[ux] Malicious Software warning copy, design and illustration update

RESOLVED FIXED

Status

()

Firefox
General
P1
normal
RESOLVED FIXED
a year ago
10 months ago

People

(Reporter: mheubusch, Assigned: mheubusch)

Tracking

(Blocks: 2 bugs)

unspecified
Points:
---
Dependency tree / graph
Bug Flags:
qe-verify -

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [photon-visual][ux])

Attachments

(3 attachments, 1 obsolete attachment)

(Assignee)

Description

a year ago
Update page design, illustration and copy of https://mozilla.invisionapp.com/share/ZKBC94BPQ#/screens/229470845

Copy

<title>Malicious Software</title>

<h1>Firefox blocked this page.</h1>


<text>This page was blocked because it may install unwanted software that changes how your computer works when you browse the Web. 
 
<a href="https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work?as=u&utm_source=inproduct#w_unwanted-software">Learn more about how Firefox protects you</a> from dangerous and deceptive websites and why this page was blocked. 

[Get me out of here] [Ignore this warning and go to the page]
Status: NEW → ASSIGNED
Flags: qe-verify-
Priority: P2 → P1
Iteration: 55.4 - May 1 → 55.5 - May 15
Blocks: 1363051
We have three categories of pages that we block:

- phishing (now called "deceptive")
- malware
- potentially unwanted software

Is this bug only for the "malware" category? Are there separate bugs for the other two categories?

Also, one of the things that this design changes is how easy/convenient it is to ignore the warnings. This has serious security implications since ignoring these warnings is almost always a huge mistake.
Flags: needinfo?(mheubusch)
Iteration: 55.5 - May 15 → 55.6 - May 29
(Assignee)

Comment 2

a year ago
Francois and Bram - I emailed this message (below) to you and it was blocked. Perhaps too much copy about malware? In any case, thank you for your feedback on this set of bugs. I've outlined revised copy (based on the Google guidelines) and still have two questions: 

1.  Where do we place the required Advisory provided by Google line on the page?  

2. How do we solve the interaction issue? While putting a text link to proceed is less obscure than a button, this is still counterintuitive. Buttons usually signal the main or secondary actions related to the warning or notification.  That’s why Aaron and I changed the interaction in the first place - to draw the user’s attention to the risk.  That said,  my advice would be to follow the pattern Google uses and we also use on the Cert Error you can bypass page, where we provide a button to See Details, with a modal or windowshade that includes a link that lets the user move forward to the problem site (not recommended).  Are you ok with that? If so, I can relay this to Aaron and have this designed to look like Photon.  If you’d like to provide a wireframe with this interaction and the Advisory copy, even better!

For your review and Francois, here is the copy:

Deceptive Site

<title>Deceptive Site Warning</title>

<h1>Warning—Deceptive site ahead</h1>

<text>Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.  
Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.

[Go Back] [See Details]

Advisory provided by Google. Safe Browsing Advisory


(content appears upon selecting See Details) This site has been reported as a possible deceptive site. You can ignore this risk and go to <URL>.

Malicious Site
<title>Malware Warning</title>

<h1>Warning—Visiting this web site may harm your computer.
Firefox blocked this page because it appears to contain malicious software that may steal or delete personal information on your computer.
Learn more about harmful web content including viruses and other malware and how to protect your computer at StopBadware.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.

[Go Back] [See Details]

Advisory provided by Google. Safe Browsing Advisory


(content appears upon selecting See Details) This site has been reported as possibly containing malicious software. You can ignore this risk and go to <URL>.

Unwanted Software Site
<title>Harmful Software Warning</title>
<h1>Warning—The site ahead may contain harmful programs.</h1>
Firefox blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).
Learn more about harmful and unwanted software at Unwanted Software Policy. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.

[Go Back] [See Details]

Advisory provided by Google. Safe Browsing Advisory

(content appears upon selecting See Details) This site has been reported as possibly containing harmful software. You can ignore this risk and go to <URL>.
Flags: needinfo?(mheubusch) → needinfo?(bram)
By the way, we are not required to use the exact copy from Google. If we want to give it a distinctive "Firefox has got your back don't worry" flavor, that's fine. We just need to share our copy with them for their approval before it goes to release, which I can help with.

