Robert Sayre wrote: > I think it should stop us from covering our UI in green bars and locks > that are trivial to spoof in content. We know users aren't very good at > distinguishing chrome from content in the first place, and even my bank > site looks like a scam--it's got some corny lock gif right there next to > the form.
What I find amusing is the fact that even after attacks in the wild that hides the status bar in MSIE and shows an image which fakes the status bar and lock, they still want a uniform interface to make it easier for fraudsters to fake in future. -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
