Bug#667050: iceweasel: "Block reported attack sites/web forgeries" should mention its use of Google and allow opt-out

Mike Hommey mh at glandium.org
Wed Apr 4 06:30:29 UTC 2012


On Tue, Apr 03, 2012 at 12:18:51PM -0500, Stephen Crowley wrote:
> Package: iceweasel
> Version: 10.0.3esr-2
> Severity: normal
> 
> Dear Maintainer,
> I was curious about the following excessive access to the url GET
> http://safebrowsing-cache.google.com/safebrowsing/... and realized 
> it
> was coming from firefox by having the "Block reported attack 
> sites/web
> forgeries" option. I consider this network spam a bit of a security
> risk considering all the skullduggery going on with the net these
> days, at the very least the menu option should explicltly state 
> that it
> will bombard google with requests for this data.

Why does it matter that the data comes from google specifically?
BTW, it's only downloading a list or a delta if you already have a list
locally. It's not sending anything related to your browsing. If you
click on help, you're brought to a page that explains the settings, and
which contains a link to a page explaining how the feature works.

Mike





More information about the pkg-mozilla-maintainers mailing list