On Thu, Aug 29, 2019 at 8:23 PM Kirk Hall via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On Thursday, August 29, 2019 at 5:07:03 PM UTC-7, Ryan Sleevi wrote:
> > On Thu, Aug 29, 2019 at 6:26 PM Kirk Hall via dev-security-policy <
> > dev-security-policy@lists.mozilla.org> wrote:
> >
> > > > Could you point to the browsing phishing filters and anti-phishing
> > > services
> > > > that do? It might be an opportunity for you to find out how they deal
> > > with
> > > > this, and report back, so we don't have to presume anything.
> > >
> > > Let's hear directly from the experts - can you get someone from Google
> > > Safe Browsing to post to this list, and then we can all ask him or her
> our
> > > questions and get the definitive answers.  Thanks.
> >
> >
> > I think it’s a great idea to hear from the experts!
> >
> > So far, it’s hard to tell who they are, because you haven’t been able to
> > provide any details about who does what you describe. It sounded
> initially
> > like a hypothetical, but now that you’ve stated it’s factual, perhaps you
> > could provide sources? And then ask folks at those organizations and
> report
> > back? It seems that you’re passionate about this, and I can’t think of
> > anyone better suited to demonstrate whether or not this actually happens
> > than someone as passionate for the truth as you. I’m sure you’ll be able
> to
> > find out whether or not the world works like you described and report
> back
> > to us all.
> >
> > Look forward to hearing more about who actually does this, and how they
> > solve the very obvious security risks. I’m assuming that if we don’t hear
> > back, it might mean no one actually does this, or that perhaps no one has
> > solved this obvious security issues.
>
> Uh... Ryan...  some of the experts work down the hall from you.  Google
> Safe Browsing.  This was the question I posed to you:
>
> "Can you get someone from Google Safe Browsing to post to this list, and
> then we can all ask him or her our questions and get the definitive
> answers."
>
> What is your response?
>

Oh, I thought I made it clear, I'm posting in a personal capacity.

As you're the one making the claim, I was hoping you might demonstrate
whether there's any truth. I certainly wouldn't want to bother anyone just
because someone on the Internet said something. I'm sure no one would get
any work done if they had to respond to everyone who had a half-baked idea
about how things might work.

Of course, that also wouldn't help answer the question I asked of you, in
the context of what you claimed:
"Could you point to the browsing phishing filters and anti-phishing
services that do? It might be an opportunity for you to find out how they
deal with this, and report back, so we don't have to presume anything."

What is your response?
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to