Slashdot Mirror
Paypal Advises Users To Stop Using Safari
eldavojohn writes "Over concerns for lack of an anti-phishing mechanism for Safari, Paypal is telling its Mac users to use another browser. An author from Ars Technica reveals that he has been using Camino and has fallen victim to a Paypal related phishing scam via e-mail so this story must hit home for him. 'Currently the Apple browser does not alert users to sites that could be phishing for your info, and it lacks support for Extended Validation. PayPal is, of course, a popular site among phishers in their neverending search for personal information, user IDs, and passwords. While it's not entirely fair singling out Safari (other Mac browsers like Camino also lack this support), it is perhaps at least a helpful reminder of the threat.'"
It's called the address bar. It's very easy to use, just type where you want to go and press return. Before entering sensitive information into a browser window check the address bar and make sure you are where you think you are. I know your mom and my mom might not fully understand the address bar, but I think it would be easier for them to learn about it than installing a new browser.
Win a signed Stephen Carpenter ESP Guitar from the Deftones: http://def-tag.com/?r=0008781
What theme do you recommend as the most "mac-like" and minimalist in screen real estate? and what do you mean copy and paste the icon resource.
Some drink at the fountain of knowledge. Others just gargle.
http://www.fightidentitytheft.com/paypal_scam.html
mine was similar, only it claimed they were doing a fraud investigation about fraudulent use to my account.
they use the images and everything it looks exactly like a paypal e-mail, only the hyper link when you hover over it says a different website than in the email message. (they're doing a simple html trick, which is always the first thing i look for)
I've seen them do the same thing with say, yahoo mail login sites, etc. one of my less savvy friends got her IM name stolen for use sending IM spam.
safari is bass acwards to not show the real url on a tool bar! i couldn't live a day without that feature.
https://www.gnu.org/philosophy/free-sw.html
On this I must disagree. Right now the best solution probably is double checking URLs, but that is realistically not a good solution for the majority of people. Apple (and every other browser developer) should be working on a a URL whitelist/greylist/blacklist detection and warning technology. I'm not sure, however, that they should rush to deploy such technology. It might be better to wait until it is reliable enough to provide real benefit without providing a false sense of security. Right not IE has such a technology, but reviews show it to be of little, practical use. I know Apple is working on such technology and depending upon how effective it seems to be, it might be best that they have not rolled it out for Safari yet. I do think there s a real demand for this type of technology and developers should be trying to fill that need.
snark: And Safari users are advised to stop using PayPal.Well... I might say all security minded users might be well advised to stop using Paypal. We have Google Checkout now who would want to use Paypal?
So why is closing a Mac window harder than threading a needle? And with the close button so small, why do standard dialogs generally lack an "OK" or "Close" button, with the expectation that we use those itty-bitty buttons way up in the corner?
Oh, but it's Apple, that means the UI is good by definition!
And with Firefox 3, you don't even need a theme. They look very similar now. Firefox 3 even seems to use the Aqua style widgets.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
First, because as more and more services become dependent upon URLs there are fewer and fewer URLs that don't have some feature that might indicate they are really a phishing attempt. Also, as the Web becomes more international more characters that look the same or very similar are introduced. More and more legitimate e-mail messages, even automated ones, reference Web sites. Am I going to look at every single e-mail I get from Netflix to make sure the URL that pops up really is NetFlix? Maybe, or maybe I won't sometime and if the tab that loads does not have a warning, maybe I'll mistake it for Netflix. Maybe I will look, but maybe I won't notice it is netf1ix.com instead of netflix.com. Everyone makes a mistake now and again and most people are nowhere near as security conscious as I am.
Can you honestly say there is no way you would ever make that mistake? Can you honestly say there is no way your grandmother or 8 year-old nephew could not make that mistake? Technology to automatically verify the identity of a Web server is useful for everyone and I believe there is a real demand. If that demand is ignored, people will go elsewhere, maybe to IE7 where they feel safer, or maybe to Opera. Web browser developers ignoring that demand will probably lose out. If you don't want to use it, don't worry. I'm sure Firefox will let you turn it off, and if it won't, will you can always fork it.
