|
|
19-04-2008, 07:38 AM
|
|
Still stuck in 1984
Group: Regulars
Location: Inside your head
|
PayPal to block Safari use
Interesting article in the New York Times ...
PayPal, eBay Inc.'s payment service and the frequent target of fraudsters, plans to block browsers that don't include anti-phishing features from accessing its site.
Under PayPal's plan, Apple Inc.'s Safari would be banned completely, while only older versions of its rivals Microsoft Corp.'s Internet Explorer and Mozilla Corp.'s Firefox would be barred.
PayPal spelled out the idea in a paper released at last week's RSA Conference. "It's critical to not only warn users about unsafe browsers, but also to disallow older and insecure browsers," said Michael Barrett, PayPal's chief information security officer, in the paper. "Letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts."
Either Apple had better pull their finger out and implement anti-phishing in the very next version of Safari, or we'll all be switching to Firefox 3.
__________________
Tune into Psymbiensis, 24/7 chill music streaming straight to your desktop.
Cornell Univiersity says, "Watching TV shows makes you stupid." Break the addiction, visit White Dot today.
Wi-fi is a health risk, please use sparingly and with caution. |
|
|
|
|
|
|
|
19-04-2008, 07:59 AM
|
|
Motorbikes - lazy mans Zen
Group: Regulars
Location: Castlemaine
|
Quote:
Originally Posted by Brains
Either Apple had better pull their finger out and implement anti-phishing in the very next version of Safari, or we'll all be switching to Firefox 3.
|
Hmmm I find wondering how much (if any) of Safari's speed advantage compared to Firefox and IE is due to the fact that it doesn't do a phishing check.
Anybody got any idea?
__________________
Al MacBook 2.4GHz | iMac C2D 2.4GHz 20" | MB Pro C2D 2.16Ghz 15" | MB C2D 1.83GHz | MB Air 1.6GHz | iPhone 3G 8Gb | iPod Nano 8Gb
|
|
|
|
|
|
|
|
19-04-2008, 08:15 AM
|
|
I'm crackin' skulls
Group: Forum Leaders
Location: Melbourne
|
Quote:
Originally Posted by Brains
Either Apple had better pull their finger out and implement anti-phishing in the very next version of Safari, or we'll all be switching to Firefox 3.
|
Or giving eBay the flick. Their general level of douchebaggery has really escalated lately. Also, WTF does eBay care? Either phishing attempts happen outside eBay, in which case it's nothing to do with them, or eBay is admitting that they have a phishing problem on their site. |
|
|
|
|
|
|
|
19-04-2008, 08:33 AM
|
|
Regular
Group: Regulars
Location: Melbonia
|
Quote:
Originally Posted by tcn33
... Either phishing attempts happen outside eBay, in which case it's nothing to do with them, or eBay is admitting that they have a phishing problem on their site.
|
Not quite sure how a phishing problem can actually happen "on their site", but regardless, any sort of phishing damages eBay's reputation, so yeah, they are going to care the same way as the banks care when someone sends you a fake email asking you to 'verify your credentials'.
__________________
Live life with Blue Sun
|
|
|
|
|
|
|
|
19-04-2008, 08:34 AM
|
|
Would you like a jelly baby?
Group: Regulars
Location: Brisbane
|
Um... scuse my ignorance... how does a browser protect against phishing?
__________________
A writer? Yeah, sure, that'll pay the bills. Why don't you get a real (....) job like everyone else?
|
|
|
|
|
|
|
|
19-04-2008, 08:39 AM
|
|
Regular
Group: Regulars
Location: S37°56.2' E145°07.6'
|
Quote:
Originally Posted by Geoff3DMN
Hmmm I find wondering how much (if any) of Safari's speed advantage compared to Firefox and IE is due to the fact that it doesn't do a phishing check.
|
Exactly zero. The speed advantage is all down to the rendering and javascript engines. |
|
|
|
|
|
|
|
19-04-2008, 08:42 AM
|
|
Regular
Group: Regulars
Location: Melbonia
|
Quote:
Originally Posted by cosmichobo
Um... scuse my ignorance... how does a browser protect against phishing?
|
The address bar where you type the URL turns a different colour (red?) when the site is dodgy. I think it looks at the information in the server's SSL certificate - the technology is called Extended Validation (EV) certificates.
