AOH :: PT-1119.HTM

Microsoft is hardly alone: more on anti-phishing tools and privacy

Microsoft is hardly alone: more on anti-phishing tools and privacy
Microsoft is hardly alone: more on anti-phishing tools and privacy



Previous Politech message:
http://www.politechbot.com/2005/09/10/phishing-tool-sends/ 

-------- Original Message --------
Subject: Re: [Politech] Microsoft anti-phishing tool sends Microsoft a 
list of sites visited [priv]
Date: Sun, 11 Sep 2005 08:35:50 +0200
From: Matthias Leisi  
To: Declan McCullagh  
References: <432326D1.6020207@well.com> 

Dear Declan,

> This article says that Microsoft's new anti-phishing filter will work by
> sending Microsoft the address of every site visited that is not already 
> on a
> safe/unsafe list.  It quotes the EFF worrying that this is "a wholesale
> handing over of one's privacy to Microsoft."

Microsoft is not the only (and by far not the first) to introduce such a
functionality. Both the Google and the Netcraft toolbars work just like
that, and even DNS-based Blocklists used mainly in mailservers allow to
   track the Blocklist operators to observe usage patterns.

Such toolbars and tools are technically indistinguishable from spyware -
the difference being only the trustworthiness of the entitiy receiving
the data. Singling out Microsoft on that aspect may well be justified,
but other than that, the article is highly misleading in that it ignores
the general implications of user-triggered server-based filtering.

Having said that, weighing the two evils - the threat of phishing vs.
the possible tracking of usage patterns - server-based filtering still
seems to be a good trade-off. In the situation at hand, server-based
filtering is technically efficient (no need to download potentially huge
lists with it's delayed detection of fraudulent sites), and the local
caching of known-good / -bad sites reduces the tracking options on the
server considerably.

Regards,
-- Matthias

-- 
SIUG - Swiss Internet User Group - http://www.siug.ch/ 
Personal Blog: http://matthias.leisi.net/ 
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/ 
Moderated by Declan McCullagh (http://www.mccullagh.org/) 


Make REAL money with your website!

The entire AOH site is optimized to look best in Firefox® 2.0 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.