(In reply to mheubusch from comment #2)
> 1.  Where do we place the required Advisory provided by Google line on the
> page?  

We are not currently complying with that guideline since we don't attribute the warning to Google on our existing warning pages. This will require a little bit of record keeping to make sure that we don't display it for warnings that don't come from Google (e.g. http://itisatrap.org/firefox/its-a-trap.html). I will file a follow-up bug for this.

In terms of where it should go, perhaps in the "details" sub-panel that you are proposing?

> That said,  my
> advice would be to follow the pattern Google uses and we also use on the
> Cert Error you can bypass page, where we provide a button to See Details,
> with a modal or windowshade that includes a link that lets the user move
> forward to the problem site (not recommended).  Are you ok with that?

Sounds good to me.

> Deceptive Site
> 
> <title>Deceptive Site Warning</title>
> 
> <h1>Warning—Deceptive site ahead</h1>
> 
> <text>Firefox blocked this page because it may trick you into doing
> something dangerous like installing software or revealing personal
> information like passwords or credit cards.  
> Learn more about deceptive sites and phishing at www.antiphishing.org. Learn
> more about Firefox’s Phishing and Malware Protection at support.mozilla.org.
> 
> [Go Back] [See Details]

Looks good.

> (content appears upon selecting See Details) This site has been reported as
> a possible deceptive site. You can ignore this risk and go to <URL>.

I would suggest stronger wording here:

  "reported as a possible deceptive site" -> "reported as a deceptive site"

since the number of false positives on the list is low, we should avoid downplaying the risk.

Secondly, I think that having the URL as a link there is likely to make it easier to see and may lead users to click the link without reading the sentence before it?

Finally, the last sentence might be an opportunity to tell users to be careful. For instance, instead of "ignore this risk and go to URL", we could say something along the lines of (depending on what tone we use in Photon):

  If you're sure this is a mistake, you can still visit the site, but please be careful!

> Malicious Site
> <title>Malware Warning</title>
> 
> <h1>Warning—Visiting this web site may harm your computer.
>
> Firefox blocked this page because it appears to contain malicious software
> that may steal or delete personal information on your computer.
> Learn more about harmful web content including viruses and other malware and
> how to protect your computer at StopBadware.org. Learn more about Firefox’s
> Phishing and Malware Protection at support.mozilla.org.

One of the things that these sites often do is cause malicious software to be downloaded/installed. I wonder if we should include that as part of the warning.
 
> Unwanted Software Site
> <title>Harmful Software Warning</title>
> <h1>Warning—The site ahead may contain harmful programs.</h1>
> Firefox blocked this page because it might try to trick you into installing
> programs that harm your browsing experience (for example, by changing your
> homepage or showing extra ads on sites you visit).
> Learn more about harmful and unwanted software at Unwanted Software Policy.
> Learn more about Firefox’s Phishing and Malware Protection at
> support.mozilla.org.

Looks good.
Depends on: 1366384
(In reply to mheubusch from comment #2)
> […] my
> advice would be to follow the pattern Google uses and we also use on the
> Cert Error you can bypass page, where we provide a button to See Details,
> with a modal or windowshade that includes a link that lets the user move
> forward to the problem site (not recommended).  Are you ok with that? If so,
> I can relay this to Aaron and have this designed to look like Photon.

This sounds great! I’m okay with putting the URL behind a “See Details” button.

What I’ll do is take the copy you’ve written, incorporate Francois’ suggestions and put it into Aaron’s design template tomorrow. It’ll be much quicker that way, and clearer when we all can see what the final design will look like.

I’ll ping Aaron for this file privately.
Flags: needinfo?(bram)
Bram, one more thing I forgot to mention is that we'll need a new checkbox on these pages soon since we are adding (in bug 1331138) the ability for users to report the bad pages they see (opt in).

