Slashdot Mirror

← Back to Stories (view on slashdot.org)

F-Secure Calls for '.safe' TLD

Posted by CmdrTaco on from the internet-laughs-at-f-secure dept.

Rajesh writes "According to F-Secure, ICANN (Internet Corporation for Assigned Names and Numbers), the organization responsible for the global coordination of the Internet's system of unique identifiers, should introduce a .safe domain name to be used by registered banks and other financial organizations."

24 of 243 comments (clear)

  1. Maybe its just me.. by mulvane · · Score: 3, Insightful

    But wouldn't something a little more, well, financially sound be better. .safe just makes me think of child protection sites, law enforcement security boards and such. I know .fin is taken, but how about someone put a little more thought into this one. I agree we possibly COULD use a .safe, but for other purposes.

    1. Re:Maybe its just me.. by kisrael · · Score: 3, Interesting

      The choice of ".safe" also sounds like blatant propaganda...

      --
      SO YOU'RE GOING TO DIE: The Comic for Dealing with Death
    2. Re:Maybe its just me.. by goombah99 · · Score: 4, Interesting
      how about .careful ? To remind people not to assume something is safe from it's name. Otherwise please click on my NotAVirus.exe.

      Who will accredit third world banks such as the FIRST BANK OF JOSEPH ENTBE OF NIGERIA?

      --
      Some drink at the fountain of knowledge. Others just gargle.
    3. Re:Maybe its just me.. by smallfries · · Score: 5, Funny

      Exactly, how many people would pay for an .unsafe tld?

      So once 95% of all websites decide that they want to be safe, how do organise the namespace? How about .com.safe, .gov.safe, .net.safe....

      Then all we do is turn off the .unsafe domain and we're done!

      --
      Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
    4. Re:Maybe its just me.. by thsths · · Score: 4, Funny

      > So once 95% of all websites decide that they want to be safe, how do organise the namespace?

      That should be easy: .safe, .extrasafe, .doubleplussafe, .360safe etc. The only limit is the amount payed to the registrar :-)

    5. Re:Maybe its just me.. by gEvil+(beta) · · Score: 5, Funny

      Agreed. We should also create a .terror domain--it'd help make tracking down those evil evil terra-ists that much easier...

      --
      This guy's the limit!
    6. Re:Maybe its just me.. by geekoid · · Score: 4, Funny

      You don't let '95%' of all domains use it.

      So financial institutions get it, but "we're not a bank" Paypal wouldn't.
      That's a shiv I would love to see paypal get.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    7. Re:Maybe its just me.. by borawjm · · Score: 3, Funny

      Exactly, how many people would pay for an .unsafe tld?

      I'm going to be the first to register un.safe and claim that it is a "safe" website


    8. Re:Maybe its just me.. by eln · · Score: 3, Insightful

      Or financial sites that studiously avoid calling themselves a bank, even though they clearly are one, in order to avoid being regulated like a bank. Such as Paypal.

      Also, .safe is just asking for trouble. It gives people an even greater false sense of security than they already have about "secure" websites. Might as well just call it .lawsuit-magnet.

    9. Re:Maybe its just me.. by Anne+Thwacks · · Score: 4, Funny

      Support the .scam domain! And the .spam domain too!

      --
      Sent from my ASR33 using ASCII
    10. Re:Maybe its just me.. by stonecypher · · Score: 3, Informative

      Why is it that everyone seems to think a company that transfers money and holds money in accounts is a bank? Your utility companies do that, credit cards are issued by non-banks all day, et cetera. You might as well argue that Final Fantasy Online is a bank - you can purchase in-game currency, give it to someone else, then have it converted back to real currency. Do rechargeable, releaseable gift cards make every store in the mall a bank? Is my cellular phone company a bank? My cell phone can make payments for me, even.

      Bank regulations aren't about little-guy money transfers, and wouldn't help in virtually any of the "omg paypal skrooed me" situations (which, I might note, I've never actually seen be anything other than the fault of one of the two end-users. Yes, PayPal freezes accounts too easily, but frankly, if you can't tolerate a several-day money lag, you shouldn't be transacting online at all.) Bank regulations are about the investment of held capital and so forth, to prevent messes like the 1914 commodity crash or the 1980s savings and loan scandal. Say what you will about PayPal, but their back-end investments are safe, conservative and shrewd. No bank regulations would affect PayPal in any way that the end users would find significant, other than to increase existing rates (not by enough to affect most transactions, but it would kill the micropayment system dead.)

