W3C home > Mailing lists > Public > public-usable-authentication@w3.org > June 2006

Re: Secure Chrome

From: George Staikos <staikos@kde.org>
Date: Mon, 12 Jun 2006 20:08:22 -0400
Cc: public-usable-authentication@w3.org
To: "Undisclosed.Recipients": ;
Message-Id: <200606122008.22804.staikos@kde.org>

On Monday 12 June 2006 20:00, James A. Donald wrote:
>      --
>
> Chris Drake wrote:
>  > You can put as much effort as you want into chrome,
>  > and 100% of it will be wasted when the spamming
>  > phishers etc just visually simulate the entire browser
>  > UI.
>
> I think most users would notice a browser inside the
> browser.  You can only simulate the entire browser UI if
> the browser allows frameless popups.
>
> And even though some users will not notice, a situation
> where fraud is glaringly obvious is a big improvement on
> a situation where it is subtle and unobvious.

  Remember that phishing only has to hit some very small percentage, like 0.1% 
of users, to be financially lucrative.  That means if you fool one in a 
thousand, you've made your money.  I do agree that removing the subtle 
phishes is a good step forward and well worth the effort.  I still think that 
the obvious ones are financially lucrative though.

-- 
George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/
Received on Tuesday, 13 June 2006 00:06:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:15 UTC