That would be very similar to the checkbox we have on TLS error pages ("Report errors like this to help Mozilla identify and block malicious sites"). See https://expired.badssl.com/ for an example. The main difference is that it would be sent to Google instead of Mozilla and so the checkbox caption should reflect that.

So it might be worth to include this in your designs too to make sure that all of the elements make sense.
Blocks: 1331138
Created attachment 8870151 [details]
Screenshot of Chrome's opt-in checkbox for reporting bad pages users encounter

Here's a screenshot of the checkbox that Chrome has.
I’ve updated the copy with the ones Michelle had provided on comment 2, plus Francois’ suggestions on comment 3.

* Advisory by Google: inside “See Details” panel

* Add checkbox to report problem to Google:
  * “Report errors like this to help Google identify and block malicious sites.”
  * This is accurate, but it also doesn’t say ‘Mozilla’ and might confuse users? Maybe not such a big problem.

* Stronger wording:
  * Before: “possible deceptive site”
  * After: “deceptive site”

* Make the URL harder to notice, and tell users to be careful:
  * Before: “You can ignore this risk and go to <URL>.”
  * After: “If you’re sure that there was a mistake, you may <visit this unsafe site>, but please be careful!”

* Make Malicious Software (Malware) page carry a warning that it may cause software installation without consent
  * Before: “Firefox blocked this page because it appears to contain malicious software…”
  * After: “Firefox blocked this page because it might attempt to install malicious software…”


Finally, I’ve put this new copy on the Photon design template:

* Deceptive (phishing): https://cl.ly/0N30232Q3I2L
* Malicious Software (Malware): https://cl.ly/2o371u2L0505
* Unwanted Software: https://cl.ly/3C002X1b3m3W


What do you both think?
Flags: needinfo?(mheubusch)
Flags: needinfo?(francois)
Iteration: 55.6 - May 29 → 55.7 - Jun 12
(Assignee)

Comment 8

a year ago
(In reply to Bram Pitoyo [:bram] from comment #7)
> I’ve updated the copy with the ones Michelle had provided on comment 2, plus
> Francois’ suggestions on comment 3.
> 
> * Advisory by Google: inside “See Details” panel
> 
> * Add checkbox to report problem to Google:
>   * “Report errors like this to help Google identify and block malicious
> sites.”
>   * This is accurate, but it also doesn’t say ‘Mozilla’ and might confuse
> users? Maybe not such a big problem.
> 
> * Stronger wording:
>   * Before: “possible deceptive site”
>   * After: “deceptive site”
> 
> * Make the URL harder to notice, and tell users to be careful:
>   * Before: “You can ignore this risk and go to <URL>.”
>   * After: “If you’re sure that there was a mistake, you may <visit this
> unsafe site>, but please be careful!”
> 
> * Make Malicious Software (Malware) page carry a warning that it may cause
> software installation without consent
>   * Before: “Firefox blocked this page because it appears to contain
> malicious software…”
>   * After: “Firefox blocked this page because it might attempt to install
> malicious software…”
> 
> 
> Finally, I’ve put this new copy on the Photon design template:
> 
> * Deceptive (phishing): https://cl.ly/0N30232Q3I2L
> * Malicious Software (Malware): https://cl.ly/2o371u2L0505
> * Unwanted Software: https://cl.ly/3C002X1b3m3W
> 
> 
> What do you both think?

Hi Bram - these look really good. I agree with your concern about the addition of the send to google checkbox - think it is confusing to have content about Firefox and what we are doing and then have a line of copy that says "Send to google so that WE can . .." I think this could either suggest that Firefox is owned by Google or that we just copied and pasted an error message from google.  Think the best way to solve this is to bring the "Advisory by Google" tag next to or before this check box and change the copy to  "Report errors like this to Google to help identify and block malicious
> sites for all browsers that use their advisory service." Or just to "Report errors like this to Google to help identify and block malicious
> sites"  Think it is an important distinction to say that they user is reporting to Google, and not just submitting a report (to who) that will help Google.  I can ask legal if you want though.  

