Watered Down Phishing Protection In IPhone OS 3.1? 98
CrazyCanucklehead writes "Security Researcher Michael Sutton discusses his findings when looking at the advertised anti-phishing features in the recently released iPhone OS 3.1. It turns out that the protection is far less than what is provided in OS X and the feature may not provide any protection at all."
Far Less than OS X (Score:5, Insightful)
the iphone in general contains far less than what is provided in OS X so this doesn't come as a surprise to me.
now, whether or not iphone 3.1 phishing protection is a big oversite on apple's part is another discussion and a worthy one at that
Slight catch in that last sentence (Score:3, Insightful)
FTA:
If you work for Apple, please comment on why you went with watered down phishing protection on the iPhone.
If anyone from Apple does comment, we'll not know for sure as they'll not be able to identify themselves sufficiently. As such, everything we do see will just be guesses. Some may make sense and quite probably be right, but who knows...
Re:Far Less than OS X (Score:5, Insightful)
the iphone in general contains far less than what is provided in a real smartphone so this doesn't come as a surprise to me.
There, fixed that for ya!
*ducks*
I've got built-in phishing protection. (Score:5, Insightful)
It works really well. If I don't know how I got to a site, I don't enter my banking information. Simple. It's amazing how well that works. If I get an email from "my bank" asking me to click on a link to verify something, I don't click on the link. If I think that it has the slightest chance of being legit, I'll open a web browser and type my bank's URL in by hand and log into my account. If the original email was legit, I'll be prompted to do whatever it is they need. If I get an email asking me to reply with my username and password, I know it's a scam. How could anyone NOT know that's a scam? It's not frickin' rocket science.
Instead of putting all this effort into anti-phishing technology, we should make people less stupid.
I RTFA (Score:3, Insightful)
That's troubling. Phishing protection that doesn't work is more dangerous than no protection at all. At least if you know you have no protection you'll be more careful.
Re:I've got built-in phishing protection. (Score:4, Insightful)
Instead of putting all this effort into anti-phishing technology, we should make people less stupid.
Rational analysis tells me that's the wrong approach. Inventing a 100% reliable anti-phishing technology is considerably easier than making people less stupid.
Re:Far Less than OS X (Score:3, Insightful)
The difference between Windows Mobile not having phishing filters and the IPhone not having phishing filters is that Windows Mobile never at any point gave you an illusion of protection.
If you haven't been trained on basic internet usage - its VERY easy to fall for phishing attempts. We've been browsing the net for years now, and all it takes is someone who says "You can pay your bills online" for someone to try and google how to do it on their own and then fall into a trap.
I'd say Cross Server Scripting has gotten the best of at least half my friends. Fortunately most of them didn't have any valuable information.
Re:I've got built-in phishing protection. (Score:1, Insightful)
You Can't Fix Stupid - Ron White
Re:I've got built-in phishing protection. (Score:3, Insightful)
Instead of putting all this effort into anti-phishing technology, we should make people less stupid.
You can make people less ignorant, but there is no way to make them less stupid.
You know, it's funny, chicks look at our fashion sense the same way we look at their understanding of the internet.
Re:I've got built-in phishing protection. (Score:3, Insightful)
I agree with your point about no protection not being the best protection, but I don't think that the statistics that you cite demonstrate the point that you are trying to make. The notion that motorcycle crashes in general have a greater incidence of fatality means that behavior that causes crashes will correlate better with motorcycle fatalities than with passenger vehicle fatalities.
A more meaningful number would be something like the number of crashes per vehicle mile. Or perhaps the number of injury-producing crashes per vehicle mile. Even then, a conclusion might be slippery, because motorcycles do not tend to get into minor accidents like parking lot fender-benders, but even a minor motorcycle accident is more likely to produce an injury than a passenger car accident.
Re:I've got built-in phishing protection. (Score:3, Insightful)