

ThreatExchange - taylorbuley
https://threatexchange.fb.com/

======
buro9
What I hope this is, is an API in which I can test two things:

1\. Information about users

2\. Information about URLs

In the first case, I want to be able to determine whether users on my service
have been responsible for phishing and malware on other sites. A bit like
stopforumspam.com does for comment spam on forums, but for messages that
contain/lead to phishing attempts.

In the second case, I (like most service operators) run outbound links through
a redirect service (of my own). I would like to be able to test a destination
URL against a service and if phishing/malware has been reported, to then
safely provide the user with the information on this so that they can
determine whether they wish to continue their navigation (regardless of what
browser they are using).

The main reason for my wanting to control that second one (rather than leave
it to the browser) is that I want to be able to produce reports and statistics
to highlight in real-time the content I host that points to malware, and then
do something about it. And if it's popular content that is disguised as a real
URL, then at least I can attempt to manually correct the URL by providing an
alternate safe destination.

This is what I hope ThreatExchange provides... outputs that web applications
operators can use to make a safer experience for users of their web apps.

What ThreatExchange actually provides I cannot say, Facebook haven't really
said enough on the site.