Also, and a really small thing, can you remove the period at the end of the two headlines that have them - I broke my own rule by putting them in there. Once we are set I will update all strings for easier engineering copy/paste.
Flags: needinfo?(mheubusch) → needinfo?(bram)
(In reply to Bram Pitoyo [:bram] from comment #7)
> Finally, I’ve put this new copy on the Photon design template:
> 
> * Deceptive (phishing): https://cl.ly/0N30232Q3I2L
> * Malicious Software (Malware): https://cl.ly/2o371u2L0505
> * Unwanted Software: https://cl.ly/3C002X1b3m3W
> 
> What do you both think?

That looks great Bram! Also, I like Michelle's idea of grouping the Google advisory with the Google checkbox together.

I took another look at the Chrome warnings and here are a few more things we may want to consider for the redesign:

1. Should we move the "Learn more about deceptive sites and phishing at www.antiphishing.org ... and support.mozilla.org." paragraph to the "Details" panel? It would give more space for the Advisory link and the checkbox and reduce the amount of information that's presented upfront.

2. Should we link the words "malicious software" or "deceptive software" (in the Details panel) to https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-GB#url=http://testsafebrowsing.appspot.com/s/malware.html? Chrome does that and it provides some more information about why a particular site was blocked.

3. Should we link to the forms for reporting errors in the list (https://safebrowsing.google.com/safebrowsing/report_error/?tpl=mozilla and https://www.stopbadware.org/firefox for phishing and malware respectively)? Chrome has it in the Details panel for phishing only: "You can report a _detection problem_ or, if you understand the risks to your security, visit this unsafe site."
Flags: needinfo?(francois)
Created attachment 8872799 [details]
Chrome's full phishing warning page
Attachment #8870151 - Attachment is obsolete: true
Created attachment 8872801 [details]
Chrome's full malware warning page
Created attachment 8872802 [details]
Chrome's full potentially unwanted software warning page
(Assignee)

Comment 13

a year ago
I agree with all of your suggestions, Francois.  Here is the updated copy, Bram - do you want to comp this up? 

Deceptive Site

<title>Deceptive Site Warning</title>

<h1>Warning—Deceptive site ahead</h1>

<text>Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.  

Advisory provided by Google Safe Browsing 
[ ] Report errors like this to help Google identify and block malicious sites


[Go Back] [See Details]



(content appears upon selecting See Details) This site has been <a href = "https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-GB#url=http://testsafebrowsing.appspot.com/s/malware.html" reported as a possible deceptive site"</a>. You can report a <a href = "https://safebrowsing.google.com/safebrowsing/report_error/?tpl=mozilla" detection problem</a> or ignore this risk and go to <URL>.

Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.



Malicious Site
<title>Malware Warning</title>

<h1>Warning—Visiting this web site may harm your computer
Firefox blocked this page because it appears to contain malicious software that may steal or delete personal information on your computer.

Advisory provided by Google Safe Browsing 
[ ] Report errors like this to help Google identify and block malicious sites


[Go Back] [See Details]



(content appears upon selecting See Details) This site has been <a href = "https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-GB#url=http://testsafebrowsing.appspot.com/s/malware.html" reported as possibly containing malicious software</a>. You can report a <a href = "https://www.stopbadware.org/firefox" detection problem</a> or ignore this risk and go to <URL>.

Learn more about harmful web content including viruses and other malware and how to protect your computer at StopBadware.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.

Unwanted Software Site
<title>Harmful Software Warning</title>
<h1>Warning—The site ahead may contain harmful programs</h1>
Firefox blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

Advisory provided by Google Safe Browsing 
[ ] Report errors like this to help Google identify and block malicious sites.



[Go Back] [See Details]


(content appears upon selecting See Details) This site has been reported as possibly containing harmful software. You can ignore this risk and go to <URL>. 

Learn more about harmful and unwanted software at Unwanted Software Policy. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org.
Flags: needinfo?(bram)
(In reply to mheubusch from comment #13)
> Deceptive Site
> 
> (content appears upon selecting See Details) This site has been <a href =
> "https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.
> html?hl=en-GB#url=http://testsafebrowsing.appspot.com/s/malware.html"
> reported as a possible deceptive site"</a>. You can report a <a href =
> "https://safebrowsing.google.com/safebrowsing/report_error/?tpl=mozilla"
> detection problem</a> or ignore this risk and go to <URL>.

