Slashdot Mirror

← Back to Stories (view on slashdot.org)

Small Businesses Worry About MS Anti-Phishing

Posted by kdawson on from the green-means-good dept.

prostoalex writes "Ever get that warm feeling of safety, when the anti-phishing toolbar on Microsoft Internet Explorer 7 turns green, telling you it's safe to shop on the site you're visiting? Well, you probably don't, but the millions of Internet users who will soon be running IE7 probably will be paying attention to the anti-phishing warnings. WSJ.com is reporting on how Microsoft is making it tough for small businesses to assure they're treated properly by the anti-phishing algorithm." From the article: "[S]ole proprietorships, general partnerships and individuals won't be eligible for the new, stricter security certificates that Microsoft requires to display the color. There are about 20.6 million sole proprietorships and general partnerships in the U.S... though it isn't clear how many are engaged in e-commerce... 'Are people going to trust the green more than white? Yes, they will,' says Avivah Litan, an analyst at Gartner Inc. and an expert on online payments and fraud. 'All the business is going to go to the greens, it's kind of obvious.'"

2 of 291 comments (clear)

  1. Re:WTF? Phising and certs are different issues. by Anonymous Coward · · Score: 5, Informative

    I think any comment about IE7's anti-phishing system should note that it sends every website you visit to Microsoft. If you care even an iota about the privacy of your web browsing, you should choose "no" when IE7 asks you to enable its invasive anti-phishing system.

  2. Re:How does the Phishing thing work? by Kelson · · Score: 5, Informative

    Actually there's two issues -- site verification and anti-phishing -- which are getting mashed together because they act on a similar concept (how much can I trust this site?) and display through the color in the address bar.

    White is the default state, and says nothing about the site.
    Red is when the site matches a blacklist of known phishing sites. (If you have the antiphishing turned on, it will check with MS each time you load a new page.)
    Green is when the site uses one of these new SSL certificates which provides additional data and (supposedly) has a tougher approval process in which the certificate authority does an actual background check on the company instead of just making sure they have a working phone number. One hopes a blacklist hit will trump this.

    A secure site that uses a standard SSL cert and is not a known phisher will have a white location bar.