Sid Stamm <[email protected]> wrote: > > Since sending URLs is the main difference between this and the rest of > Safe Browsing, we have to think about whether Firefox users will be > willing to trade some of their download history for the protection > offered by the system and a less in-your-face download UI. I believe > they will. > > == System Attributes == > > * List Size: roughly 300 domains and 100 app signers in whitelist (small) > * Average Chrome users download about 2 binaries per day. > * ~ 8% of files downloaded by users are executables (and subject to this > new system) > * ~ 65% of those executables are whitelist hits and cause no prompt or > ping to Google (with URL of binary) > * Roughly 5.2% of a user's downloads result in a URL being sent to > Google's servers.
The obvious first question is that if the list is so small, why not download updates to it daily and do the check locally? David _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
