block phishing but do not use google
> When you download an application file, Firefox checks the site hosting it against a list of sites known to contain "malware". If the site is found on that list, Firefox blocks the file immediately, **otherwise it asks Google’s Safe Browsing service if the software is safe by sending it some of the download’s metadata.**
So a record of any application I download that is not immediately identified as malware is sent to Google?
How can I use the purely local part of this service without sending anything to an external site?
Thanks!
Chosen solution
as far as i know it's still windows only - just to be sure you could still toggle the browser.safebrowsing.downloads.remote.enabled pref to false though.
Read this answer in context 👍 0All Replies (3)
ohjustinternetstuff said
So a record of any application I download that is not immediately identified as malware is sent to Google?
hi, only information from unsigned executables (or when the signature doesn't check out) will be sent to google's safebrowsing service. the implementation & also how to turn off that remote app reputation check are explained in https://wiki.mozilla.org/Security/Features/Application_Reputation_Design_Doc
Modified by philipp
Thanks for the reply. In the doc you sent me:
> If a local result is not found, the user-agent may perform a remote-lookup on Windows only.
Is any remote lookup performed on Linux clients (Google or other), or just Windows?
Thanks!
Chosen Solution
as far as i know it's still windows only - just to be sure you could still toggle the browser.safebrowsing.downloads.remote.enabled pref to false though.