iPhone 3.1 – Anti-Phishing Feature Non Functional?
I noticed several postings about the failure of the new anti-phishing features supplied in the recent iPhone 3.1 release. What now appears to be known is that it is working as designed, but there is little to no easy avenue for the end-user to confirm that it is working.
An interesting recap of information regarding this ill-understood security feature in OS 3.1 can be found here by Sarah Perez. Referencing the solution as told to Jim Dalrymple by Apple..
The solution is to:
Launch the Safari web browser Connect to a Wi-Fi network Charge the iPhone with the screen off It appears so far that even if you follow the quirky instructions, there is no easy way to confirm that the phishing updates are on the device.
However, after finding some suspected phishing sites over on http://www.phishtank.com, I tried one on my iPhone and I did get the “Warning: Suspected phishing site” warning message. So it would appear that I have mine syncing through iTunes and getting the necessary Safari updates at some point while charging..
As for 3rd party anti-phishing applications for the iPhone, I found one here that looks nifty:
http://quinagh.com/sitecheck/
But all of this begs the question on how you could better manage this in an enterprise environment. Right now this is one security feature that is hit and miss I feel so I hope it will be further updated in future updates..
|\\arco..