RE: Safe Web Browsing

The design is such that a user would not be able to add a fraudulent website
to the trusted list even if they tried to.

However a user could attempt to view a fraudulent website outside of the
safe web mode. This assumes that a user will always attempt to access a
trusted site in Safe Web mode; that the majority can be trained and incented
to do so, just as the majority is trained and incented not to give out their
bank cards and PIN numbers to others.

-----Original Message-----
From: [] On
Behalf Of Serge Egelman
Sent: Wednesday, October 10, 2007 10:31 AM
To: Dan Schutzer
Cc: 'WSC WG'
Subject: Re: Safe Web Browsing

Can you also list the assumptions for this to be successful?  Testing
will be around the assumptions (assuming the prior literature hasn't
already disproved those assumptions).

E.g., "users will not be fooled into adding fraudulent websites to the
trusted list," "users will know when to activate safe browsing mode and
will always do so during the proper circumstances (which are...)," etc.



Dan Schutzer wrote:
> Hi everyone. At last weeks W3C WSC meeting, I was asked to submit a
> draft description of how Safe Web Browsing would operate, so it could
> undergo some user testing. Attached is my first cut
> Best Regards
> Dan Schutzer

Serge Egelman

PhD Candidate
Vice President for External Affairs, Graduate Student Assembly
Carnegie Mellon University

Legislative Concerns Chair
National Association of Graduate-Professional Students

Received on Wednesday, 10 October 2007 14:57:05 UTC