Insert link facilitates phishing attacks

Ethan Blanton elb at
Tue Nov 19 16:33:33 EST 2013

Mark Doliner spake unto us the following wisdom:
> Yeah, there are definitely things we could do to protect our users better.
> On Tue, Nov 19, 2013 at 12:20 PM, Ashish Gupta <ashmew2 at> wrote:
> > The security check could then follow the WYSIWIG approach and always open
> > the link visible instead of whatever is contained in the URL.
> Or at least warn the user and ask which URL they want to open.

This seems very reasonable to me.  If we check the link text and it's
also something that has a URL handler, and but differs from the
target, warn the user.  My only concern is that there might be a
service that escapes entities in one but not the other, etc., causing
false positives -- but we can always try it and find out.

> We could also check links for malware and phishing using Google's Safe
> Browsing API and warn the user.

This I do not support, at least without an option that defaults to
off.  (Perhaps with a prompt to ask the user, before they click on
their first link?)  I'm not a fan of leaking the links sent to someone
in an IM to Google or anyone else.


More information about the Devel mailing list