Saturday, 19 July 2008

Firefox Phishing ignores user' ignore.

Firefox does not allow you to ignore the Phishing warning sometimes because of two stupid bug even if you know this is not a Phishing site.
This is because of bugs: 435081 and 442929
A quick BUT DANGEROUS workaround is to change two config values:
browser.safebrowsing.enabled=false
browser.safebrowsing.malware.enabled=false
which disables safebrowsing.

Please note
:

- Always enable this feature again right after you finished browsing the site you wanted. Besides does not open any other site meanwhile.

- You might believe this is not dangerous to disable safebrowsing on a site you know but this is FALSE.
A cracker can crack the site and can put dangerous code snippets on the page without anybody noticing that.
Even the site owner does not know about it. The code snippet can sit silently on the server and nobody can see that but can infect machines. Of course since the Phishing protection used by Firefox is black-list based somebody - or something - has already noticed and reported the site. If the site was hacked the owner should be informed and should correct the page. If the site was build intentionally you should get out of this immediately.