Duane wrote: > Ruari Callow wrote: > > > Finally an extra advantage of this method is that it helps prevent > > other types of spoofing, for example when fraudsters substitute ASCII > > characters (e.g. '0' for 'o'). > > Couple of small things, the sites might figure out some way to > automatically either by tricking the user to book mark it, or some > trojan etc to automatically do it (this being the case they have bigger > problems) and with the frequantly hit thing you'd have to be careful as > to what you count as hits to prevent sites from again tricking the user > into a couple of hits to their website, or some javascript to loop pages > etc...
If sites are automatically bookmarked that is a new flaw, in which case it should be looked at in its own right. Same with the Trojan. Regarding what counts as hits. I was thinking along the lines of ten vists to the site on different days. _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
