rs1990
Rick
Premium
join:2004-05-02
Poughkeepsie, NY | Why?
Perhaps if people used just the slightest bit of common sense...then the rest of us wouldn't have to be bothered with all of this extra security.
--
-Rick |
|
Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
clubs: | Or if they used a browser that works to prevent phishing for you. |
|
DHRacer
Fire Survivor
join:2000-10-10
Lake Arrowhead, CA
 ·Charter Pipeline
 ·Verizon west (ex G..
| NSA here we come
Great, pretty soon we will all be using one-time pads for basic communications.
How about fixing the system instead of spending the money to get around the broken problem and not actually fix the problem?
I noticed Register.com and some other sites have the info in a gif, which can't be computer-read, also they ask to verify a certain passphrase that machines can't read either before they even let you lookup a whois.
Information is truly the next currency, at this rate.
--
"The three most dangerous things are a programmer with a soldering iron, a manager who codes, and a user who gets ideas." - Unknown"A computer is like an Old Testament god, with a lot of rules and no mercy." - Joseph Campbell |
|
ssevern
join:2000-11-09
Londonderry, NH | reply to Maxo
Re: Why?
How can a browser prevent you from clicking on a bogus link? |
|
Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
clubs:
| said by ssevern  :
How can a browser prevent you from clicking on a bogus link?
It was my understanding that phishin is when the URL says you are visiting a site other than the site you are visiting making you believe the link is legit. There was a news article on this a number of months ago. When the link was clicked on in IE it took you to a site that looked exactly like symantec.com but with Firefox it showed you the true URL.
--
I'm not buying what you're selling to me
I'm not listening to what you're saying to me
I'm not seeings what you want me to see
I'm not suffering
You're just afraid, like the rest of us
- Dead Guy
»maxolasersquad.com |
|
technick
Premium
join:2000-12-16
Loganville, GA | Hitman for Hire?
I agree with fixing the current system instead of making it more complex. Lets hire a bunch of contract killers, and have them go after these scammers, and not to arrest them, but to kill them. Scum of the earth should be treated as such. |
|
Nam Vet
Premium
join:2001-12-03
Allentown, PA
| not new
I think its a good Idea but only for sites that contain sensitive data like banks, credit card company's etc.
Its not needed for sites like dslr or buying online with ssl at sites like newegg where you have the option of NOT Storing cc data.
BTW banks in Europe have been doing this for years
--
H O W T R U E : If you want something done, ask a busy person to do it |
|
Morac
join:2001-08-30
Riverside, NJ
·Comcast
1 edit | More security = less ease of use
The problem with adding more and more security is it makes it harder and harder on customers. For example back when there were like 2 or 3 user/pass protected websites it was relatively easy to remember a username and password on all the sites. Now-a-days there are thousands. For the longest time I used the same password on almost all of them for ease of use (including banking sites). At some point I realized that wasn't the brightest thing to be doing so I went through every site and changed the password on all of them. Now I need a password manager in order to remember all my passwords. If I'm not at my home computer I can't log into many sites since I don't remember the passwords.
Most people don't want to have to remember hundreds of passwords so they'll use just one or two. Get someone's password for amazon and you most likely have their banks password as well.
About the only way to have high security and ease of use is to use biometrics or some other system where you and your password are not separate entities. There are some devices out there which let you do this on your PC to password protect your files, but until it becomes the defacto standard for security phishing will exist.
--
The Comcast Disney Avatar has been retired. |
|
Combat Chuck
Too Many Cannibals
Premium
join:2001-11-29
Erie, PA
| reply to Maxo
Re: Why?
Ready:
www.paypa1.com/gimmeyourpassword/soicanstealyourmoney.htm
you have been phished. Works on any browser, and could catch varying levels of expertise depending on what font it's displayed in.
And quite frankly I doubt that many people would be too concerned if the URL displayed by the browser was different from what they were expecting anyway.
--
Japan-- Now with 30% more climbable telephone poles!! |
|
Jafo232
You Can't Spell Democrat Without Rat.
Premium
join:2002-10-17
Boonville, NY
·RoadRunner Cable
| reply to Morac
Re: More security = less ease of use
Well, I use a mathmatical formula to create my password depending on the domain name of the website. It is a simple formula, but creates strong passwords. As long as I always keep the forumula secret, I should be safe. 
--
nos insuadibilis defessus, nos insuadibilis inclino, nos insuadibilis concido. |
|
sivran
Long Live The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
·RoadRunner Cable
| reply to Morac
Ah, the multitudes of passwords one must remember.
What I do to simplify things is keep a set of easy to remember passwords (it used to be just one, short and weak password, but the list has grown somewhat) and use those for "unimportant" things like forums, throw-away email addies, and other sites where it wouldn't matter much if my password were cracked. The passwords in this set vary in length due to length requirements, but are still easy to remember. Most of them I've been using for years anyway so I have them pretty well memorized. The only problem is sometimes I can't remember which one I used, and I end up cycling through them all just to guess...
For more important, sensitive logons like my bank, my router, and admin/root accounts I use longer, more complex passwords. Some of them I have memorized, the rest I keep in Password Safe (which itself is protected by one of the longer passwords I have memorized).
My friend does the same thing, and I suspect a lot of other people might do it as well, though those are the people who generally won't fall for a phishing scam in the first place.
--
Think Spyware's bad? TCPA is worse. Fight it!
Kerio 2.1.5 - My favorite firewall (Download link updated!) |
|
woody7
Premium
join:2000-10-13
Torrance, CA | reply to DHRacer
Re: NSA here we come
Nail the bastards for good when they are caught... make the penalty hurt.....Hard prison time so they can be "fished" themselves....just my thoughts.
--
BlooMe |
|
technick
Premium
join:2000-12-16
Loganville, GA | reply to Jafo232
Re: More security = less ease of use
or until the ip's change =P.. well if u base it off ip addresses |
|
underscore
join:2004-04-20
Fairfax, VA
| dont post links in email
How about paypal (or whatever) just no longer post their links to sign-in pages anymore in their emails. At least that way the user would be forced to type it in their address bar or favorites or whatever so we wouldnt have this problem. Show the url in plain-text if they absolutely need to have a link. THAT way you (all the fools out there) could tell the difference between legit emails and fraudulent ones. |
|
jap
Premium
join:2003-08-10
038xx
·RoadRunner Cable
| reply to Jafo232
Re: More security = less ease of use
said by Jafo232 :
Well, I use a mathmatical formula to create my password depending on the domain name of the website. It is a simple formula, but creates strong passwords. As long as I always keep the forumula secret, I should be safe.
Excellent idea. That's what I need to start doing. I failed math though. Can you PM your formula please? And the last 4 of your social? |
|
b_zen
Premium
join:2002-07-24
Saint Louis, MO
clubs:
·TTNet
2 edits | Breaking News!!!
(...)enter one of 50 scratch-off passcodes mailed to them on a card(...) Just wait and see, so people will read "mailed" as "e-mailed"...
Breaking News:
13Millions XYZ customers filed a class action suit yesterday, hoping the company will replace their client's scratched-beyond-recognition monitors... A company spokesman declared "No Comment" to the alleged accusation!
--
Fiber Optic is the future! 3Plink.com |Voice|Video|Data| |
|
dddane
join:2002-01-10
Chicago, IL | reply to Maxo
Re: Why?
if they did this, the people who create the phished pages will just work to make a phish w/ that browser. the reality of it is, IE is targeted because thats what most people use... the problem is the users, not the browser |
|