I think you accidentally lost the changes that Bram made in comment 7. 

Why not use the copy from https://cl.ly/0N30232Q3I2L and just tweak it to add the links:

[[website]] has been <a href="GOOGLE">reported as a deceptive site</a>. If you're sure that there was a mistake, you may <a href="GOOGLE">report a detection problem</a> or <a href="SITE">visit this unsafe site</a>, but please be careful!

> Malicious Site
> 
> (content appears upon selecting See Details) This site has been <a href =
> "https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.
> html?hl=en-GB#url=http://testsafebrowsing.appspot.com/s/malware.html"
> reported as possibly containing malicious software</a>. You can report a <a
> href = "https://www.stopbadware.org/firefox" detection problem</a> or ignore
> this risk and go to <URL>.

Based on https://cl.ly/2o371u2L0505:

[[website]] has been <a href="GOOGLE">reported as containing malicious software</a>. If you're sure that there was a mistake, you may <a href="STOPBADWARE">report a detection problem</a> or <a href="SITE">visit this unsafe site</a>, but please be careful!

> Unwanted Software Site
> 
> (content appears upon selecting See Details) This site has been reported as
> possibly containing harmful software. You can ignore this risk and go to
> <URL>. 

We can also link to the report for unwanted software. There is no way to report "detection problems" though.

Based on https://cl.ly/3C002X1b3m3W:

[[website]] has been <a href="GOOGLE">reported as containing harmful software</a>. If you're sure that there was a mistake, you may <a href="SITE">visit this unsafe site</a>, but please be careful!
Flags: needinfo?(mheubusch)
I’ve updated the copy to combine both of your recommendations:

Deceptive Site
--------------

https://cl.ly/082p2I2W3c0o

(content appears upon selecting See Details) [[website]] has been <a href="GOOGLE">reported as a deceptive site</a>. You can <a href="GOOGLE">report a detection problem</a> or <a href="SITE">ignore the risk</a> and go to this unsafe site</a>.


Malicious Site
--------------

https://cl.ly/3N1y0k1M1w04

(content appears upon selecting See Details) [[website]] has been <a href="GOOGLE">reported as containing malicious software</a>. You can <a href="GOOGLE">report a detection problem</a> or <a href="SITE">ignore the risk and go to this unsafe site</a>.


Unwanted Software Site
----------------------

https://cl.ly/0j2n310G0Z2V

(content appears upon selecting See Details) [[website]] has been  <a href="GOOGLE">reported as containing harmful software</a>. You can  <a href="SITE">ignore the risk</a> and go to this unsafe site.

[There’s no way to report detection problem, so we eliminate that link.]


What do you think, Francois and MHeubusch?
Flags: needinfo?(francois)
(In reply to Bram Pitoyo [:bram] from comment #15)
> Deceptive Site
> --------------
> 
> https://cl.ly/082p2I2W3c0o

Tiny mistake: "Google Safe Browsing" in the advisory text should be a link to the Google advisory page (https://developers.google.com/safe-browsing/v4/advisory).

> What do you think, Francois and MHeubusch?

Looks good to me.

One question: do we need the "Warning: " prefix in the titles? Given the red scary background, it seems implied that this is a warning.
Flags: needinfo?(francois)
Iteration: 55.7 - Jun 12 → 56.1 - Jun 26
Perhaps we don’t.(In reply to François Marier [:francois] from comment #16)
> One question: do we need the "Warning: " prefix in the titles? Given the red
> scary background, it seems implied that this is a warning.

I agree that taking the “Warning” string out wouldn’t take away the severity of our message, and would make our string a bit shorter. Let’s do that.

Updated mocks below.

