Safari->Security), the modification was released with little fanfare (or explanation), and it appears that there may be confusion about how it works.
Computerworld reported on two anti-malware researchers who had taken a look at users who had implemented the feature and found it gave inconsistent results with known malicious sites. On Wednesday, Michael Sutton, the vice president of security research at Zscaler told Computerworld "[i]t was blocking nothing." On Thursday, he said, "it started blocking some sites, for some users, but it was inconsistent. Some sites are being blocked, others are not."
Sutton noted that it appeared to be due to the fact that users were getting updates of the blacklist inconsistently. Safari uses Google's SafeBrowsing API, which provides applications access to the blacklist database that Google maintains. Sutton found different versions of the list, or none at all.
Jim Dalrymple at the Loop may have discovered the cause of the inconsistency. He sent a request for more information to Apple after hearing of users' experiences with Fraud Warning, and got the following response:
Safariís anti-phishing database is downloaded while the user charges their phone in order to protect battery life and ensure there arenít any additional data fees. After updating to iPhone OS 3.1 the user should launch Safari, connect to a Wi-Fi network and charge their iPhone with the screen off. For most users this process should happen automatically when they charge their phone.
It's unclear if the researchers interviewed in the Computerworld piece had set up the iPhones properly. In any regard, the perception of a botched anti-malware measure is damaging in and of itself. Ideally, the details of the process should have been made more transparent from the outset.
Fortunately, those of us who are waiting to upgrade have time to educate ourselves...
Last edited by Paul Daniel Ash; 09-12-2009 at 08:53 PM. Reason: typo
09-12-2009, 08:55 PM #2
We must wait and educate :-PIPhone 3GS Black 16GB 3.0
Mac Mini Intel OSX 10.5.7
Originally Posted by iPhoneDummy
The Following User Says Thank You to The Maestro For This Useful Post:
09-12-2009, 09:16 PM #3
my girlfriend decided it would be a good idea to put her aim screen name and password into a aim phishing site lol
so i got a spam from her giving me the link to the malware, i was on my phone, and nothing poped up. (i wanted to test the "fraud warning") but nothing.
later that night, i gave her a link to a funny picture, she said whats this? i said ill tell you what its not, a phishing site.
ill never let her live that down lol :PIf i helped you, clicking thanks would be nice
09-12-2009, 09:59 PM #4
it may not be the best but a crappy start is better than nothing right?Yeah, you'll be the coolest person in the room when you pull one out and show it around, but that gets old fast when three other people have them and one person somehow has one that glows in the dark.
John C. Dvorak
The American columnist and broadcaster in article 'Rethinking the iPhone' in PC Magazine.
09-12-2009, 10:08 PM #5
09-12-2009, 10:10 PM #6
Anyway, good bit of information, i will be sure to do this when i update.13" 2.9 GHz i7 MacBook Pro OSX Mountain Lion | 32gb iPhone 4S iOS 5.1.1 JB
09-12-2009, 10:29 PM #7
09-13-2009, 12:48 AM #8
- Join Date
- Jul 2009
- Thanked 2 Times in 1 Post
well i hope it(3.1) let me jailbreak it, then i'll do the same
09-13-2009, 12:53 AM #9
09-13-2009, 01:28 AM #10
09-13-2009, 04:21 AM #11
lol, 1.0.x was fun.
09-13-2009, 08:28 AM #12
09-13-2009, 10:36 AM #13
I'm not sure what to make of this. I want to say it's a fail but who knows.160GB iPod Classic
8GB 2G - Firmware 2.2.1 PWN'D
8GB 3G - Firmware 3.0 PWN'D
16GB 3G S - Firmware 3.0 Ra1n'n Purple
64GB iPad 3G - Spirit'd
32GB iPhone 4
09-13-2009, 04:28 PM #14
This is confusing...
09-13-2009, 04:44 PM #15
At any rate it is an attempt to protect the users of the iphone. Whether or not its 100% perfect its a move in the right direction for the number one used smartphone in the WORLD!This is getting a lil' ridiculous...
09-28-2009, 10:29 AM #16
09-28-2009, 12:54 PM #17
Not liking that feature!