Trend Micro debuts iPhone app for safe browsing

Security firm Trend Micro has released a free iPhone application that incorporates its Smart Protection Network (SPN) into a browser to protect users from malicious websites while surfing the web on the device. ‘Smart Surfing’ uses the Mobile Safari engine, although it doesn’t replace the device’s default browser.

As a user surfs from site to site, the bar changes color depending on the site’s rating. The progress bar stays green when loading, and a check mark is displayed by the URL for safe sites. The bar is gray for unrated sites, and will turn red and block a site if it’s unsafe.

When a site is blocked, a page appears describing the type of threat and the page’s rating. A user will not be able to view these sites within Smart Surfing. They would, however, be able to contact Trend Micro if they feel the rating is in error.

The SPN made its debut last year, part of an effort by Trend Micro to take on Web threats “in the cloud.” Cloud-based protection has a number of benefits, including the ability to cull threat data from a number of sources and negating the need to download updated virus definition files to keep protection up-to-date.

Trend Micro offers three user-selectable levels of protection: “Low,” which only blocks sites with a very poor reputation; “Medium,” which provides protection without blocking most web sites; and “High,” which only lets you view sites with the highest reputation.

I put the application to the test, using some verified phishing links from PhishTank, but I couldn’t get any of the links I tried to trip off a block. It could be that these sites were fairly new, but that kind of defeats the whole “in the cloud” purpose of SPN. The more obvious unsafe links, such as blatant PayPal and eBay spoofs, seemed to work, however.

There’s also the issue of unwarranted blocks: I asked Trend Micro how users would deal with that issue if it arose and they couldn’t access sites they trusted. According to the firm, the user would have to set the detection level to Low, and failing that, exit the application altogether and use Safari (which doesn’t sound like much of a solution). I’m not sure if misidentification has proved to be a problem with the app. My search for instances of unwarranted blocks with the SPN came up empty, and the company didn’t respond when I questioned them on it.