This article in Macworld explains it better.
__________________
Live life with Blue Sun
|
|
|
|
|
|
|
|
19-04-2008, 08:56 AM
|
|
Pixel Peeper
Group: Regulars
Location: Brisbane
|
I read about this months ago with them wanting to do the same thing. And I shit you not the reason was because Safari didn't display a padlock on the screen in secure sites.
Seriously, PayPal can eat me.
It's a horrible, horrible company that is entirely above the law, and has no qualms about it.
Edit: STOP USING PAY PAL ALREADY
__________________
Successful trades: kingsdesign, chrissara, Leon
'I want GM to declare bankruptcy' supporter #001.
|
|
|
|
|
|
|
|
19-04-2008, 09:15 AM
|
|
King of the Carrot Flowers
Group: Regulars
Location: Gippsland, Victoria
|
Maybe Microsoft has something to do with this decision...
Wally
|
|
|
|
|
|
|
|
19-04-2008, 10:45 AM
|
|
Web Developer http://www.petermount.com
Group: Regulars
Location: On the other side and the previous side looks decidedly beige
|
Just to clear things up I'd like to ask if phishing is really a problem with Windows. Would phishing really be a problem for people using Leopard or even Linux?
I have to admit I was using Firefox as my browser of choice before I switched to the Mac. But I've been using Safari for the past month.
Thanks
|
|
|
|
|
|
|
|
19-04-2008, 10:55 AM
|
|
Regular
Group: Regulars
Location: Melbonia
|
Quote:
Originally Posted by Peter Mount
Just to clear things up I'd like to ask if phishing is really a problem with Windows. Would phishing really be a problem for people using Leopard or even Linux?
|
Phishing is independent of your computing platform (Windows, Linux, OS X), and is equally a problem on any of them.
Typically, a phishing attack is a fake website (often using genuine images from the real website), that is designed to capture your login credentials, so that they can be used by the phishers later on the real web site - eg. a bank. Or sometimes they want to get private information about you to build a fake identity.
If your browser can warn you that the web site you are visiting is NOT the website that you think it is, then that's a useful anti-phishing measure.
__________________
Live life with Blue Sun
|
|
|
|
|
|
|
|
19-04-2008, 11:04 AM
|
|
Guest
Group:
|
Phishing is one of the reasons why Bendigo Bank is one of the most secure web portals to access your account. They use a random key generator that you have to pay for in order to access your account online.
It's an untidy solution and the $22 for the random key generator is a bit steep, but it pretty much guarantees your security.
|
|
|
|
|
|
|
|
19-04-2008, 11:39 AM
|
|
Web Developer http://www.petermount.com
Group: Regulars
Location: On the other side and the previous side looks decidedly beige
|
OK.
I only go to known web sites for financial stuff but I can always use Firefox for that sort of thing until Safari gets updated with an anti phishing feature.
Have fun
|
|
|
|
|
|
|
|
21-04-2008, 02:29 PM
|
|
Regular
Group: Regulars
Location: Melbonia
|
Computerworld are reporting that PayPal WON'T be blocking Safari any time soon.
__________________
Live life with Blue Sun
|
|
|
|
|
|
|
|
21-04-2008, 02:45 PM
|
|
Regular
Group: Regulars
Location: Slobart
|
Quote:
Originally Posted by akaddk
It's an untidy solution and the $22 for the random key generator is a bit steep, but it pretty much guarantees your security.
|
It's a bit more than just a random number generator.. The numbers that are generated are calculated based on a seed value in the token, and things like the date & time etc (which are preset in them). The tokens that we use at work, made by RSA, come in at approx. $120 each, and do them same thing, so $22 is cheap, and well worth it IMO to safe guard your personal banking data.
__________________
24" White C2D iMac
17" C2D MacBook Pro
16Gig iPod Touch
8Gig iPhone
|
|
|
|
|
|
