On 6/29/12 5:06 PM, Sid Stamm wrote:
Based on Moheeb's reply (in this thread), I think we should move ahead
with implementing this for our windows users. It seems to me, and
please chime in if I'm out of line here, that we should:
1. Stand up a proxy that handles both pings and list updates.
** This proxy would strip the last octet out of IP addresses for pings
** Firefox then pings us (the proxy) instead of Google directly
I suspect this is going to have a poor cost/benefit ratio... A lot of
work to set up and run (at high availability!), dealing with spam/abuse
would be a headache, and not exactly our core competency (not offense to
IT! :). I'd also suspect it's not that effective at anonymousization --
eg how many of the users in your subnet just did a Google search for
"free wallpapers", and/or just had a SafeSearch relookup for
"sketchywallpapers.com", and/or had an AdSense ad load on the site, etc etc.
If the concern is Google possibly using said data for profiling users,
I'd suggest that a contractual limitation could be sufficient, and much
easier to deal with.
It would also be worth looking at any available stats on how effective a
partial client-site whitelist/blacklist would be... I would guess that
it would be helpful for reducing load, as well as reducing privacy
impact from Google being able to watch interactions with major sites.
OTOH, I'd also guess that it's likely that this is a very, very Long
Tail kind of thing, and that partial clientside filtering would be just
as complex as SafeBrowsing in the whole.
Justin
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
