Ce site disposera de fonctionnalités limitées pendant que nous effectuons des opérations de maintenance en vue de vous proposer un meilleur service. Si un article ne règle pas votre problème et que vous souhaitez poser une question, notre communauté d’assistance est prête à vous répondre via @FirefoxSupport sur Twitter, et /r/firefox sur Reddit.

Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Ce sujet de discussion a été archivé. Veuillez poser une nouvelle question si vous avez besoin d’aide.

block phishing but do not use google

  • 3 réponses
  • 1 a ce problème
  • 6 vues
  • Dernière réponse par philipp

ohjustinternetstuff
ohjustinternetstuff
more options

> When you download an application file, Firefox checks the site hosting it against a list of sites known to contain "malware". If the site is found on that list, Firefox blocks the file immediately, **otherwise it asks Google’s Safe Browsing service if the software is safe by sending it some of the download’s metadata.**

So a record of any application I download that is not immediately identified as malware is sent to Google?

How can I use the purely local part of this service without sending anything to an external site?

Thanks!

> When you download an application file, Firefox checks the site hosting it against a list of sites known to contain "malware". If the site is found on that list, Firefox blocks the file immediately, **otherwise it asks Google’s Safe Browsing service if the software is safe by sending it some of the download’s metadata.** So a record of any application I download that is not immediately identified as malware is sent to Google? How can I use the purely local part of this service without sending anything to an external site? Thanks!

Solution choisie

as far as i know it's still windows only - just to be sure you could still toggle the browser.safebrowsing.downloads.remote.enabled pref to false though.

Lire cette réponse dans son contexte 👍 0

Toutes les réponses (3)

philipp
philipp
  • Moderator
more options

ohjustinternetstuff said

So a record of any application I download that is not immediately identified as malware is sent to Google?

hi, only information from unsigned executables (or when the signature doesn't check out) will be sent to google's safebrowsing service. the implementation & also how to turn off that remote app reputation check are explained in https://wiki.mozilla.org/Security/Features/Application_Reputation_Design_Doc

Modifié le par philipp

ohjustinternetstuff
ohjustinternetstuff Auteur de la question
more options

Thanks for the reply. In the doc you sent me:

> If a local result is not found, the user-agent may perform a remote-lookup on Windows only.

Is any remote lookup performed on Linux clients (Google or other), or just Windows?


Thanks!

philipp
philipp
  • Moderator
more options

Solution choisie

as far as i know it's still windows only - just to be sure you could still toggle the browser.safebrowsing.downloads.remote.enabled pref to false though.