Deceptive (phishing): https://cl.ly/3O3C1J0l0m3p
Malicious Software (malware): https://cl.ly/1y1D1f1J2J3X
Unwanted: https://cl.ly/2H2k2U0o3F3n
(In reply to Bram Pitoyo [:bram] from comment #17)
> Perhaps we don’t.(In reply to François Marier [:francois] from comment #16)
> > One question: do we need the "Warning: " prefix in the titles? Given the red
> > scary background, it seems implied that this is a warning.
> 
> I agree that taking the “Warning” string out wouldn’t take away the severity
> of our message, and would make our string a bit shorter. Let’s do that.

Looks better!

> Updated mocks below.
> 
> Deceptive (phishing): https://cl.ly/3O3C1J0l0m3p

BTW, the phishing one is still missing the link on "Google Safe Browsing" (as noted in comment 16).

> Malicious Software (malware): https://cl.ly/1y1D1f1J2J3X
> Unwanted: https://cl.ly/2H2k2U0o3F3n

I just re-reviewed Michelle's changes from comment 13 and it looks like there are three things missing.

The first is her suggested change the checkbox copy:

  "[ ] Report errors like this to help Google identify and block malicious sites."

(removing the "we" next to Google)

Secondly, it looks like she removed the period at the end of the main heading for the pages (i.e. "Deceptive site ahead" instead of "Deceptive site ahead."). Maybe we should update that too?

Finally, all of the mocks are missing the second paragraph in the details panels (the one with SUMO links):

  "Learn more about deceptive sites and phishing at www.antiphishing.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org."

  "Learn more about harmful web content including viruses and other malware and how to protect your computer at StopBadware.org. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org."

  "Learn more about harmful and unwanted software at Unwanted Software Policy. Learn more about Firefox’s Phishing and Malware Protection at support.mozilla.org."
(In reply to François Marier [:francois] from comment #18)
> BTW, the phishing one is still missing the link on "Google Safe Browsing"
>
> [and] there are three things missing.
> 
> The first is her suggested change the checkbox copy: 
> (removing the "we" next to Google)
> 
> Secondly, it looks like she removed the period at the end of the main
> heading for the pages
>
> Finally, all of the mocks are missing the second paragraph in the details
> panels (the one with SUMO links)

You’re right on all counts. I’ve fixed these problems. See the mocks below:

Deceptive (phishing): https://cl.ly/133s093C2A3x
Malicious Software (malware): https://cl.ly/3R3P0f3d2824
Unwanted: https://cl.ly/3v0F2K2u3c2u

Hopefully we should be good to go now!
(In reply to mheubusch from comment #2)
> <text>Firefox blocked this page because it may trick you into doing
> something dangerous like installing software or revealing personal
> information like passwords or credit cards.  

As a non native speaker, this feels like a lot to read without pauses (no commas). Also the two "like" so close to each feel off.

I wonder if "something dangerous, for example installing software, or revealing…" would work better.
(In reply to Bram Pitoyo [:bram] from comment #19)
> You’re right on all counts. I’ve fixed these problems. See the mocks below:
> 
> Deceptive (phishing): https://cl.ly/133s093C2A3x
> Malicious Software (malware): https://cl.ly/3R3P0f3d2824
> Unwanted: https://cl.ly/3v0F2K2u3c2u
> 
> Hopefully we should be good to go now!

Looks good to me. I will run these past Google tomorrow to see if they have any concerns.

It would be good to have Michelle take another look too and see if she wants to rephrase anything to address flod's concerns in comment 20.
Google hasn't said anything about the new mocks so we can assume it's fine.

I just realized that Photon also covers Android. Could you please also include a Desktop mock for this one:

The site ahead may contain malware

Attackers might attempt to install dangerous apps on your device that steal or delete your information (for example, photos, passwords, messages, and credit cards).

Advisory provided...

[ ] Reports errors like these ...

See details:

[[website]] has been <a href="">reported as containing a potentially harmful application</a>. You can <a href="">ignore the risk</a> and go to this unsafe site.

Learn more about Firefox's Phishing and Malware Protection at support.mozilla.org.
Blocks: 1375277
Flags: needinfo?(bram)
Thanks for pointing out our Android gap, Francois. Here are the mocks.

