Well, it’s secondary data. It’s meant for when the primary source isn’t giving an indication. We have a primary mechanism in Firefox called Phishing Protection. This secondary data will certainly help instill confidence if you check it before, say, engaging in a large financial transaction at what you presume to be your banking site.

Presumably we could use this data to inform the Phishing Protection feature, but I don’t think it’s sufficiently authoritative to use to block access to a site. There was a time when you had not yet visited your bank for the first time. It’s really much more useful for confirming the good than warning against the bad.

I think I see where you are going with this now.

This would be different from the built-in phishing protection available in Firefox 3. Maybe supplement that existing warning process and put that information up front for the user to consider…especially important if the suspected phishing site hasn’t yet made it as an inclusion in the badURL phishing list database that Firefox 3 would be using.

Maybe someone would be able to develop an extension that provides a site visit-counter view; maybe a window-shade format that briefly appears then disappears after you visit a site and the URL is cross-matched against the URL history in the database. Or possibly some icons in the toolbar or status bar with a counter to show how many times you’ve visited the site (main URL / sub-page URL).

Definitely some new things for developers to work with here.

As you say, assuming that the user isn’t in the habit of deleting their browsing history.

Quote: “…it’s too bad that Firefox doesn’t somehow utilize that data to show a user a warning if it believes it is a phishing site.”

Firefox 3 will do that, if enabled. It actually now sets two levels of protection: Protection against phishing sites and protection against “attack” sites.

I understand that Firefox has the anti-phishing mechanisms, but I’ve read nothing that says it utilizes the number of times a user has viewed the site to help determine its validity. I may have missed it in your article, but I did not see anything about it specifically using this information.

Quote: “…it’s too bad that Firefox doesn’t somehow utilize that data to show a user a warning if it believes it is a phishing site.”

Firefox 3 will do that, if enabled. It actually now sets two levels of protection: Protection against phishing sites and protection against “attack” sites.

See this related post of mine for issues related to these features:

Firefox 3 Security Blocker: Going In Deep – [grandstreamdreams.blogspot.com]

It uses another SQLite database file for this information, obtained (currently) from Google’s own identification of such (potentially) malicious sites.

There is also an interesting follow-on thread in the comments of that post that developed regarding some conclusions a fellow Firefox fan and researcher has offered regarding user privacy with this feature.

Cheers.

It’s not just cool to be able to see some visit statistics. The primary value is that you can make a good identity decisions with it. You’re probably at your bank, for example, if you’ve visited the site 200 times before and saved a password. You’re probably at a phishing site impersonating your bank if you’ve only been there this one time and never saved a password for this site. This kind of secondary identity information can go a long way to helping you protect yourself online.

That is very true, but it’s too bad that Firefox doesn’t somehow utilize that data to show a user a warning if it believes it is a phishing site. I definitely like the idea that you can check the data, but I have a feeling that people will know they are visiting a phishing site before they go and check that data. And they would have to suspect the site as being a phishing attack before it would cross their mind to check that. There’s just gotta be some way that it can be utilized as more of a precautionary measure.

@Ryan: I thought you were an Opera user. Have you switched or do you browse the web so much with both browsers that it’s creepy?

I use both quite regularly. That way I keep up on what both technologies have to offer. I’ve been leaning more towards Firefox 3 than Opera lately though thanks to the much improved memory performance.

As Claus pointed out in an earlier comment there does seem to be some great things happening in the background with Places.

They are still polishing it up though. I mean it wasn’t until the last Beta that they actually got nearly all aspects of the new theme added. And they probably want to make sure extension developers have time to update their extensions.

It’s something that a lot of people probably wouldn’t notice. I have a feeling that someone will develop an extension that displays this number in the status bar.