This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Google Privacy Abuse

Previous message (by thread): [anti-abuse-wg] Google Privacy Abuse
Next message (by thread): [anti-abuse-wg] Google Privacy Abuse

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Serge Droz serge.droz at first.org
Sat Mar 16 09:45:03 CET 2019

Dear Ac & Fi

That was what I was replying to Fi's comment:

> If opera (like chrome, edge or firefox) check the URL to see if it
> is "dangerous" (a phishing URL etc) then that is logged on their
> end, when it checks the database to see if the link has been
> flagged.


Re:
> It is a simple technical fact that ISP's etc - Do Not Have, receive or
> are able to read the actual URL. - Please do see the https protocol
> itself, for additional information.

Read my answer again: It said they can see it if it is http, but not if
it is https.

Would you agree?

Re Fi's Question:
> Please provide your source of information that chrome browsers rely on a local blacklist.

See https://blog.chromium.org/2012/01/all-about-safe-browsing.html

You can verify this yourself by looking at browser trafic with a MITM
setup, e.h. using sslsplit


Best
Serge




-- 
Dr. Serge Droz
Member of the FIRST Board of Directors       Senior Advisor
https://www.first.org                        https://www.ict4peace.org

Previous message (by thread): [anti-abuse-wg] Google Privacy Abuse
Next message (by thread): [anti-abuse-wg] Google Privacy Abuse

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]