More US bank silliness
Florian Weimer
fw at deneb.enyo.de
Tue Sep 9 15:26:46 EDT 2008
* Peter Gutmann:
> On a semi-related topic, it'd be interesting to get some discussion about FF3
> removing the FF2 SSL indicators of the padlock and (more visibly) the
> background colour-change for the URL bar when SSL is active and replacing it
> with a spoof-friendly indicator that's part of the favicon, i.e. part of the
> attacker-controlled content.
To keep this in perspective, note that you could disable the location
bar altogether in FF2 (and that default changed in FF3), so the FF3
approach is actually an improvement.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list