From: Peter Kirk (peterkirk@qaya.org)
Date: Fri Feb 11 2005 - 07:53:21 CST
On 11/02/2005 12:50, Jon Hanna wrote:
>I like the idea of colour-coding scripts myself. While presenting
>information through colour alone is known to be poor UI, it would mean that
>there'd be enough people who would realise that e.g. the c in mi?rosoft.com
>was on, say, a yellow background and this meant it wasn't the same as
>microsoft.com that such an attempt at phishing wouldn't get far.
>
>
>
I doubt if this would help much. Average users, if they spotted the
special colour in the top bar at all, would just think that their
computer was doing something strange and carry on regardless.
Perhaps a better approach would be for browsers, as a default option
which can be switched off, to warn users about mixed script domain names
(or even any non-ASCII domain names) with a dialogue box, something
like: "Domain name paypal.com contains non-Latin character(s). This may
be a security risk. Are you sure you want to go to this domain? OK
Cancel".
-- Peter Kirk peter@qaya.org (personal) peterkirk@qaya.org (work) http://www.qaya.org/ -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.6 - Release Date: 07/02/2005
This archive was generated by hypermail 2.1.5 : Fri Feb 11 2005 - 07:54:43 CST