« Dude. It's a ZOMBIE ROLE PLAYING GAME. | Main | Quick magic update! »

Eric: I think Jim Breuer starred in that movie. You know. *That* movie.

So. Apparently Websnark's been flagged as a suspicious Phishing website by Microsoft.

Let me back up.

Microsoft is a company that is dedicated to the concept of safe internet usage by all, particularly when using their flagship browser, Internet Explorer 7. To this end, they have developed a number of technologies to try and make the Internet a safer and better place. One of those technologies -- highly touted, I would add -- is their Anti-phishing filter. This uses a combination of automatic scanning and user reports to both warn users of potentially dangerous websites that might be stealing their information for nefarious purpose or identity theft.

They... apparently think Websnark is one of those sites. Or they're concerned that it is. The page assures me that a security veteran checked and has reasons for concern.

Uh... huh.

I found this out, by the by, by a couple of readers who sent me information about it. They also used the tool to say "um, no. This website isn't phishing." Because... um... it's a blog.

I mean, bear this in mind throughout this essay. This is a blog. I don't collect personal information on this website. I don't even authenticate users of this blog on this website -- you have to go to the oft-disliked Typekey for that. And if you decide to donate money with the paypal link, you're sent to Paypal to do the donation bits. I don't have any mechanism for storing personal info on this site.

In fact, the only information you can put on this website... are comments. You may optionally include a link to your own website in the comment. But somehow I don't think either of those constitute personal information, and I don't really see how we can call that "collection" to begin with.

So, getting up and opening my mail, and seeing several readers point this out....

...well, I feel like that guy in the movie -- you know, man. The movie -- who is half awake (possibly stoned, though I am not myself stoned and in fact cannot really become so due to smoke allergies, which is not relevant other than in a disclaimatory sense) who has gone to his door at eight A.M. to see Channel 7 News standing there with cameras asking if I would like to comment on the giant robot that's destroying downtown that seems to be made out of my car (license plates included).

You know. That movie. Braveheart, I think. Anyway, I digress.

Getting coffee, I went to the link one corespondent provided, after she mentioned that she went to report me as, you know, a blog and not a phishing site and the response said I would need to go to their form to tell them as the owner of the site that... um... we're a blog and not a phishing site.

So I went.

And discovered that the form will not render on a Macintosh running Firefox.

Seriously. It's a jumble that can't be followed.

So I opened it in Safari.

Same deal.

I stared for a long moment. Now, remember, Internet Explorer is no longer developed for the Macintosh. So the implication here is Mac users have no way to dispute their inclusion on the antiphishing filter.

Do I think this is a nasty master plan on Microsoft's part to encourage people to go to Windows by pissing them off? No. No, I really don't, because that would be stupid and the part of Microsoft that makes decisions like that isn't stupid.

Do I think they halfassed the form and never bothered to do basic cross-compatibility or cross-platform checks?

Yes. Yes I do.

Fine. I go to a Windows box and open the form in Internet Explorer 7.

The form... presumes we are a business.

I admit. I have ads. And I solicit donations. And I've been pimping the auctions and all. All that said... at most this is a sideline. And for the most part it is a blog for blogging things.

But I go through the form. It wants to know why I collect personal information.

I respond that I don't. We're a blog. We don't do anything not bloggish. And the only authentication experience is Typekey, and that's not even done by my website -- it's done by Six Apart.

It wants a link to my privacy statement. This link is required.

I kind of stared at that for a long time.

For the record, I have no privacy statement on my site. This is because I don't collect personal information of any kind. Anything you post in the comments is going to be public because they are comments. That is the entire point of having a comments section. If you don't want your comments public, I trust you will e-mail them instead!

After a while, I link them to Six Apart's privacy policy, since Typekey is the only thing that possibly could be construed as collecting private information on this site, and it's not mine to begin with.

I mention in a few more places that... you know, we're a blog, and we don't collect peoples' information for any purpose, because we are a blog and I'm more interested in writing about crap.

In the comments, I ask for anything -- anything -- they think constitutes a phishing attempt to be brought to my attention, because I'm honestly flabbergasted here. I don't know what the Hell these people are talking about.

I submit it. It promises to get back to me with any change in status.

I assume that for the moment, if you're using Internet Explorer, it will probably warn you that we are suspicious. I have no idea if that will change. Because Microsoft is dedicated to ensuring the highest quality and safest internet experience for users of Internet Explorer.

It's worth noting? Firefox seems to know we're a blog. Just for the record.

Posted by Eric Burns-White at March 28, 2007 10:30 AM

Comments

Comment from: Doug Wykstra [TypeKey Profile Page] posted at March 28, 2007 11:35 AM

Oh, that's why I could get in fine. I use FireFox, have had no problems viewing the page.

Comment from: admanb [TypeKey Profile Page] posted at March 28, 2007 11:46 AM

In Microsoft's defense, they've clearly gone batshit-crazy.

Comment from: Christopher B. Wright [TypeKey Profile Page] posted at March 28, 2007 11:53 AM

Thank you for giving me next week's storyline.

Comment from: J. Channing Wells [TypeKey Profile Page] posted at March 28, 2007 12:10 PM

Hi! My name is Jeffrey Wells, and I live and work in Wisconsin, and I have four dogs and three cats and my credit card number is...

Comment from: Paul Gadzikowski [TypeKey Profile Page] posted at March 28, 2007 12:15 PM

Chris, I'm already laughing.

Eric, I think I'd've finished this post and linked to it as my privacy statement.

