Mobile Chrome, Safari and Firefox Failed To Show Phishing Warnings For More Than a Year (zdnet.com) 27
An anonymous reader writes: For more than a year, mobile browsers like Google Chrome, Firefox, and Safari failed to show any phishing warnings to users, according to a research paper published this week. "We identified a gaping hole in the protection of top mobile web browsers," the research team said. "Shockingly, mobile Chrome, Safari, and Firefox failed to show any blacklist warnings between mid-2017 and late 2018 despite the presence of security settings that implied blacklist protection." The issue only impacted mobile browsers that sued the Google Safe Browsing link blacklisting technology. The research team -- consisting of academics from Arizona State University and PayPal staff -- notified Google of the problem, and the issue was fixed in late 2018. "Following our disclosure, we learned that the inconsistency in mobile GSB blacklisting was due to the transition to a new mobile API designed to optimize data usage, which ultimately did not function as intended," researchers said.
Sued? Slashdot is a Fucking Joke! (Score:1)
Slashdot editors fail again.
In other words (Score:5, Informative)
Google’s blacklisting service was broken for more than a year.
Re: (Score:3)
Googleâ(TM)s blacklisting service was broken for more than a year.
Now that's just wrong. I'm sure it worked 100% in tracking every website visited by every Chrome user (and other browsers that used it), increasing the value of Google' targeted ads.
Or did you mean it didn't stop phishing? Hahahahaha. Like that was ever it's purpose.
they got the moral of the story wrong (Score:1)
"the inconsistency in mobile GSB blacklisting was due to the transition to a new mobile API."
Wrong - the inconsistency in mobile GSB blacklisting was due entirely to a lack of unit and integration testing. The bug wasn't the problem. Bugs happen. The problem was the failure to detect it.