Hello malware fighters,
You have the anti-phishing protection with the google blacklist, but when you use the ipobfuscator at
http://ha.ckers.org/xss.html#ipobfuscate you can create IP addresses hat don’t match what is in the anti-phishing list. But it’s worse than Jungsonn reported even.
That’s right, go to any phishing site and add in a QUERY_STRING to the end of the URL and poof, no more popup. What a bummer. I was really hoping they would do something a little smarter with this. Unfortunately with this knowledge it is extremely easy to defeat the anti-phishing detection built into Firefox’s newest browser.
The QUERY_STRING issue is a tough one to solve, because where do you know to compare against? The IP address issue that Jungsonn came up with really bothers me. Why would you use the URI field to do comparisons instead of the IP address that it is normalized to? Is it an oversight? Oh well, I hope they fix this soon.
According here:
https://bugzilla.mozilla.org/show_bug.cgi?id=367538 they have not done so, but WOT blocks even the obfuscated addresses:
https://addons.mozilla.org/en-US/firefox/addon/3456polonus
