Features: anti-phishing protection Safari 3.2
The latest version of Safari launched a couple of weeks ago has as its main novelty the incorporation of protection against fraudulent websites, enabled by default in the Security pane of the preference of the browser. In this way, Safari 3.2 alerts us when we try to visit a site “known” to contain malware (viruses, trojans and other crap) or simulating be the site of a bank or corporation for the purpose of getting our personal or financial data.
The information provided by Apple on this but did not give much for the kids of Macworld say that in reality it is nothing short of the Google Safe Browsing technology developed by the giant search three years ago as an adjunct to Firefox to be integrated later in the version 2.0 and recently in the beta of Chrome.
The operation of this technology is based on two blacklists drawn up by Google with fraudulent addresses (one for sites with malware and another for Web pages that are moving those who are not in reality) that are stored in safebrowsing.clients.google. com. Obviously, Google needs to know the URL of the page you are visiting we want to be able to show a warning in case of any difficulties with it so when you launch Safari, this will download an updated copy of the domain trouble. If you try to access any of them, the browser encodes the full URL and sends it to Google for the check. If matched, shows us the warning concerned.
Also mention that although the latest version of Safe Browsing contains a third list of sites identified as safe (banks, agencies and large companies mainly), it seems that Safari does not make use of it. And it’s a shame, because it is precisely this “white list” so that it is unnecessary to avoid a query to Google while we visited pages without shadow of doubt.
Some users are nervous that your browser will send all this information to Google without your consent, especially when Apple has not provided the least information, but in general we can be reassured. Safari 3.2 does not send any information about the page you’re visiting unless your domain that matches one of those listed in Google, and even then, only gets the full address to verify it.
If that does not want calms and prevent any such communication, it is as simple as turn off the checkbox for the Safari preferences but unless you’re a double agent for the CIA and the Mosat better than leave as is. Viruses are not a major problem using Mac OS X but phishing can get off to anyone with a silly day and fall into the trap.
