Slashdot Mirror

← Back to Stories (view on slashdot.org)

F-Secure Calls for '.safe' TLD

Posted by CmdrTaco on from the internet-laughs-at-f-secure dept.

Rajesh writes "According to F-Secure, ICANN (Internet Corporation for Assigned Names and Numbers), the organization responsible for the global coordination of the Internet's system of unique identifiers, should introduce a .safe domain name to be used by registered banks and other financial organizations."

13 of 243 comments (clear)

  1. As a matter of principle... by rlthomps-1 · · Score: 5, Insightful

    I just don't trust anything that comes out and says "trust me, I'm safe." This isn't a good idea, it teaches people to let their guard down as opposed to being aware of the risks of blanketly trusting a website. What if someone gets some exploit code on one of these sites? I think it'll just take a few notable hacked up website before the whole trust of .safe is lost.

  2. Because you know by dctoastman · · Score: 5, Insightful

    People are infallible and immune from social engineering attacks and there is no way a shady organization would ever get a .safe domain.

    --
    My twitter
  3. Countdown... by Yoozer · · Score: 5, Insightful

    Count down to the first case where a .safe domain is corrupted because of nepotism, fraud, forgery, what-have-you.

    A TLD does not solve this problem. An alert user does, aided by tools like regular check-ups, challenge-response systems or cryptography.

    We've all heard how some corporations lose several thousands of records of personal data. What does that .safe TLD mean, in that case?

  4. Re:Maybe its just me.. by goombah99 · · Score: 4, Interesting
    how about .careful ? To remind people not to assume something is safe from it's name. Otherwise please click on my NotAVirus.exe.

    Who will accredit third world banks such as the FIRST BANK OF JOSEPH ENTBE OF NIGERIA?

    --
    Some drink at the fountain of knowledge. Others just gargle.
  5. Great but... by otacon · · Score: 4, Insightful

    People are still pretty dumb and easily tricked, the kind of people that get duped into putting their info in a phishing site are the same people that could be tricked by a fake URL...i.e. safe.financialsite.com or yourbank.com/safe or any other obvious ways to add safe into a URL.

    --
    In a world of acronyms, the words are the real victims.
  6. How will it protect users from their own idiocy? by 140Mandak262Jamuna · · Score: 4, Insightful
    People respond to phishes and Nigerian scams and give all their usernames and passwords voluntarily without ever touching their banks or the safe domains. How can banks protect against such users? Why should it be the bank's responsibility to tell the customers, "It is not a good idea to paint your user name and password on the side of your home in 26inch high letters".

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  7. Re:Maybe its just me.. by smallfries · · Score: 5, Funny

    Exactly, how many people would pay for an .unsafe tld?

    So once 95% of all websites decide that they want to be safe, how do organise the namespace? How about .com.safe, .gov.safe, .net.safe....

    Then all we do is turn off the .unsafe domain and we're done!

    --
    Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
  8. Is it useful? by efence · · Score: 4, Insightful

    There is a much greater need to tell when a site is NOT safe. There is a reason that URLs with IP addresses and domain names such as "www.paypal.secure.dodgydomain.info/..." are still effective. Introduction of a new TLD is not a replacement for user education.

  9. Re:Maybe its just me.. by thsths · · Score: 4, Funny

    > So once 95% of all websites decide that they want to be safe, how do organise the namespace?

    That should be easy: .safe, .extrasafe, .doubleplussafe, .360safe etc. The only limit is the amount payed to the registrar :-)

  10. Re:Maybe its just me.. by gEvil+(beta) · · Score: 5, Funny

    Agreed. We should also create a .terror domain--it'd help make tracking down those evil evil terra-ists that much easier...

    --
    This guy's the limit!
  11. Re:Maybe its just me.. by geekoid · · Score: 4, Funny

    You don't let '95%' of all domains use it.

    So financial institutions get it, but "we're not a bank" Paypal wouldn't.
    That's a shiv I would love to see paypal get.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  12. Not only that... by Pollux · · Score: 4, Insightful

    But it also sounds like an inviting and tempting invitation for hackers to prove that nothing is ".safe"

    What next? Will someone build a ship and claim it's unsinkable? Oh wait...

  13. Re:Maybe its just me.. by Anne+Thwacks · · Score: 4, Funny

    Support the .scam domain! And the .spam domain too!

    --
    Sent from my ASR33 using ASCII