Mobile Safari Anti-Phishing Feature Criticized As Being Inconsistent

MacRumors · Sep 10, 2009

As part of the iPhone/iPod Touch 3.1 Software update released yesterday during Apple's rock and roll event, Mobile Safari gained anticipated anti-phishing features currently present in its desktop version. However, security firm Intego is criticizing the feature's inconsistency as being worse than if the feature hadn't been included at all.

Weve had a number of people test [the anti-phishing feature], and some people get warnings for sites that others can load just fine. Weve tried isolating locations, iPhone/iPod touch models, and whether they are connecting over a cell network or via wifi, but all weve come up with is that sometimes it works and sometimes it doesnt. This is clearly more dangerous than no protection at all, because if users think they are protected, they are less careful about which links they click.

The desktop version of Safari uses Google's Safe Browsing API. It's unclear what technology the Mobile Safari browser uses and what the exact reason is for the inconsistent results, however Intego as well as other researchers promise to continue to investigate the issue.

Article Link: Mobile Safari Anti-Phishing Feature Criticized As Being Inconsistent

SFStateStudent · Sep 10, 2009

I'm on that bus....

spillproof · Sep 10, 2009

This not like Apple. I just checked my bank accounts today! I could be flat broke right now and I wouldn't even know it!

Zimmer62943 · Sep 10, 2009

whinge bloody whinge, im sure if theres a problem apple will be on it soon

carmenodie · Sep 10, 2009

in the bigger scheme of things don't blame apple blame the SOBS that are trying day and night to get your personnel information. And for the record, apple never said the Mac couldn't get viruses. Never! It has been the overzealous apple community touting that BS and getting all them apple converts all hyped up. Now some of the converts are questioning their decision to go apple. Meh!

macduke · Sep 10, 2009

spillproof said:
This not like Apple. I just checked my bank accounts today! I could be flat broke right now and I wouldn't even know it!

You must be joking, but in case you aren't, here goes:

Say you have accounts at US Bank. If you go to usbank.com, you will not have any problems. If you get an email saying it's from your bank and it's not, and you click a link which opens into a website that is not your bank, then you would have to be an idiot to enter your personal information.

Bottom line: don't be a fool. This feature is only for morons. If you use your bookmark for your bank's website, or even type it in manually, there is no reason to need the anti-phishing measures.

spillproof · Sep 10, 2009

macduke said:
You must be joking, but in case you aren't, here goes:

haha yes, to an extent. As I just did a reset and lost all my bookmarks, I had to manually typed the url in today over my school's non-encrypted wifi network, then register the "new computer" to my account.

centauratlas · Sep 11, 2009

I agree. Those SOBS at the IRS (or HMRC/Inland Rev etc) are always trying to get my personal info and my money. ;-)

Safari didn't throw up a warning for all those .gov sites.

carmenodie said:
in the bigger scheme of things don't blame apple blame the SOBS that are trying day and night to get your personnel information.

wackymacky · Sep 11, 2009

Given that most people know that they should type url's fir their banks etc rather than clicking on links, I'm not sure how bigger problem this is.

longofest · Sep 11, 2009

It's best just to be aware. Better for the user to be aware that the feature isn't working properly so they shouldn't rely on it.

Doctor Q · Sep 11, 2009

I don't think I'd turn complacent just because a non-foolproof feature was assisting me in being careful, as a convenience. This kind of feature can't be foolproof anyway.

Kevster89 · Sep 22, 2009

macduke said:
You must be joking, but in case you aren't, here goes:

Say you have accounts at US Bank. If you go to usbank.com, you will not have any problems. If you get an email saying it's from your bank and it's not, and you click a link which opens into a website that is not your bank, then you would have to be an idiot to enter your personal information.

Bottom line: don't be a fool. This feature is only for morons. If you use your bookmark for your bank's website, or even type it in manually, there is no reason to need the anti-phishing measures.

^x2

People have their identity and financial records stolen mainly because of stupid decisions like actually believing emails that say "Your account has been temporarily deactivated and we need your credit card number and SSN to reactivate it."

I have gotten this kind of email many times and it always makes me wonder how many people received the same exact email and actually fell for the scheme...

Be smart - rely on common sense, not on a newly implemented anti-phishing feature

Search

Search

Mobile Safari Anti-Phishing Feature Criticized As Being Inconsistent

MacRumors

macrumors bot

SFStateStudent

macrumors 604

spillproof

macrumors 68020

Zimmer62943

macrumors member

carmenodie

macrumors 6502a

macduke

macrumors G5

spillproof

macrumors 68020

centauratlas

macrumors 68000

wackymacky

macrumors 68000

longofest

Editor emeritus

Doctor Q

Administrator

Kevster89

macrumors regular

Our Staff