On 06/08/2012 10:52 PM, John Nagle wrote: > On 6/8/2012 3:02 PM, Sid Stamm wrote: >> Hi All, >> >> I think we should implement a windows application reputation extension >> to Safe Browsing -- to help detect malicious binaries users download and >> for those we know are safe, stop prompting users. >> >> == Background == >> >> Last year, Google started experimenting[0] with an extension to Safe >> Browsing that helps protect users from malware downloads. This is a >> binary-file reputation system based on a whitelist of binaries and >> domains, and identifies benign executables as windows users attempt to >> download them. Benign executables can bypass any "are you sure" UI, >> making it less annoying to users. > > There are many malware blacklists available. Here's > a site that has a list of blacklists: > > http://www.selectrealsecurity.com/public-block-lists
One of my worries is that blacklists get big really fast and won't be as feasible on mobile devices (cost of updating the lists, downloading and storing them). > Building Google's list into Mozilla seems an inappropriate > tie to a single vendor. I think we should absolutely build this feature in a way that it is extensible and allows for importing other types of white/black-lists. Exploring Google's solution first is easy because we already ship Firefox with SafeBrowsing built-in, and it's not a stretch to trust Google a bit more if you haven't already turned off SafeBrowsing. > Whitelisting has problems of its own. At one point, > the Google Toolbar was widely considered spyware. Google would > be unlikely to blacklist their own product. We maintain a "block" list of Firefox add-ons that is appropriate for things like blocking toolbars. Perhaps it makes sense to use multiple lists from multiple sources. To be clear, I don't intend to rule that out, I just recommend starting with one. -Sid _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
