Home / End-User Implementation of Google - API * SafeBrowsing
22 views
Skip to first unread message
rawcous
Sep 13, 2009, 12:00:08 PM9/13/09
to Google Safe Browsing API
Please forgive me if i'm asking a question that has been posted before
(I have checked, could not locate a similar qu. anywhere). I'm
currently running a Windows FTP server, and a LINUX Web & Mail Server
for my personal domain. I have recently via the Linux machine
registered and received my Google Safe Browsing API. I have read both
the developer & reference guide to this. Whilst running FireFox from
the Linux WebServer, I accessed a site as indicated by google to
contain malware. The browser successfully blocked it: => www.38zu.cn
However, if I access the same site via Firefox, or I.E on my Windows
machine no blocks take place (I was logged into my Google account). My
question is, do I need to manually run the safebrowsing update
individually on each machine, as I thought that the whole idea was
that as long as I initially logged into my Google account on any
machine, using any browser i.e Firefox, I.E, etc that safebrowsing
would be in place, and providing that I started off from the google
search engine page, every URL I entered would be checked against the
block list. Do I need to manually on a regular basis manually update
my list (i,.e via the browser), because I have written a Linux script
to download the latest updates to a location / folder on my web server
utilising WGET. Please advise, & forgive my ignorance.
I have posted this question elsewhere but have only had one reply as
follows:
*********************************************************************************************************************************
D***s has posted an answer to the question "Day-to-day useage of
google safe browsing":
Hi,
IE doesn't utilize Safe Browsing API. Don't expect it to block
anything. IE8 has similar technology from Microsoft though.
Firefox, Safari and Google Chrome automatically check every page you
visit by default. You don't need to do anything yourself. However this
feature can be turned off.
In Firefox it can be done in "Preferences/Security", the "Tell me if
the site I'm visiting is a suspected attack site"
BTW, what version of Firefox do you use? As far as I remember, Firefox
uses Safe Browsing API since version 3.0 only
**********************************************************************************************************************************
My reply:
Thanks for the quick reply. I've just quickly compared my Firefox
security settings on both Windows and Linux - they're identical.
Firefox via Linux blocked the site; whereas via windows no action took
place. Maybe this is due to version differences. I will check to see
if I have the latest Windows version + updates.
Via Linux - Firefox 3.0.13, Windows - Firefox 3.5.1.
I'm confused now - so if Firefox by default has this feature included,
then presumably I don't need to the SafeBrowsing API at all. So in
what cases would the API be utilised, and how i.e per machine, etc.
Please forgive my ignorance. I'm just trying to majke my machines as
secure as possible.
Thanks for reading guys.
(I have checked, could not locate a similar qu. anywhere). I'm
currently running a Windows FTP server, and a LINUX Web & Mail Server
for my personal domain. I have recently via the Linux machine
registered and received my Google Safe Browsing API. I have read both
the developer & reference guide to this. Whilst running FireFox from
the Linux WebServer, I accessed a site as indicated by google to
contain malware. The browser successfully blocked it: => www.38zu.cn
However, if I access the same site via Firefox, or I.E on my Windows
machine no blocks take place (I was logged into my Google account). My
question is, do I need to manually run the safebrowsing update
individually on each machine, as I thought that the whole idea was
that as long as I initially logged into my Google account on any
machine, using any browser i.e Firefox, I.E, etc that safebrowsing
would be in place, and providing that I started off from the google
search engine page, every URL I entered would be checked against the
block list. Do I need to manually on a regular basis manually update
my list (i,.e via the browser), because I have written a Linux script
to download the latest updates to a location / folder on my web server
utilising WGET. Please advise, & forgive my ignorance.
I have posted this question elsewhere but have only had one reply as
follows:
*********************************************************************************************************************************
D***s has posted an answer to the question "Day-to-day useage of
google safe browsing":
Hi,
IE doesn't utilize Safe Browsing API. Don't expect it to block
anything. IE8 has similar technology from Microsoft though.
Firefox, Safari and Google Chrome automatically check every page you
visit by default. You don't need to do anything yourself. However this
feature can be turned off.
In Firefox it can be done in "Preferences/Security", the "Tell me if
the site I'm visiting is a suspected attack site"
BTW, what version of Firefox do you use? As far as I remember, Firefox
uses Safe Browsing API since version 3.0 only
**********************************************************************************************************************************
My reply:
Thanks for the quick reply. I've just quickly compared my Firefox
security settings on both Windows and Linux - they're identical.
Firefox via Linux blocked the site; whereas via windows no action took
place. Maybe this is due to version differences. I will check to see
if I have the latest Windows version + updates.
Via Linux - Firefox 3.0.13, Windows - Firefox 3.5.1.
I'm confused now - so if Firefox by default has this feature included,
then presumably I don't need to the SafeBrowsing API at all. So in
what cases would the API be utilised, and how i.e per machine, etc.
Please forgive my ignorance. I'm just trying to majke my machines as
secure as possible.
Thanks for reading guys.
TQM
Sep 15, 2009, 10:27:57 AM9/15/09
to Google Safe Browsing API
SB API is used by browsers, not by humans directly. Browsers take
updates, they analyse URLs you go to and if they find a match
(according to procedure described in the API docs) they display
advisory that the site is on the list.
SafeBrowsing is useful if you write your own app that will display
URLs to the users and you want to add a warning there or something
along those lines. For example you could check web-proxy logs against
SafeBrowsing lists and see if people go to the unsafe sites.
As a side note - if you want to make your box as secure as possible in
the first place get a good AV product (maybe even one with a firewall
built in) and run as regular user without admin rights. That's a first
step and in fact solves a lot of user created issues.
updates, they analyse URLs you go to and if they find a match
(according to procedure described in the API docs) they display
advisory that the site is on the list.
SafeBrowsing is useful if you write your own app that will display
URLs to the users and you want to add a warning there or something
along those lines. For example you could check web-proxy logs against
SafeBrowsing lists and see if people go to the unsafe sites.
As a side note - if you want to make your box as secure as possible in
the first place get a good AV product (maybe even one with a firewall
built in) and run as regular user without admin rights. That's a first
step and in fact solves a lot of user created issues.
Reply all
Reply to author
Forward
0 new messages