      The next time you go complaining about regulations, maybe you should name the specific regulation you want. That way, when people read what you say, they won't do what I did, and assume you're some clueless whiner who just wants to repeat what everyone else says to sound smart, when bitching about an online business that they heard screwed a friend of a friend of a friend.

      Of course, that'd require knowing what you were talking about.

      --
      StoneCypher is Full of BS
  2. As a matter of principle... by rlthomps-1 · · Score: 5, Insightful

    I just don't trust anything that comes out and says "trust me, I'm safe." This isn't a good idea, it teaches people to let their guard down as opposed to being aware of the risks of blanketly trusting a website. What if someone gets some exploit code on one of these sites? I think it'll just take a few notable hacked up website before the whole trust of .safe is lost.

  3. Because you know by dctoastman · · Score: 5, Insightful

    People are infallible and immune from social engineering attacks and there is no way a shady organization would ever get a .safe domain.

    --
    My twitter
  4. Countdown... by Yoozer · · Score: 5, Insightful

    Count down to the first case where a .safe domain is corrupted because of nepotism, fraud, forgery, what-have-you.

    A TLD does not solve this problem. An alert user does, aided by tools like regular check-ups, challenge-response systems or cryptography.

    We've all heard how some corporations lose several thousands of records of personal data. What does that .safe TLD mean, in that case?

  5. Great but... by otacon · · Score: 4, Insightful

    People are still pretty dumb and easily tricked, the kind of people that get duped into putting their info in a phishing site are the same people that could be tricked by a fake URL...i.e. safe.financialsite.com or yourbank.com/safe or any other obvious ways to add safe into a URL.

    --
    In a world of acronyms, the words are the real victims.
    1. Re:Great but... by l0b0 · · Score: 3, Insightful

      A lot of people seem to be completely oblivious to URLs. You could use insecure.stayaway.ng/porn without raising suspicion from *pulls out a number* 83% of the population.

  6. Re:Not going to help by networkBoy · · Score: 3, Funny

    so we need a .safe and a .scam domain?
    Likely won't make a lick of difference though.
    -nB

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  7. How will it protect users from their own idiocy? by 140Mandak262Jamuna · · Score: 4, Insightful
    People respond to phishes and Nigerian scams and give all their usernames and passwords voluntarily without ever touching their banks or the safe domains. How can banks protect against such users? Why should it be the bank's responsibility to tell the customers, "It is not a good idea to paint your user name and password on the side of your home in 26inch high letters".

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  8. Will this really make a difference? by FredDC · · Score: 3, Insightful

    I don't think so...
     
    There will always be idiots, who will fill in their credit card information at visa.safe.ru!

    --
    09 f9 11 02 9d 74 e3 5b d8 41 56 c5 63
  9. Is it useful? by efence · · Score: 4, Insightful

    There is a much greater need to tell when a site is NOT safe. There is a reason that URLs with IP addresses and domain names such as "www.paypal.secure.dodgydomain.info/..." are still effective. Introduction of a new TLD is not a replacement for user education.

  10. This is a great idea, I'm sure it'll work by mrwiggly · · Score: 3, Insightful

    click to login to http://mybank.safe/ </a>

  11. On the face of it... by Ngarrang · · Score: 3, Insightful

    On the face of it, the idea is not completely awful. As usage of the internet grows, the organization of the domain names will grow in complexity and scope.

    We have .gov for the US government sites. This makes sense. All government-owned web sites are then managed in one place. We have .edu for education institutions.

    Financial institutions are a major power in our society, like government, so maybe they should have a specific domain. This would make looking for a financial place predictable. "I need to find my bank's web site. Ah, I will try bankname.bank" knowing that you will at least get a real bank, and not a phishing scam built on a typo in a name. .shop for on-line shops that actually sell through their web site. eg. Amazon, TigerDirect

    There are other major market segments which could justify a TLD like libraries (.lib?) and medical (.med?).

    We should not let a fear of abusers stop us from trying to organize things in a predictably way. With more TLD options, we could possibly avoid domain names having to be ever longer because their name was already taken.

    --
    Bearded Dragon
  12. Not only that... by Pollux · · Score: 4, Insightful

    But it also sounds like an inviting and tempting invitation for hackers to prove that nothing is ".safe"

    What next? Will someone build a ship and claim it's unsinkable? Oh wait...

  13. the answer by CrazyBrett · · Score: 3, Insightful

    A: Create a new TLD!
    Q: (what was the question again?)