New idea by yahoo to prevent users from getting "phished" !
Sign-In Seal FAQ.
The idea is:
* on my PC, I will create a special tag/seal/mark/sign and this will be stored on my PC
* whenever I go to the genuine Yahoo site, it will be displayed to me
* if I go to a fake yahoo website, the website will not be able to display the sign to me and I will thus know it is a fake yahoo website.
Three concerns:
1> I guess this will be via a cookie which will be persistently stored on the user's computer. That will mean that users should not clear their browser cache of cookies to have this scheme work everytime. This IMHO is not a good practice to get the users to get used to.
2> What if the fradulent web site owners are able to decipher this cookie (reverse engineer) and display the same?
3> All yahoo portals will now be able to track the particular individual. It would mean that users will leave a trail of their presence across yahoo portals. What if I am just browsing through Flickr (not having logged on)? Surely yahoo will be able to track this visit of mine across the website while I am under the impression that I not being tracked.
---------------
Tag: Technical
,
,
Saturday, September 09, 2006
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment