Hi Amir, I missed you at the TIPPI workshop. It's too bad you weren't able to attend. There was some interesting data presented; some of which is directly relevant to TrustBar. See below.
On 6/21/05, Amir Herzberg <[EMAIL PROTECTED]> wrote: > > 4. No (or minimal) input from user. > Agreed; and in fact, I believe `provide useful function even with no > input` is actually a good goal, and we meet (even) that. ... > > 5. Easy to use. > > > > You could elaborate 5th a lot: trivially easy to use, idiot-proof, fail > > safely, ... > Our usability experiments show TrustBar meets this as well. The MIT user study I wrote about in a previous post made use of the TrustBar. According to their results, users failed to detect a phishing attack in approximately 50% of cases when the TrustBar was present in the browser. This result was common across all the passive anti-phishing tools they tested. The conclusion they presented was that passive anti-phishing tools will not address the problem. What are your thoughts on this result? Tyler -- The web-calculus is the union of REST and capability-based security: http://www.waterken.com/dev/Web/ _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
