|
|
|
|
|
|
by tialaramex
2433 days ago
|
|
|
You _could_ ask a service like Google Safe Search Just in case you didn't follow any of the previous HN discussion of how that's done consider the URL https://accounts.example.com/tmp/badmojo.exe You (Facebook in this case) run a hypothetical method SafeSearch('accounts.example.com') and also SafeSearch('example.com') and SafeSearch('accounts.example.com/tmp') and SafeSearch('accounts.example.com/tmp/badmojo.exe') SafeSearch(string) is defined as, you do SHA(string) and that's your hash, you compare the start of this hash to a huge list of prefixes that Google provides, which you fetch updates for every few minutes. If there's no match, fine, done. If there's a match you ask Google OK, I saw this Prefix you sent me, what hashes should I be scared of? Google gives you a list of hashes with that Prefix. If your hash in this new list, the original URL was scary, warn users not to visit, otherwise continue what you were doing. |
|
|
I doubt Facebook only wants to detect old threats, reliant on a competitor's standards & practices.