add slashdot-style phishing protection

RESOLVED WONTFIX

Status

MailNews Core
Filters
RESOLVED WONTFIX
13 years ago
10 years ago

People

(Reporter: Chris Thomas (CTho) [formerly cst@andrew.cmu.edu cst@yecc.com], Assigned: Chris Thomas (CTho) [formerly cst@andrew.cmu.edu cst@yecc.com])

Tracking

Trunk
x86
Windows XP

Firefox Tracking Flags

(Not tracked)

Details

(URL)

For simple HTML, we should have each link followed by something that indicates
the actual URL it points to, so if I had a link pointing to evil.com that read
"http://good.com/enter_your_pin", you'd see:

http://good.com/enter_your_pin [evil.com]

I know the status bar shows the URL, but this is added protection for the 99/100
times when I don't look at the status bar before clicking a link.

I thought about requesting this for "Original HTML", but came up with too many
ways somebody evil could get around any solutions I could come up with.
Status: NEW → ASSIGNED

Comment 1

13 years ago
Compare 278490, solution 1.

As discussed at length on IRC yesterday, I am against this. I would like the
Simple HTML be perfectly readable, and this interferes a lot with the text, esp.
if you use links inline.

And it doesn't help in all cases, e.g. grandma won't know what "eBay
[216.117.155.116]" implies. (Real example from bug bug 278460 comment 1).

Compare bug 254913, which I think is a good idea (but won't help in *all* cases).
(In reply to comment #1)
> Compare 278490, solution 1.
Doesn't work - that shows the entire URL.

> And it doesn't help in all cases, e.g. grandma won't know what "eBay
> [216.117.155.116]" implies. (Real example from bug bug 278460 comment 1).
As some of the related bugs show, Eudora apparently warns users that legitimate
sites rarely use numeric IPs.

> Compare bug 254913, which I think is a good idea (but won't help in *all* cases).
My problem with phishing detection is that we really screw the inexperienced
user if we *occasionally* fail to a scam.
Status: ASSIGNED → NEW
Keywords: helpwanted
WONTFIXing.  I'll deal with a port of bug 279191.
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Keywords: helpwanted
Resolution: --- → WONTFIX
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.