James A. Donald wrote: > No, because it is just not a very profitable thing to > do. To make any money out of it, you have to keep your > fake storefront running, and fully simulating the real > store front, for a while.
Ok, based on this reply and others we can assume it's possible to judge the possibility of fraud in similar manners to how we associate fraud in real life, ie ask others about (or in this high tech world google about it), after all if you have a problem with a company you tell everyone about it, or at least all the bloggers seem to. This was in line with my comment to the mozilla list the other day how people as a society have been building relationships for thousands of years without some non-government body that is only concerned with it's own self interests telling us who we can and cannot "trust". The only thing pending is we just need proof of ongoing relationships, and pet name like tools do this at zero cost to all involved.. This is looking more and more about building a business case for CAs, then building a case for better end user security. The end user goes to their bank to get an account, they have all the web addresses verified out of band. > Just set up a site that says "free porn, register here." That technique has been used in the past to get round captchas... -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