Comment from: Christopher B. Wright [TypeKey Profile Page] posted at March 28, 2007 12:23 PM

Eric, I just figured out why your site was flagged.

I'll tell you next week. ;)

Comment from: Eric Burns [TypeKey Profile Page] posted at March 28, 2007 12:27 PM

DOWH!

Comment from: Mike Bierschenk [TypeKey Profile Page] posted at March 28, 2007 7:46 PM

Just to make you feel better, I once used IE to go to Paypal -- you know, Paypal, THE Paypal, I typed in the address myself? -- and Microsoft kindly informed me that they were worried it might be a phishing site.

Thanks, guys. You're a big help.

Comment from: miyaa [TypeKey Profile Page] posted at March 28, 2007 8:09 PM

Just two questions: what exactly is Phishing, and do I have to get a license to phish? (I suppose a third question is, do I blame Nirvana and Kurt Cobain for this?)

Comment from: Prodigal [TypeKey Profile Page] posted at March 28, 2007 8:12 PM

It seems like every time they made an advance of some kind in IE (especially the good kind like the tabbed browsing, which I like better than any other browser's version so far due to things like being able to drag tabs to different spots in my bar and suchlike), they find a way to add a balancing amount of stupid in to keep it from being as good as it might otherwise have been.

Comment from: Prodigal [TypeKey Profile Page] posted at March 28, 2007 8:16 PM

Miyaa - Phishing is the term all the cool kids came up with for people who try to get you to give up personal information. One of the most basic versions is the email from "Paypal", telling you that something's wrong with your account, and could you please click the link they provided in order to fix it?

The site it links to is, of course, not Paypal, but rather one that will save the email address and password the suckers who fall for it provide. They've got more sophisticated methods now, but I figured that was enough to get you clear.

If you were just joking, of course, then I must vow vengeance upon you for phishing me into typing out a serious answer. ;)

Comment from: kirabug [TypeKey Profile Page] posted at March 28, 2007 8:45 PM

Gahd. If you're not running IE 7, how would you know if you were being flagged as a phish? Eric, good luck!

Comment from: Axonite [TypeKey Profile Page] posted at March 28, 2007 9:34 PM

Shouldn't that be phlagged as a phish?

Comment from: Godspiel [TypeKey Profile Page] posted at March 29, 2007 12:48 AM

(especially the good kind like the tabbed browsing, which I like better than any other browser's version so far due to things like being able to drag tabs to different spots in my bar and suchlike)

Firefox does that now. What I'd REALLY like it to do is allow me to move a tab from one browser window to another.

Comment from: NathanielK [TypeKey Profile Page] posted at March 29, 2007 3:16 AM

The Tab Mix Plus extension adds "Move Tab to New Window" functionality, along with so many other features, I don't even know what some of them DO! That's one of the things I like best about it: anything about the program you find annoying, somebody has probably fixed with an extension.

Comment from: Leticia [TypeKey Profile Page] posted at March 29, 2007 4:20 AM

I have to say - Opera can mask as IE, and is available on Mac. (Also, Linux. Also, Windows. Also, your Wii.) (Also, Opera, or at least the full desktop version, natively allows you to tabs between windows, or rearrange them, and... I'm going to go hide now before I get carried away.)

So, this means you've stolen my identity now? Gasp.

Comment from: Elizabeth McCoy [TypeKey Profile Page] posted at March 29, 2007 7:49 AM

Sometimes, in my experience, masking as IE doesn't work. It's simply a case that one's non-IE browser is not using Microsoft propitiatory pseudo-java, so the things built with those lines of code send the code to your masked browser, which promptly goes, "...the argle flies at tea-time? What are you on, dude?"

Comment from: Matt Buchwald [TypeKey Profile Page] posted at March 30, 2007 8:28 AM

especially the good kind like the tabbed browsing, which I like better than any other browser's version so far due to things like being able to drag tabs to different spots in my bar and suchlike

You do know that FIrefox has allowed this behavior for... I dunno... A long time. Since well before IE7. I forget the specific version update that did it, but it was before 1.5, I believe. Either way, use what you like.

I personally dislike IE7 because of a whole not of not-quite-tangibles (as opposed to intangibles). Some things don't feel right with it. I think the whole phishing thing would be enough to turn me away again should I have liked IE7.

Comment from: glych [TypeKey Profile Page] posted at April 2, 2007 12:48 PM

I knew it all the time... That explains the subtle lapses in updates. That's when you're spending the pennies you've stolen from us!

-glych

Comment from: Eric Burns [TypeKey Profile Page] posted at April 2, 2007 12:54 PM

Mu hu hah hah hah!

Comment from: Christopher B. Wright [TypeKey Profile Page] posted at April 3, 2007 8:29 AM

... and now you know.

Comment from: theFraser [TypeKey Profile Page] posted at April 13, 2007 1:21 AM

You could always perform a browser check on people surfing to your site: Let IE users see a screen reading something like: We apologise, but Internet Explorer does not meet our stringent security and quality specifications. For your own safety, browsing this site has been disabled in IE. To continue,we recommend browsers such as...

Fight the powah, down wit da man etc. ;-)

Comment from: theFraser [TypeKey Profile Page] posted at April 13, 2007 1:22 AM

You could always perform a browser check on people surfing to your site: Let IE users see a screen reading something like: We apologise, but Internet Explorer does not meet our stringent security and quality specifications. For your own safety, browsing this site has been disabled in IE. To continue,we recommend browsers such as...

Fight the powah, down wit da man etc. ;-)

Post a comment

Thanks for signing in, . Now you can comment. (sign out)

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


Remember me?