A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
Adam Shostack
adam at homeport.org
Wed Feb 9 16:06:27 EST 2005
On Wed, Feb 09, 2005 at 07:22:05PM +0000, Ian G wrote:
| Adam Shostack wrote:
|
| >Have you run end-user testing to demonstrate the user-acceptability of
| >Trustbar?
| >
| >
|
| Yes, this was asked over on the cap-talk list.
| Below is what I posted there. I'm somewhat
| sympathetic as doing a real field trial which
| involves testing real responses to a browser
| attack raises all sorts of heisenberg uncertainty /
| experimental method issues. Off the top of
| my head, I think this is a really tricky problem,
| and if anyone knows how to test security
| breaches on ordinary users, shout!
There's an HCIsec group at YahooGroups:
http://groups.yahoo.com/group/hcisec/
Most of the smart people who care about these issues hang out there.
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list