Tuesday, July 15, 2008

When Irony Attacks! (Mozilla's Attack Site Info Page)

[Update: False alarm. I didn't get the joke. See below.]

I was just trying to go to the Baltimore City Paper site, when Firefox 3 threw up a "Reported Attack Site!" warning (for the following reasons).

I'd seen the attack site warning page a few times but I wanted to find out a bit more about it, so I did a search on firefox attack site. The second result is a mozilla.com site, www.mozilla.com/firefox/its-an-attack.html, so I clicked it. I was surprised -- nay, shocked -- to see that the It's an Attack! page also gave me a Reported Attack Site! warning:

2008_07_15-attack-site

(Oddly enough, the "Why was this site blocked?" diagnostic page says that there is not and never has been anything wrong with the page.)

I'm trying to decide if this is some sort of perverse, "Who watches the watchers?" object lesson in browser security. It's definitely the textbook definition of irony, though.

Minor update: http://www.mozilla.com/firefox/its-an-attack.html (the page you get to via search) is blocked, but http://www.mozilla.com/en-US/firefox/its-an-attack.html (when you navigate from the top level of the site) is not.

Mooting Update: Asa Dotzler of the Mozilla organization responded in the comments -- it's a test page that demonstrates the feature, so it's supposed to trigger the warning for FF3 users (which it says on the page itself). So instead of me being clever, it's another item for the Dumb Things file.

However, in my defense, I do think that given its prominence on the relevant search result page, this approach is a little too "cute" if you're already a FF3 user just trying to find out about the feature -- in order to see the info on the page, you have to click past the warning, and if you're at all security-aware, you might not do this (I know I was hesitant -- I only clicked past because I know there's currently very litle malware that affects Macs).

Also, the /en-US/ version doesn't invoke the warning, which threw me.

6 comments:

kanyixin said...

What does your "Who watches the watchers?" reference refer to? Sometimes on a bus while I'd be looking at someone who was looking at someone else I'd wonder what the longest chain of "a person watching a person who's watching a person who's... " has ever been. Too bad there's no way of knowing. I'll have to keep wondering forever. That sucks.

asadotzler@gmail.com said...

the mozilla.com site is a test site that demonstrates the feature.

Joelogon said...

Asa: Thanks for the response -- I guess if I'd read the page text more closely I would have understood that.

However, since I was already a FF3 user trying to find more info about the feature, I'm wondering if the approach is a little too clever, given the page's prominence in the search results. (In that the only way to see the information is to click past the warning, and as a moderately security-aware user, I was loathe to do that.)

Also, I do note that the http://www.mozilla.com/en-US/firefox/its-an-attack.html page does not trigger the warning, which confused me. So perhaps that's me being too clever.

Joelogon said...

Kim: It comes from the Latin -- it generally refers to the question of authority and government -- if they watch us, who watches them?

kanyixin said...

Oh, that. I don't like thinking too much about the government, it makes me feel like I'm wasting my time. Not like watching the people on the bus watch other people. That's much more entertaining.

asadotzler@gmail.com said...

You're right about the search results ranking making this something of a problem. I'll see if there's anything that can be done about that. I don't think it was ever considered that a test page would become such a prominent search result. Perhaps we need to add the page to robots.txt or something like that.

Thanks for the useful feedback!