Anti-phishing protection without Google Safebrowsing

by Martin Monperrus

Phishing is a major threat on Internet. Consequently, all major browsers, such as Firefox, embed some kind of phishing protection. The protection consists of detecting whether a URL is a phishing URL and displaying a warning message.

In Firefox, Chrome and Safari, phishing protection is based on Google Safe Browsing (see how it works). In short, Firefox asks Google for a phishing url list every 30-45 minutes, and upon doubt requests for more information to Google's servers (the other browsers do the same). In other words, your browser keeps a constant link with Google, and leaks some information about your browsing activity. Google states that their Safe Browsing service is not used for tracking, and not used for censorship.

For those of us for care about privacy, or want to have a Google-free internet experience, depending on Google for phishing protection is a problem (if you like highly technical reading, read "A privacy analysis of google and yandex safe browsing").

But what are the possible solutions, what are the anti-phishing alternatives which are not based on Google Safebrowsing?

Here are three solutions:

All those solutions are completely independent from Google.

Anti-phishing alternative 1: use a blocker

The first alternative protection against phishing is to use a URL blocker. Such a blocker uses URL blacklists, incl phishing URLs. I recommend to install uBlock origin. The default setup include some lists that contain phishing urls and domains.

Open question: what are the best phishing URL lists to put in uBlock origin?

Anti-phishing alternative 2a: use a protecting DNS (operating system level)

The first alternative protection is to use a protecting DNS. A protecting DNS does not resolve domains that point to phishing or malware sites.

What protecting DNS to use?

Providers IP v4 address
OpenDNS FamilyShield 208.67.222.123
Norton ConnectSafe DNS 198.153.192.40
Comodo Secure DNS 8.26.56.26
Yandex Safe DNS 77.88.8.88

Open question: what's the most effective server?

See also: 6 DNS services protect against malware and other unwanted content

How to setup a DNS server? This is not easy, but many people have tried to explain how to do this, see for instance:

Anti-phishing alternative 2b: use a protecting DNS (browser level)

Firefox now embeds a DNS-over-HTTPS client, see see Configure DNS Over HTTPS in Firefox (network.trr.mode)

You can set it to a protecting DNS-over-HTTPS server, eg https://cleanbrowsing.org/dnsoverhttps.

Anti-phishing alternative 3: use a dedicated extension

The third alternative is install a browser extension that is dedicated phishing protection. One such addon is the Netcraft Anti-Phishing Extension. I have not tried myself this solution.

Open question: what data does Netcraft collect?

 How to disable Google Safe Browsing in Firefox?

Lightweight solution: untick "Block dangerous and deceptive content" in the Security tab of the preferences screen (about:preferences).

However, this does not stop Firefox from downloading the URL hash list. So a better, yet more technical solution is to delete the value of browser.safebrowsing.provider.google.updateURL and browser.safebrowsing.provider.google4.updateURL.

Feedback

Tagged as: