Hi David, On 6/8/05, L. David Baron <[EMAIL PROTECTED]> wrote: > On Wednesday 2005-06-08 14:30 +0100, Ian G wrote: > > So here's the question: > > > > Who's dealing with phishing in Mozilla? > > > > Discussion below, ending in the question. > > > On Tuesday 07 June 2005 03:11, Tyler Close wrote: > > > I've implemented the petname tool, an anti-phishing browser extension. > > > You can find it at: > > > > > > http://petname.mozdev.org/ > > > > > > this work on another security focused mailing list. Now how do I go > > > about getting the Mozilla Security Group to review this work and > > > incorporate it into the main Firefox UI? If noone has the time or > > Are these two questions intended to be synonymous? They aren't.
I think we're all looking to take this one step at a time. From my point of view, I'm first wondering how to engage the Mozilla Security Group in a conversation about the petname tool. Hopefully, this conversation will lead to development of an anti-phishing tool that meets the needs of Mozilla users. > I'm > skeptical that something like petname would help the type of users who > are most likely to be phished, since I'd think they wouldn't figure out > how to use it in the first place. Is there good evidence to the > contrary? There are at least two important issues to consider here. The first is that the current UI does not enable even an expert user to reliably detect a phishing attack. This failing must be corrected before we have any hope of helping the naive user. All of the widgets in the current UI contain information provided by the attacker. The URL, the page content, the SSL certificate (if any) are all data elements provided by the attacker. The attacker gets to choose the bits to send. To detect a phishing attack, the user must discover discrepancies in information that has been carefully designed for deception. Human users, even expert users, cannot reliably perform this task. The recent Shmoo attack is a good demonstration of how difficult it can be to discover a discrepancy. The petname tool breaks out of this model by providing a tool which does not contain information provided by the attacker. The petname tool exclusively provides information provided by the user, and so provides the user with a reference to consult, free from possible deception by the attacker. With the petname tool, it is at least possible for an attentive user to detect a phishing attack. This is a marked improvement over the status quo. Secondly, I think it is difficult to argue that the petname tool is harder to use than other elements of the browser UI. The petname tool works in much the same way as the bookmark UI. It seems impossible to conclude that the petname tool is too hard to use without also concluding that bookmarks are too hard to use. We have a usability study of the petname tool in the works, but I am hoping we can make some progress beforehand. Is a usability study a standard requirement for changes to the Mozilla UI? If so, please point us to some references, since designing the experiment is one of the tricky parts Ka-Ping Yee is currently wresting with. Thanks, Tyler -- The web-calculus is the union of REST and capability-based security: http://www.waterken.com/dev/Web/ _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