Deceptive (phishing): https://cl.ly/1E2F2o2d1X0m
Malicious Software (malware): https://cl.ly/0i1y461W3k3G
Unwanted: https://cl.ly/0j3S161U1m1P

The way it works: instead of the “See details” section being a white box, on Android (and I’m guessing iOS) it’s an opaque overlay over the content that comes with a “Hide details” and a quit “x” buttons.
Flags: needinfo?(bram)
Iteration: 56.1 - Jun 26 → 56.2 - Jul 10
(In reply to Bram Pitoyo [:bram] from comment #23)
> Unwanted: https://cl.ly/0j3S161U1m1P

nit: that one shouldn't have an option to report a detection error.

Are you also able to mock-up the fourth type of warning page ("potentially harmful application") I described in comment 22?

We should have:

- Deceptive (phishing): https://cl.ly/133s093C2A3x (Android: https://cl.ly/1E2F2o2d1X0m)
- Malicious Software (malware): https://cl.ly/3R3P0f3d2824 (Android: https://cl.ly/0i1y461W3k3G)
- Unwanted: https://cl.ly/3v0F2K2u3c2u (Android: TOFIX)
- Potentially Harmful Applications: TODO (Android: TODO)
Flags: needinfo?(bram)
(In reply to François Marier [:francois] from comment #24)
> nit: that one shouldn't have an option to report a detection error.

Fixed below.

> Are you also able to mock-up the fourth type of warning page ("potentially
> harmful application") I described in comment 22?

Yes. Sorry I had misread your message and didn’t realise that potentially harmful application (PHA) is a separate category from malware.

I’ve modified the text a tiny little bit so it lines up with the rest of our copy.

Instead of:

> Attackers might attempt to install dangerous apps on your device that steal or delete your information (for example, photos, passwords, messages, and credit cards).

We say instead:

> Firefox blocked this page because it might try to install dangerous apps that steal or delete your information (for example, photos, passwords, messages, and credit cards). 


Our final list with fixes looks like this:

- Deceptive (phishing): https://cl.ly/133s093C2A3x (Android: https://cl.ly/1E2F2o2d1X0m)
- Malicious Software (malware): https://cl.ly/3R3P0f3d2824 (Android: https://cl.ly/0i1y461W3k3G)
- Unwanted: https://cl.ly/3v0F2K2u3c2u (Android: https://cl.ly/2r0d1A0B0g3M)
- Potentially Harmful Applications: https://cl.ly/0X0T0D1U270w (Android: https://cl.ly/401M3R1o2g25)
Flags: needinfo?(bram)
(In reply to Bram Pitoyo [:bram] from comment #25)
> Our final list with fixes looks like this:
> 
> - Deceptive (phishing): https://cl.ly/133s093C2A3x (Android:
> https://cl.ly/1E2F2o2d1X0m)
> - Malicious Software (malware): https://cl.ly/3R3P0f3d2824 (Android:
> https://cl.ly/0i1y461W3k3G)
> - Unwanted: https://cl.ly/3v0F2K2u3c2u (Android: https://cl.ly/2r0d1A0B0g3M)
> - Potentially Harmful Applications: https://cl.ly/0X0T0D1U270w (Android:
> https://cl.ly/401M3R1o2g25)

That looks really good to me.

Let's get a final signoff from Michelle.
(Assignee)

Comment 27

a year ago
Yes - this is great. Consider me signed off. Thanks, Bram and Francois, for working to get these pages where they need to be.
Flags: needinfo?(mheubusch)

Updated

11 months ago
Iteration: 56.2 - Jul 10 → 56.3 - Jul 24

Updated

11 months ago
Iteration: 56.3 - Jul 24 → 56.4 - Aug 1
Depends on: 1385156
No longer depends on: 1385156

Updated

11 months ago
Iteration: 56.4 - Aug 1 → 57.1 - Aug 15

Updated

11 months ago
Status: ASSIGNED → RESOLVED
Last Resolved: 11 months ago
Resolution: --- → FIXED

Updated

10 months ago
Blocks: 1394464
You need to log in before you can comment on or make changes to this bug.