Chrome Canary’s anti-phishing beta feature fails its flight test, security company says

chrome canarys anti phishing beta feature fails to work as intended google

If you spend a considerable amount of time on the Web, then you likely already know that phishing is a fact of life. Google knows this too, so in an effort to help people sidestep such dangers, it has been working on a feature called Origin Chip. 

However, Web security firm PhishMe says that while Origin Chip is designed to strip out a URL down to its bare essentials to make it easier to determine whether you’re the target of a phishing attempt, it sometimes does the opposite.

“We’ve discovered that if a URL is long enough, Canary will not display any domain or URL at all, instead showing an empty text box with the ghost text Search Google or type URL,” Aaron Higbee and Shyaam Sundhar of PhishMe said. “This creates a golden opportunity for attackers to carry out data-entry phishing attacks.”

Instead of displaying, for instance, Amazon.com or Netflix.com, a flaw in Origin Chip could shroud the entire URL altogether, which makes it impossible for you to determine whether you’re on a legitimate site or not just by looking at the URL in your browser’s address bar. Google has incorporated the feature into Chrome Canary, a version of the tech giant’s web browser that’s geared towards developers. 

Higbee and Sundhar suggest that “a potential solution would be to keep the entire URL intact, but put a visual focus on the root domain.” Perhaps color-coding the root domain with hues like green for “safe” and red for “unsafe” could go a long way towards decreasing the likelihood that an average user falls victim to a phishing attempt.

With that in mind, it’ll be interesting to see how Google will tackle this problem in future releases of Chrome.

What do you think? Sound off in the comments below.

Product Review

Canon Pixma Pro-10 review

If you plan to put those digital high-resolution images you’ve shot with a DSLR onto paper, Canon’s Pixma Pro-10 will deliver gallery-quality prints. Just don’t expect it to be speedy.
Computing

Wi-Fi vulnerability could allow attackers to steal your data on unencrypted sites

A 20-year-old security flaw in the design of the Wi-Fi standard and how computers communicate using the transmission control protocol could allow hackers to perform a web cache poisoning attack to steal your data and login information.
Home Theater

Google Chromecast and Chromecast Ultra: Everything you need to know

Google's Chromecast plugs into your TV's HDMI port, allowing you to stream content from your tablet, laptop, or smartphone directly to your TV. Here's what you need to know about all iterations, including the 4K-ready Chromecast Ultra.
Mobile

Be an online phantom and web surf safely with Ghostery’s mobile browser

Keeping your private information to yourself has become progressively harder in the internet age. If you're worried about your personal information, check out the new version of the Ghostery browser for iOS and Android.
Computing

Google tried to kill ‘www,’ until Chrome users protested the change

Google is on a warpath with URLs, but critics forced Google to continue displaying the "www" and "m" portion of a URL in Chrome's search bar, but Google announced that this will once again change in Chrome 70.
Virtual Reality

Walmart stocks its stores with VR training for its employees

Walmart will begin rolling out virtual reality training experiences to all of its stores this year with the power of Oculus Go. More than 6,300 stores will receive the new technology, helping the company train its employees.
Product Review

The powerhouse Alienware 17 R5 will leave your desktop in the dust

With a 17-inch display and a chassis weighing in at nearly 10 pounds, the Alienware 17 R5 is truly massive. Between its weight and its hardware, it’s certainly outfitted like a gaming desktop so let’s find out if it performs like one.
Computing

Tap Strap wearable keyboard gains support for VR applications

TAP System's wearable keyboard gains support for virtual reality, now compatible with Windows Mixed Reality, Oculus Rift, and HTV headsets. Type and tap for up to eight hours in VR without needing to look at a physical keyboard.
Deals

Walmart takes $380 off the MacBook Air for a limited time

Walmart is offering a steep discount on the MacBook Air. Though the $380 discount is lovely, this offer comes with an extra charger to sweeten the deal. If you're looking to pick up an Apple MacBook for less, now is an excellent time.
Computing

PDF to JPG conversion is quick and easy using these simple methods

Converting file formats can be an absolute pain, but it doesn't have to be. We've put together a comprehensive guide on how to convert a PDF to JPG, no matter which operating system you're running.
Computing

Documentation shows data recovery possible for Macs with T2 coprocessor

New documentation from Apple shows that data recovery is indeed possible for Macs with T2 Coprocessor thanks to internal diagnostics software, giving users of the 2018 MacBook Pro new hope in the event of a system failure.
Computing

Smart Reply not smart enough? Desktop Gmail users can soon opt out

Google will soon give desktop Gmail users the ability to opt out of Smart Reply. If you'd prefer to compose a short email the old-fashioned way, you can do so without seeing the auto-generated suggestions in the future.
Computing

Edit, sign, append, and save with 12 of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Product Review

The HP Chromebook x2 takes Chrome to the next level

HP’s Chromebook x2 acts a lot like Microsoft’s Surface Book 2, with a well-equipped tablet that plugs into a keyboard base that’s heavy enough to keep the combination mostly stable. Is this premium Chromebook the best one you can buy?