The Anti-phishing Tool Bar Controversy...
by Christopher Boyd
There are lots of rumours circulating at present, regarding the Antiphishing toolbar from Netcraft. These rumours have circulating? as far back as May, claiming that the toolbar itself contains "spyware". Like most things labeled spware, it depends on your point of view; whether you think cookies areevil, and whether the price you pay for some phishing protection is a little personal data sent back to base. With that in mind, let's continue...
There seems to be nothing unusual here. Firefox pops up the "blocked" install message, and you have to manually add the Netcraft site to the list of allowed sites.
This is a good example of what can happen when panic takes hold needlessly - not every popup is a bad thing.
Then you get another clear message, indicating what will happen when you restart Firefox - for something that is supposedly doing something untoward, the toolbar is very clear with its disclosure!
I tried the Toolbar out on a number of phishing sites - it blocked all of them (example here). I had no false positives and the tool uninstalled with no problems, but I only tried a limited selection of sites. Remember, here I'm primarily looking for "unusual" behaviour. The issue is - I didn't find any.
# Information Automatically Logged
We use your IP address to help diagnose problems with our server and to administer our Web site. Your IP address may also used to display regional advertising banners.
Sometimes advertisers may use third party banner servers to display banners on our site. These servers are not under Netcraft's control.
Now, it has been mentioned on numerous sites as indicating that end-users should be looking out for popups, banner ads and other things associated with Adware, and that it tracks users for "hidden" purposes. But look again - it doesn't say this applies to the toolbar. It says these ads are on the website. And "banner serving system" has to refer to the website too - banners served by a toolbar wouldn't be very big to look at!
No, the issue here is that the terms for the toolbar and the terms for the website don't appear to have been separated well enough. Or at least, they have, but not enough for the average end-user to understand. This is despite the fact that the article clearly states lower down the page that the toolbar collects the below (under the heading of Netcraft toolbar!):
* A unique identification reference is generated for each Toolbar installation. This is sent back to us when the Toolbar attempts to download updated versions of its software and is used for planning and licensing purposes. This is not sent as part of the Toolbar's normal operation when browsing the web.
* Web sites (not URLs) visited when browsing the web. These are used to provide contextual reports and popularity ranking information for the site being browsed.
* Secure hashes of URLs visited when browsing the web. These are used to defend against phishing sites by comparing the hash against a list of hashes of previously reported phishing URLs and blocking the page if a match is found. There is no other case in which we can determine the URL of the page you have visited from the hash which we receive.
* The Toolbar does not collect any personal information except that described above. In particular, we do not collect personal information which can identify the browsing habits of individual users.
So we can see that, although Netcraft has made every effort to make clear what the toolbar does, there is still confusion in the end-user's mind with regards what the software actually collects. The interesting question is, what can Netcraft and companies like them, and (more importantly) the end-users do to clarify these issues?
It's a question with no easy answers, but as the above has illustrated, these days even producing a tool designed to increase security can be filled with unintentional perils.
noted this article is Copyright © 2017
by FaceTime Communications, Inc. This article may not be resold,
reprinted, or redistributed for compensation of any kind without
prior written permission from FaceTime
Communications, Inc. For reprint or media inquires please contact
us with the phrase "Spyware
Guide Articles" in the subject line and we will by happy
to assist you. Links to this article from other websites are appreciated
and encouraged. Users are also encouraged to utilize our RSS
system to provide unique content and extracts for their site.
Read other articles (back to