455
edits
CFA/Security-Notes: Difference between revisions
→Anti-Phishing
| Line 33: | Line 33: | ||
* Address bar protection - every window, including pop-ups, will show you an address bar (IE) | * Address bar protection - every window, including pop-ups, will show you an address bar (IE) | ||
* Ability to disable AJAX on certain sites; notify user if asynchronous calls are being made on user's behalf (FF brainstorm) | * Ability to disable AJAX on certain sites; notify user if asynchronous calls are being made on user's behalf (FF brainstorm) | ||
* Tell me if the site I'm visiting is a suspected forgery (FF) | * Tell me if the site I'm visiting is a suspected forgery (phishing), and offer to take user to search page to find the real website they were looking for (FF) | ||
** Check using a downloaded list of suspected sites | ** Check using a downloaded list of suspected sites | ||
** Check by asking Google about each site I visit | ** Check by asking Google about each site I visit | ||
* Phishing Protection | * Phishing Protection (FF brainstorm) | ||
** Make it easier to report phishing sites | ** Make it easier to report phishing sites | ||
** Implement phishing filter that learns automatically; integrate w/ PhishTank | ** Implement phishing filter that learns automatically; integrate w/ PhishTank | ||