I last blogged in February about some inadequacies with the SafeBrowsing warning page in Firefox 3. There have been some changes since then, which I think greatly improve things.
Here’s the current warning page in Firefox 3:
Just subtle changes here. Notably, there’s now a small “Ignore this warning” link to bypass the warning and load the site (perhaps putting yourself at risk by doing so), and an additional button to click for an explanation of why the site was blocked.
The changes on the “why was this site blocked” page are more significant. Here’s an example of what you get now:
I like that page is clean and chock full of information about why the site was being blocked. It’s helpful information for the what a user is probably asking — “Can I trust this warning, and should I load the site anyway?” After reading that page, *I* certainly wouldn’t be tempted to ignore the warning: it indicates that the site has been visited recently, that lots of pages on the site are infected, and is better at specifying the exact risk (Here, “Malicious software includes 3 backdoors”. Looking at pages for other sites, I’ve also seen descriptions like “23809 trojans” (!!!), “15 scripting exploits”, and “2 worms”.
I do wonder if the page is a little too detail oriented; normal users might benefit from some sort of brief summary at the top. It’s a fine line between being too vague and being too detailed, because there are so many factors involved. I suppose it’s better to err on the side of too much information, especially if the outcome is the user being scared and overwhelmed — it’s not a site to be visiting!
But being more open can have a downside, if it might lull the user into a false sense of safety or muddles the risk. For example: Does “Part of this site was listed for suspicious activity 3 time(s) over the past 90 days” mean that the site is a dangerous repeat offender, or just that it’s a rare to encounter a problem? Does “Successful infection resulted in an average of 0 new processes on the target machine.” mean the infections are harmless?
Anyway, I don’t think these nitpicks are serious problems, and am glad to see this improvement.
[If you're looking for live examples of malware sites, the StopBadware google group is a good source to find currently blocked pages.]