[Cryptography] Well Known Bad Idea: ask users to make security decisions, or If you *work* for Apple, please update your email software
Jerry Leichter
leichter at lrw.com
Sat Oct 4 20:24:55 EDT 2025
> ...Given the trivially (by a 5th grader!) spoofed "Display Name" from an email address (no crypto in sight), and the "fraud.com" domain name (which can be crypto checked), why does Apple Mail choose to show the trivially spoofed name and hide the crypto checked name ??
Are you really serious about that question? For *legitimate* mail messages, the display name is something that actually make sense to a human being, while the email address typically is often something pretty meaningless. So the really choices come down to: (a) make the legitimate messages - which one hopes are the majority - as friendly as possible to users at the expense of hiding information that the vast majority of users have no real hope of understanding; or (b) hide the friendly information that actually means something to the vast majority of users in favor of stuff that means nothing to them just to keep a small minority of highly skilled users happy. I don't know about you, but I know how *I* would design a system meant to be used by many hundreds of millions of people.
At least on the Mac, every address has a little pulldown that shows you the actual email address. If you know what to do with that, and you have any concerns, you can easily check that. While the interface is slightly less obvious in iOS, you can do the same thing with two taps. Which seems like a reasonable compromise. (As I recall, Outlook makes it very difficult to see the actual underlying addresses at all.)
-- Jerry
More information about the cryptography
mailing list