Mobile Safari Anti-Phishing Feature Criticized As Being Inconsistent

MacRumors

macrumors bot
Original poster
Apr 12, 2001
49,617
10,912
https://www.macrumors.com/images/macrumorsthreadlogodarkd.png

As part of the iPhone/iPod Touch 3.1 Software update released yesterday during Apple's rock and roll event, Mobile Safari gained anticipated anti-phishing features currently present in its desktop version. However, security firm Intego is criticizing the feature's inconsistency as being worse than if the feature hadn't been included at all.

We’ve had a number of people test [the anti-phishing feature], and some people get warnings for sites that others can load just fine. We’ve tried isolating locations, iPhone/iPod touch models, and whether they are connecting over a cell network or via wifi, but all we’ve come up with is that sometimes it works and sometimes it doesn’t. This is clearly more dangerous than no protection at all, because if users think they are protected, they are less careful about which links they click.
The desktop version of Safari uses Google's Safe Browsing API. It's unclear what technology the Mobile Safari browser uses and what the exact reason is for the inconsistent results, however Intego as well as other researchers promise to continue to investigate the issue.

Article Link: Mobile Safari Anti-Phishing Feature Criticized As Being Inconsistent
 

spillproof

macrumors 68020
Jun 4, 2009
2,028
2
USA
This not like Apple. I just checked my bank accounts today! I could be flat broke right now and I wouldn't even know it!
 

carmenodie

macrumors 6502a
Apr 25, 2008
775
0
in the bigger scheme of things don't blame apple blame the SOBS that are trying day and night to get your personnel information. And for the record, apple never said the Mac couldn't get viruses. Never! It has been the overzealous apple community touting that BS and getting all them apple converts all hyped up. Now some of the converts are questioning their decision to go apple. Meh!
 

macduke

macrumors G4
Jun 27, 2007
11,037
14,853
Central U.S.
This not like Apple. I just checked my bank accounts today! I could be flat broke right now and I wouldn't even know it!
You must be joking, but in case you aren't, here goes:

Say you have accounts at US Bank. If you go to usbank.com, you will not have any problems. If you get an email saying it's from your bank and it's not, and you click a link which opens into a website that is not your bank, then you would have to be an idiot to enter your personal information.

Bottom line: don't be a fool. This feature is only for morons. If you use your bookmark for your bank's website, or even type it in manually, there is no reason to need the anti-phishing measures.
 

spillproof

macrumors 68020
Jun 4, 2009
2,028
2
USA
You must be joking, but in case you aren't, here goes:
haha yes, to an extent. As I just did a reset and lost all my bookmarks, I had to manually typed the url in today over my school's non-encrypted wifi network, then register the "new computer" to my account.
 

centauratlas

macrumors 65816
Jan 29, 2003
1,242
1,929
Florida
I agree. Those SOBS at the IRS (or HMRC/Inland Rev etc) are always trying to get my personal info and my money. ;-)

Safari didn't throw up a warning for all those .gov sites.


in the bigger scheme of things don't blame apple blame the SOBS that are trying day and night to get your personnel information.
 

Doctor Q

Administrator
Staff member
Sep 19, 2002
38,208
4,620
Los Angeles
I don't think I'd turn complacent just because a non-foolproof feature was assisting me in being careful, as a convenience. This kind of feature can't be foolproof anyway.
 

Kevster89

macrumors regular
Oct 14, 2008
140
0
You must be joking, but in case you aren't, here goes:

Say you have accounts at US Bank. If you go to usbank.com, you will not have any problems. If you get an email saying it's from your bank and it's not, and you click a link which opens into a website that is not your bank, then you would have to be an idiot to enter your personal information.

Bottom line: don't be a fool. This feature is only for morons. If you use your bookmark for your bank's website, or even type it in manually, there is no reason to need the anti-phishing measures.
^x2

People have their identity and financial records stolen mainly because of stupid decisions like actually believing emails that say "Your account has been temporarily deactivated and we need your credit card number and SSN to reactivate it."

I have gotten this kind of email many times and it always makes me wonder how many people received the same exact email and actually fell for the scheme...

Be smart - rely on common sense, not on a newly implemented anti-phishing feature
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.