Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 02-07-2008, 12:00   #10797
tarka
Inactive
 
Join Date: May 2008
Posts: 86
tarka is on a distinguished roadtarka is on a distinguished road
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by davews View Post
Has anybody actually asked Phorm if their anti-phishing protection only does http:// ? I know they don't profile https:// but there is nothing to say that the anti-phishing, largely done on urls, does not. We shouldn't jump to conclusions.

But I would still have far more confidence in my browser in-built anti-phishing than Phorm's variant. They refuse to say which external databases they are using, most others are quite happy to state this.
As far as I am aware it won't be possible to check https url's for phisihing attacks. The first step in the process before any URL is sent is to establish the secure connection with the server, only then is the request sent at which point it is not possible to read the request (unless they have huge computers which will break all of the encryption). The only way they could check it is to intercept the https request and present an intermediate certificate which would cause alerts in your browser indicating a "man in the middle attack".

The only information they can glean is the ip address however to black list an ip address could black list a large number of other sites that would be running on the same server.

---------- Post added at 12:00 ---------- Previous post was at 11:56 ----------

Quote:
Originally Posted by HamsterWheel View Post
I'm certain that Webwise will warn of both http and https phishing sites. I have asked them to confirm this though.
Remember Phorm are a sponsoring member of the AWG http://www.antiphishing.org/sponsors.html and would not be daft enough to offer something that did not cope with a large proportion of phishing attacks.

Also remember that their anti-phishing will not need you to download updates of known sites like most of the norton's etc do, so will be much more up-to-date. So a much better, and free offering than that currently available.
You see - Phorm is simply the best :-)
Antivirus software and browsers (that already provide this protection and CAN check https url's) automatically download the latest phising site lists without any intervention from the user.
tarka is offline