SSL and Malicious Hardware/Software
Steven M. Bellovin
smb at cs.columbia.edu
Fri May 2 19:50:56 EDT 2008
On Fri, 2 May 2008 08:33:19 +0100
"Arcane Jill" <arcanejill at ramonsky.com> wrote:
> -----Original Message-----
> From: owner-cryptography at metzdowd.com
> [mailto:owner-cryptography at metzdowd.com] On Behalf Of Ryan Phillips
> Sent: 28 April 2008 23:13
> To: Cryptography
> Subject: SSL and Malicious Hardware/Software
>
> > I can't think of a great way of alerting the user,
>
> I would be alerted immediately, because I'm using the Petname Tool
> Firefox plugin.
>
> For an unproxied site, I get a small green window with my own choice
> of text in it (e.g. "Gmail" if I'm visiting https://mail.google.com).
> If a proxy were to insert itself in the middle, that window would
> turn yellow, and the message would change to "(untrusted)".
>
Assorted user studies suggest that most users do not notice the color
of random little windows in their browsers...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list