Anti Phishing Daemon For GNOME


The goal of this project is to add a way to advertise the user about possible tentative of phishing when browsing.

The fact is that people are quite confused by the warnings about bad certificates used by websites. This can lead to them finally just click to hide the warning and get the content. That's why we will warn the user not about a wrong certificate being used but about real tentatives of phishing.


We will use for this project the Google Safe Browsing API. The Google Safe Browsing API allows one to check URL against a database of URL suspected of phishing or containing malware. More precisely we will use the Google Safe Browsing API v2 which allows off-line checking for privacy and performance concerns.

This feature will be implemented as a daemon providing a DBus API allowing others applications to check URL.

Comments And Suggestions

If your application is interested by the project and/or you want to take part to the specification process, your comments and ideas are welcome (feel free to edit this page).

Google Summer Of Code

Due to the re-installation of my server after a crash, the following reports are not available any more.

Report 1

Done with exams, let’s start!

Report 2

First goal achieved

Report 3

Final straight!

Report 4

Final report

Help on using the daemon

The daemon can be given two options to modify it's behavior:

  • --file or -f followed by the location of the database. Default to $XDG_CACHE_HOME/anti-phishing-daemon/anti-phishing-daemon.db.
  • --verbose or -v to print debugging informations.

If you want to interact with the daemon from your programs, look at the very simple code sample below:

AntiPhishingDaemon * anti_phishing_daemon_proxy = anti_phishing_daemon_proxy_new_for_bus_sync (G_BUS_TYPE_SESSION, G_DBUS_PROXY_FLAGS_NONE, "org.gnome.AntiPhishingDaemon", "/org/gnome/AntiPhishingDaemon", NULL, NULL);

gboolean match_found;

if (! anti_phishing_daemon_call_check_url_sync (anti_phishing_daemon_proxy, url, & match_found, NULL, NULL))
        g_print ("Error during the DBus method call\n");
        if (match_found)
                g_print ("Warning!\n");

You can issue async call if you prefer using anti_phishing_daemon_call_check_url_sync and anti_phishing_daemon_call_check_url_finish.

You can also query the state of the backoff mode with anti_phishing_daemon_get_backoff_mode. The backoff mode is entered when errors happened during database update and the results returned by check_url may be false negative. The method return TRUE when the daemon is in backoff mode, FALSE otherwise.

You can connect to the backoff_mode_entered and backoff_mode_left signals to be warn when entering or leaving the backoff mode.

Git repository

Google Safe Browsing API developers page.

Outreach/SummerOfCode/2012/Projects/YannSoubeyrand_AntiPhishingDaemon (last edited 2013-12-03 18:33:54 by WilliamJonMcCann)