- From: Daniel Schutzer <dan.schutzer@fstc.org>
- Date: Tue Apr 18 11:56:27 2006
- To: "Dick Hardt" <dick@sxip.com>, public-usable-authentication-request@w3.org, "Daniel Schutzer" <dan.schutzer@fstc.org>
- Cc: "'Hallam-Baker, Phillip'" <pbaker@verisign.com>, "Jeffrey Altman" <jaltman@secure-endpoints.com>, "'George Staikos'" <staikos@kde.org>, public-usable-authentication@w3.org
I agree Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Dick Hardt <dick@sxip.com> Date: Mon, 17 Apr 2006 16:11:45 To:Dan Schutzer <dan.schutzer@fstc.org> Cc:"'Hallam-Baker, Phillip'" <pbaker@verisign.com>, "'Jeffrey Altman'" <jaltman@secure-endpoints.com>, "'George Staikos'" <staikos@kde.org>, <public-usable-authentication@w3.org> Subject: Re: Secure Chrome One of the crowd pleasers of Microsoft's Infocard pitch is the secure user experience. If you were to have Microsoft's Infocard show static HTML rather then a fixed UI, it would seem that you would have Secure Chrome. The user knows it is the their secure browser because it initially shows a graphic secret shared between the user and the app. The keyboard and screen are locked out to any other app to block malware. Unfortunately the UI is fixed. Microsoft did significant user experience research in designing Infocard in order to stop phishing. It could be worthwhile to review what they learned. -- Dick On 17-Apr-06, at 7:47 AM, Dan Schutzer wrote: > > I believe this is a good first start. > > -----Original Message----- > From: public-usable-authentication-request@w3.org > [mailto:public-usable-authentication-request@w3.org] On Behalf Of > Hallam-Baker, Phillip > Sent: Monday, April 17, 2006 10:36 AM > To: Jeffrey Altman; George Staikos > Cc: public-usable-authentication@w3.org > Subject: RE: Secure Chrome > > Lets break the problem down. > > Secure Chrome has a number of attributes: > > * Must be recognizable as secure chrome to the user > * Must be under exclusive control of the application > * [Possibly more] > > There are a number of ways that secure chrome might be achieved and > a number > of degrees of security possible: > > * Secure Chrome - security guaranteed by the operating system > * Spoof resistant chrome - security guaranteed by application level > best > effort > > Adding the Google toolbar is an unintentional but effective protection > against many phishing attacks spoofing the address bar in > javascript because > it mucks up their pixel counts. > > Refusing to create frameless pop ups. Rejecting the idiotic notion > that the > content provider has the right to determine the end user experience > does a > lot. > > To get to absolutely secure chrome we are going to need close > coupling to > the O/S security layer. But this is a goal to work towards not a must > achieve first day requirement. > > > >
Received on Tuesday, 18 April 2006 11:56:27 UTC