XBlock By Actiance - Home
Someone Spying on You? Fight Back!
Currently 25,860,543 Spy Software Busted!

The Anti-phishing Tool Bar Controversy...

by Christopher Boyd

Date: 09.30.2005

There are lots of rumours circulating at present, regarding the Antiphishing toolbar from Netcraft. These rumours have circulating? as far back as May, claiming that the toolbar itself contains "spyware". Like most things labeled spware, it depends on your point of view; whether you think cookies areevil, and whether the price you pay for some phishing protection is a little personal data sent back to base. With that in mind, let's continue...

The Install

There seems to be nothing unusual here. Firefox pops up the "blocked" install message, and you have to manually add the Netcraft site to the list of allowed sites.

When the install is initiated, a popup appears which seems to have caused concern in end-users, but it is simply a javascript popup describing what is going to happen - Netcraft being helpful.

This is a good example of what can happen when panic takes hold needlessly - not every popup is a bad thing. Then you get another clear message, indicating what will happen when you restart Firefox - for something that is supposedly doing something untoward, the toolbar is very clear with its disclosure!



In Practice

I tried the Toolbar out on a number of phishing sites - it blocked all of them (example here). I had no false positives and the tool uninstalled with no problems, but I only tried a limited selection of sites. Remember, here I'm primarily looking for "unusual" behaviour. The issue is - I didn't find any.

In Closing

Here we have a case of what the value proposition is for the customer. The toolbar privacy policy clearly states what the tool will do - from the agreement:

# Information Automatically Logged We use your IP address to help diagnose problems with our server and to administer our Web site. Your IP address may also used to display regional advertising banners.

# Advertisers Sometimes advertisers may use third party banner servers to display banners on our site. These servers are not under Netcraft's control.

# Cookies Netcraft uses cookies in areas of the site requiring authentication, and as part of its banner serving system.

Now, it has been mentioned on numerous sites as indicating that end-users should be looking out for popups, banner ads and other things associated with Adware, and that it tracks users for "hidden" purposes. But look again - it doesn't say this applies to the toolbar. It says these ads are on the website. And "banner serving system" has to refer to the website too - banners served by a toolbar wouldn't be very big to look at! No, the issue here is that the terms for the toolbar and the terms for the website don't appear to have been separated well enough. Or at least, they have, but not enough for the average end-user to understand. This is despite the fact that the article clearly states lower down the page that the toolbar collects the below (under the heading of Netcraft toolbar!):

* A unique identification reference is generated for each Toolbar installation. This is sent back to us when the Toolbar attempts to download updated versions of its software and is used for planning and licensing purposes. This is not sent as part of the Toolbar's normal operation when browsing the web.

* Web sites (not URLs) visited when browsing the web. These are used to provide contextual reports and popularity ranking information for the site being browsed.

* Secure hashes of URLs visited when browsing the web. These are used to defend against phishing sites by comparing the hash against a list of hashes of previously reported phishing URLs and blocking the page if a match is found. There is no other case in which we can determine the URL of the page you have visited from the hash which we receive.

* The Toolbar does not collect any personal information except that described above. In particular, we do not collect personal information which can identify the browsing habits of individual users.

So we can see that, although Netcraft has made every effort to make clear what the toolbar does, there is still confusion in the end-user's mind with regards what the software actually collects. The interesting question is, what can Netcraft and companies like them, and (more importantly) the end-users do to clarify these issues? It's a question with no easy answers, but as the above has illustrated, these days even producing a tool designed to increase security can be filled with unintentional perils.

This article is copyright 2005 by XBlock.com.
It may not be reprinted or copied without the express written consent of the author.

Read other articles (back to full list)

© Copyright 2003-2011, Actiance, Inc. All rights reserved.   Privacy Policy