What guarantees of accountability and transparency exist in Mozilla's phishing and malware protections to prevent false positives?
A site of mine has been blocked "because it may trick you into doing something dangerous" etc. The phrasing suggests that you aren't even sure if there is a real problem, but you're blocking it just in case. Nowhere is the cause specified. There are no details of what behaviour or code on the site caused it to be listed, or who listed it, or why. Just a big message saying that this is a Deceptive Site. There's no one I can talk to about this, no way to find out any information whatsoever - there's not even any notification that the site has been blocked. All of which makes it just about impossible to actually FIX whatever is causing this issue (assuming that there is one, and I haven't just been reported randomly by some troll).
So, to sum up: there's no useful information, no transparency and no accountability anywhere in this process. Just Google throwing their weight around and you letting them.
I'm not saying that there is no problem - there may be a legitimate issue that needs addressing. What I'm saying is that the way the Mozilla Foundation has dealt with the problem makes it more or less impossible to actually do that addressing. Who exactly does that help? How does this make anyone's internet experience better?
All Replies (6)
Hi, if this is a red screen it is Google alerting you. Please contact Google phishing/malware to discuss this being removed. Firefox is not responsible for the alerts that Google put. out. Thank you for understanding this and hope you get this resolved as soon as possible. Regards, Firefox Volunteer Support.
Please see this Firefox support article: https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work#w_iaove-confirmed-that-my-site-is-safe-how-do-i-get-it-removed-from-the-lists
If you posted a URL to the website that is purported to be "dangerous" someone here might have an explanation of what is going on to raise that "flag".
This tool might provide information about why your site ended up on the list:
https://transparencyreport.google.com/safe-browsing/search
I don't know if that one is available from the red warning page.
Pkshadow said
Hi, if this is a red screen it is Google alerting you. Please contact Google phishing/malware to discuss this being removed. Firefox is not responsible for the alerts that Google put. out. Thank you for understanding this and hope you get this resolved as soon as possible. Regards, Firefox Volunteer Support.
Respectfully, Mozilla IS responsible. The text on the red screen reads as follows: Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.
Advisory provided by Google Safe Browsing.
Firefox blocked this page, based on an advisory from Google. Since Mozilla is not a subsidiary of Google's, it can choose to do more - like, for example, demanding greater transparency from Google before blocking anyone's site. So yes, Mozilla is not responsible for the alerts Google puts out, but it is responsible for how it chooses to repond to them. And blind compliance isn't good enough.
jscher2000 said
This tool might provide information about why your site ended up on the list: https://transparencyreport.google.com/safe-browsing/search I don't know if that one is available from the red warning page.
Sadly, this site basically just says the same things as the original message with the words moved around - it states that the site may do things, but provides no information as which parts of the site it has a problem with.
You never supplied the URL so why not see what these have to say :