Comments on: Should Malware Warnings have a Clickthrough?

By: Harald

Harald — Wed, 18 Jun 2008 19:08:02 +0000

Corey Farwell: Oh boohoo, you poor poor baby. It must have been just AWFUL having to open a browser with malware protection that lets the user take control and responsibility of his own actions. Imagine having to do that every day! I can’t begin to imagine the suffering and anguish!

By: Michael Horne

Michael Horne — Sat, 19 Apr 2008 09:54:33 +0000

Thanks for that plugin for the click-through. Talk about an annoying feature-change from the Mozilla guys!

By: Havvy

Havvy — Tue, 18 Mar 2008 15:06:51 +0000

Create a virtual temp area for the site and don’t let it mess with the rest of the computer or firefox sites?

Don’t let it install anything without a dialouge.

That’s the best solution if it can be coded correctly.

By: On the blink » Malware advises, and how to visit the blocked pages

On the blink » Malware advises, and how to visit the blocked pages — Tue, 18 Mar 2008 14:51:13 +0000

[...] pages (mmmm, maybe the page has been reported as an attack site, and it doesn’t), we can use this useful extension to add a little text at the bottom of the warning that provide us a form to bypass this [...]

By: Blair McBride

Blair McBride — Tue, 18 Mar 2008 11:34:09 +0000

I agree with Peter in that the best solution may be to hide the “ignore” button behind the “why” button.

Unfortunately, at the moment the “why” seems to be mostly overly generic information thats of no use at all (eg, “has malware” when it should be saying “utilizes a flash exploit to gain root access”).

And of course, the “ignore” button should be in a different position to the “why” button, so the user must move their mouse to get to it. Otherwise they’ll just double click, and we’re back to square one.

By: Mook

Mook — Tue, 18 Mar 2008 07:38:07 +0000

Tell me _why_ (as in, specific names of malware) and _when_ it is blocked (clickthrough or not). This will not help the users that would try anyway, but if I see an explanation of some sort I’m more likely to trust you.

Putting the information on a separate page is not useful, because it’s about the same amount of work for me to just go check out the blocked site. I’m a big boy and I know what I’m doing, right?

By: Greg K Nicholson

Greg K Nicholson — Tue, 18 Mar 2008 04:28:30 +0000

Once again, the warnings need to be specific to my OS and browser version. Otherwise, I'll assume that Google are only blocking the site because it affects users of IE on Windows; I'll then do a backflip and drive straight into it.

By: Peter

Peter — Tue, 18 Mar 2008 04:06:30 +0000

I think that hiding the “ignore” option behind the “Why?” button would be a good compromise. Really, you shouldn’t go to the page without knowing why it’s flagged anyway. Also, a good explanation page could satisfy users’ curiosity, warn the stubborn ones more thoroughly, and prevent dangerous click-throughs. Once you’ve seen why the page was blocked, you’re in a better position to make an informed decision.

This would probably be a lot of work, though, since (last time I checked) the Why button took you to some not-very-informative, non-chrome page.

By: Jonas Sicking

Jonas Sicking — Tue, 18 Mar 2008 02:57:36 +0000

Ideal would be if we could disable scripts and anything else harmful. We do have code for that in the tree (several copies even) though it’d be hard to hook that up in time for release.

At the very least disable scripts would go a long way.

Another solution would be the multi-step click-through. Especially if one of those steps showed a screenshot of the site as that would likely satisfy many users curiosity.

By: timeless

timeless — Tue, 18 Mar 2008 00:54:45 +0000

try offering a version where all features are disabled:
(frames, plugins, scripts, animation) [bonus points for disabling links]

this would let people “see” the malware page and view its source without entailing much risk. I suppose the proper version would be to disable the features and then flip into print preview mode (that’d disable links), but you’d still need to somehow expose view-source.