On Wed, 14 Feb 2007, beltzner wrote: > On 2/14/07, Ben Bucksch <[EMAIL PROTECTED]> wrote: > > I still think that showing *only* the second level domain - *not* as > > part of the URL, which is technical glibberish for most people - is - > > next to bookmarks - the best approach against phishing, even though a > > dramatic change in browser UI. I *don't* think that just bolding the URL > > is enough. > > Interesting. I'd buy that argument, really.
I'd like to know what became of this discussion. Most of the user training surrounding phishing seems to be about teaching users how to correctly parse the top two levels of the domain out of the URL, and that's a silly thing to waste effort trying to train humans to do when it's a trivial task for the computer. Emphasizing or isolating the top two levels of the domain in the UI, though non-ideal, would be a positive move; IE would find itself playing catch-up to the Firefox UI yet again. -- ?!ng _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
