Inside Safari 3.2's Anti-Phishing Feature 135
MacWorld is running a piece from MacJournals.com's for-pay publication detailing how the Safari browser's anti-phishing works. The article takes Apple to task for not thinking enough of its users to bother telling them when Safari sends data off to a third party on their behalf. For it seems that Safari uses the same Google-based anti-phishing technology that Firefox has incorporated since version 2.0, but, unlike Mozilla, tells its users nothing about it. "Even when phrased as friendly to Apple as we can manage, the fact remains that after installing Safari 3.2, your computer is by default downloading lots of information from Google and sending information related to sites you visit back to Google — without telling you, without Apple disclosing the methods, and without any privacy statement from Apple."
Data protection act? (Score:2, Informative)
Re:So... (Score:3, Informative)
First off, because it drives me nuts, it is "couldn't care less". (Cue picking on grammar errors in this post. Maybe I'll drop a couple in intentionally!)
Secondly there is adblock (and flashblock) for Safari in the form or SafariBlock [google.com], or if you don't care for Input Managers there's always things like GlimmerBlocker [glimmerblocker.org] which is a local HTTP Proxy which will block ads (and flash and do other fancy things) across the whole system and not just one browser.
Re:Except the Google service is privacy preserving (Score:3, Informative)
You've got it backwards. There is no longer an option to check as you browse and the check against the local list has always been the default.
It's not that hard to write a clear privacy policy (Score:5, Informative)
Our AdRater plug-in has similar privacy issues. It's a plug-in that "phones home" to get information about the advertisers whose ads appear on a site. Here's what we tell users:
AdRater "phones home", but tells us as little as possible. AdRater sends the domain name associated with each advertisement you see to SiteTruth. Thus, we can tell what advertisers have reached you, but cannot tell what web pages you have been viewing. We can't tell if you click on an ad. AdRater does not use "cookies" or any other user identifiable information other than your current IP address.
If we change any of this, the changes will not take effect until you download and install a new version of AdRater.
AdRater does not rate ads on secure pages, so no information about a secure page is ever sent to our servers.
Now that wasn't hard, was it?
For really technical users, we publish the API AdRater uses [sitetruth.com], so you can check to see that we're telling the truth about what data goes back and forth.
Re:It's Not About Who Sees What (Score:5, Informative)
Glad you feel that way. I'll get a few post-event disclosures out of the way then:
1. Your IP address, browser, operating system, installed plugins, and physical location were logged by Google Analytics as soon as you hit Slashdot.
2. If you don't have adblock installed, your browser contacted doubleclick.net when you visited Slashdot and uploaded the unique id assigned to your browser. If you did not have a unique id, one was assigned to you. Additional information such as the site you are visiting, your browser, your plugins, your geographic location, and other information may have been collected during this transaction.
Hope that helps!
Re:It's Not About Who Sees What (Score:2, Informative)
Re:Haven't upgraded... (Score:2, Informative)
Re:Data protection act? (Score:3, Informative)
The key is "personally-identifiable". What Apple is sending is not. They are sending a hash of a page. All they are doing is taking something you just downloaded, scrambling it up and sending it back to the web.
If you are truly worried about people finding out what sites you are browsing then you need to worry a LOT about DNS servers. DNS server know your IP address and the name of every site you click. How would you know if the DNS server is logging your queries?
Re:It's Not About Who Sees What (Score:3, Informative)
Will I agree with you that this is a pointless argument I would say the difference between this and the examples you list is that it's an application on my desktop which is sharing the information. Not two website which have no relation to my computer or the information stored therein.
It still think people will complain just because they need something to complain about to get noticed an feel important. They will scream slippery slope and wave there arms never realizing that there is no slope....it's a minefield and we are all wearing rollerskates.
I have the feeling you don't know how a browser works - it's not Slashdot that is sending the data, it's your browser. And if you are so paranoid about your privacy, you shouldn't be using any browser.
Re:So why use it? (Score:2, Informative)
Just use Firefox and be done with it...
Um, you realize that Firefox uses the exact same anti-phishing technology, right? If you prefer Firefox, that's great but as far as this particular issue goes the difference is disclosure, not implementation. I like Firefox, but Safari is faster and less of a CPU and memory hog on OS X in my experience. And the integration is better - so I'll stick with Safari (although I skipped 3.2 because of all the crash complaints and I use FF for serious HTML/DOM/JavaScript hacking.)
Re:It's not that hard to write a clear privacy pol (Score:3, Informative)
It does, however, present it in a non-technical way first:
AdRater "phones home", but tells us as little as possible.
For many users, that says it all.
AdRater sends the domain name associated with each advertisement you see to SiteTruth.
A domain name is pretty common knowledge. Even if it isn't, now you know some information is going to something called SiteTruth.
Thus, we can tell what advertisers have reached you, but cannot tell what web pages you have been viewing. We can't tell if you click on an ad.
Again, non-technical.
It seems like a non-technical user could read this and understand enough to decide whether or not they need to care -- and if they need to care, they can ask for help understanding it. Us technical users are grateful that all the relevant information about IP addresses, domain names, and cookies are all right there, so we don't have to go digging for clues as to what the "non-technical" marketspeak might mean.
Firefox plain-text vs. Safari hashes (Score:1, Informative)
In a stock installation of Firefox 2.0 and higher, Ctrl-K. Type a letter, any letter, *without* hitting Enter. You have now sent information to Google and any would-be MITM, all so that Google could recommend "amazon" for "a," all sent in glorious clear plaintext.
Now imagine that you had sensitive text information in your clipboard and it found its way into the search box purely by accident. Oh, to be the man in the middle of that.
Just because it's the search box instead of the *hash* of a URL to which you are actively trying to connect doesn't make a lick of difference. In fact, I'd say that the search box, until you hit enter, should be neutral territory, safe from the network. At least with the address bar and hitting enter, or clicking a link, you are consciously interacting with "something" on the net. At least anti-phishing features are implemented in the name of security, while this bullshit is perpetrated in the name of laziness and/or convenience. (I'll refrain from overemphasizing the potential for exploitation of these results and their prioritization through monetary influence.) So where are all the people jumping up and down about Mozilla being evil and tailor-made for producing dumb products for dumb customers? Are their needs simply satisfied by the fact that suggestions can be turned off using FF's HIDDEN config panel? If so, then aren't the needs of Safari's detractors met by the disabling of this feature in Safari's UNHIDDEN config panel?
Kind of puts things in perspective, doesn't it? Unless you're the rabid, irrational hate-Apple-at-all-costs type.
leopard version of /etc/hosts (Score:3, Informative)
to repeat what i said on the macworld article's comment board,
sudo dscl localhost -create /Local/Default/Hosts/safebrowsing.clients.google.com IPAddress 127.0.0.1
(or do the obvious with /etc/hosts if you're still running tiger (not that i know if safari 3.2 is available for tiger....))