Previous Politech message: http://www.politechbot.com/2005/09/10/phishing-tool-sends/ -------- Original Message -------- Subject: Re: [Politech] Microsoft anti-phishing tool sends Microsoft a list of sites visited [priv] Date: Sun, 11 Sep 2005 08:35:50 +0200 From: Matthias Leisi <matthias@private> To: Declan McCullagh <declan@private> References: <432326D1.6020207@private> Dear Declan, > This article says that Microsoft's new anti-phishing filter will work by > sending Microsoft the address of every site visited that is not already > on a > safe/unsafe list. It quotes the EFF worrying that this is "a wholesale > handing over of one's privacy to Microsoft." Microsoft is not the only (and by far not the first) to introduce such a functionality. Both the Google and the Netcraft toolbars work just like that, and even DNS-based Blocklists used mainly in mailservers allow to track the Blocklist operators to observe usage patterns. Such toolbars and tools are technically indistinguishable from spyware - the difference being only the trustworthiness of the entitiy receiving the data. Singling out Microsoft on that aspect may well be justified, but other than that, the article is highly misleading in that it ignores the general implications of user-triggered server-based filtering. Having said that, weighing the two evils - the threat of phishing vs. the possible tracking of usage patterns - server-based filtering still seems to be a good trade-off. In the situation at hand, server-based filtering is technically efficient (no need to download potentially huge lists with it's delayed detection of fraudulent sites), and the local caching of known-good / -bad sites reduces the tracking options on the server considerably. Regards, -- Matthias -- SIUG - Swiss Internet User Group - http://www.siug.ch/ Personal Blog: http://matthias.leisi.net/ _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Tue Sep 13 2005 - 07:50:34 PDT