growl

Automatically flags and neutralizes suspicious webpages, helping protect users from phishing, fraud, and other digital scams.

Online safety through programmatic vigilance. ❌ 💻 👤 ⚠️ 🌐 🛡️ 🚨 growl is a scam-prevention tool. It automatically sniffs out and defangs suspicious webpages, helping prevent phishing, fraud, and other digital scams. When a webpage is flagged as potentially suspicious, users must "opt in" in order to interact in certain ways with the site, like inputting credit-card data, personal information, or otherwise sensitive content. As such, growl complements built-in browser security measures such as Google Chrome's Safe Browsing feature, providing additional content-filtering protections to enhance digital security. growl is lightweight (and minimally obtrusive) -- but always has your back. It functions like a digital guardian or shoulder angel: As you browse, the extension is working hard in the background to detect threats and swinging into action to preempt them. Moreover, growl acts as a cybersecurity conscience of sorts, reminding users to stay vigilant with pop-out warnings upon detection of a suspicious site. The computer security principles of "zero-trust" and "security by default" inspired growl's core functionality, along with the simple adage "better safe than sorry". Features 🚀 ````````````````` ⭐ Input Blocking and Warning On page load, if the following two conditions are both met, automatically block input elements (with stylized growl placeholders), removing the user's ability to interact with them, and display a popup notification (in which the user has controls to turn this behavior on or off). 1. The page is classified as potentially untrusted. 2. There are input elements on the page. Exception: If user has previously whitelisted the site (either temporarily or persistently), the above behavior is overridden. The popup is still displayed, however, to remind the user the domain was initially classified as potentially suspicious, and to give them the opportunity to toggle back the controls. ⭐ Disable Blocking and Whitelist The extension's popup UI gives the user the opportunity to control growl's behavior on the site now and in the future (that is, to remember the user's choice in future browsing sessions) through interactive buttons. Detection Algorithm 🔎 ````````````````````````````````` For our prototype (major version zero) releases, a "dumb" -- but effective -- detection algorithm is used to identify potentially unsafe websites. In particular, *any* webpage will be flagged if it meets both of the following criteria: 1. It resides on a very unpopular website. 2. It contains interactive text content such as form input fields. A **very unpopular website** is defined as one whose popularity rank is outside the top 1-million domain names on the internet, according to Tranco (https://tranco-list.eu/), an independent open-source project that ranks sites using a robust formula to combine data aggregated from several sources. Read more about their methodology at https://tranco-list.eu/methodology. This bare-bones detection algorithm is fundamentally ***heuristic***. It provides a simple yet highly effective way to combat digital fraud and scams, given that most occur on sites that receive little traffic. False alarms (false positives) are rare, as normal users don't visit highly unpopular sites very often. And when such false alarms occur, they're of little consequence -- the user can easily dismiss them if they're confident there's no threat, while the notification serves as a reminder to remain vigilant. (Note that false negatives are, of course, possible. This occurs when the algorithm fails to classify a malicious site as such---consequently, growl would fail to block content and fail to warn the user. But no security product or detection algorithm is perfect, and in the field of cybersecurity, we can never expect to fully eliminate all risk. Still, security practitioners strive to reduce risk to an acceptable level by adopting defensive tools, policies, and behaviors. growl is intended to be used as *one of many* defensive security mechanisms to achieve the goal of risk reduction---not as the only defense!) Future releases will hone the detection algorithm. A major enhancement we have planned on the horizon is "smart" detection -- leveraging machine-learning techniques and artificial intelligence to assess site trustworthiness. See the growl docs at https://canine-cyber.github.io/growl-docs/overview for more information.