Are they blind?Some of them are, certainly. I know it takes my friend a lot longer to listen to a page via an audio interface or even read it using his braille board. By default, I don't even think it reads the URL and if it did it would be a huge annoyance for him.
Oh did you mean that as a rhetorical question? Too bad, it is a real concern.
If you want a car analogy, "If I can't be relied on to observe traffic around me while driving, then I should not be driving, regardless of how necessary society says driving is."By that logic, we should all be observant enough to check our coolant levels before driving too. After all, once in a great while it is too low and the engine will overheat. Why bother to put a heat sensor and warning light on the dash? What are you, blind or something? If you can't check your engine coolant periodically you should just walk everywhere.
Why shade truths? One of my maths professors, who contracted polio in his younger years, was quite content to use that term to describe himself, when it was relevant.
Unless you have some physical condition that prevents it, there's really very little excuse for poor mousing skills. If the mouse doesn't track properly, or isn't weighted correctly, buy a new one.
Speed is as good an excuse as any. On a Windows machine I can swing my mouse from one part of the screen to another and end up on the close button with 90% accuracy, primarily because of its size. On macs (and the distro of linux my school uses) I have to swing the mouse over, then spend a few extra seconds lining it up because of how small the close button is. Sure, it's only a few seconds, but convienience is a factor in OS choice, and Window's close buttons got that part right a lot more than Mac (if you can avoid the ever present 'there's no space between the restore to default and close buttons, be careful' problem, which is usually irrelevant if you don't use non-maximized windows much).
There are two kinds of fool One says 'This is old therefore good' Another says 'This is new therefore better'- Dean Ing
Why doesn't it [Windows] have fast, easy keyboard shortcuts for most tasks?
Enter - hit the default button. Closes all those annoying "OK" dialogs.
Space - hit the currently selected button. Like a left mouse-click, but for the soul.
Tab - Switch between buttons/check boxes/tabs/etc in a form. Use arrow keys to select an option from a series of radio buttons.
Shift+Tab - Switch between buttons/check boxes/tabs/etc, but going the other way.
Windows+R - Bring up the "Run" dialog.
Windows+E - Bring up Explorer.
Windows+D - Minimize everything to your desktop. (Or restore everything again.)
F1 - Help.
CTRL+C or CTRL+INS - Copy files/selected text/etc. to clipboard. (Sorry, meta+C.)
CTRL+V or SHIFT+INS - Paste files/selected text/etc. from clipboard.
ALT+F4 - Close current program or dialog box.
CTRL+SHIFT+ESC - Bring up task manager.
CTRL+ALT+DEL - You should know what this does. Also brings up "Windows 2000" style login from the welcome (user selection) screen in XP.
You can run Windows without a mouse. No, really, you can - my desktop only has icons for games with long paths hidden in program files. With Windows 98 (and maybe others) you could set the default shell in WIN.INI or some other file to the command prompt instead of explorer.exe - the effect was a DOS-looking computer that could run all your Windows 98 apps! (My parents didn't see the novelty in this.)
As for honking graphics... Aero! (ducks)
But, I use a DAS Keyboard 2 and type 140 wpm on a slow day. I hate the lag time involved in reaching for the bloody 2-dimensional X,Y coordinate translocator, so I use these shortcuts daily. I'm sure there are others; these are just the ones that came to mind.
DATABASE WOW WOW
Perhaps banks should actively phish their customer base...register some copycat domain and send typical phishing emails with links to a page that looks very much like the real login page (which shouldn't be hard, considering they made the real login page). Then, when users fall for the phishing scam, instead of having their bank account looted, they get a message saying, "If this had been a real phishing attempt, your bank account would be empty now. Remember to never click on links in emails that claim to be from any financial institution."
Yeah right. Firefox fails because of the way it handles text fields in a totally non-Mac-like way. Have your cursor at the end of a single-line text field (like the URL entry field) and want to go back to edit something at the beginning of the line? In just about every other Mac application, you simply hit the up-arrow once, and it goes to the beginning of the line of text. But not in Firefox, for some reason. Instead, I have to hold down the left-arrow and wait for it to get to the start of the line.
The same thing shits me when using Ubuntu. How can major applications get such basic text navigation so wrong? Changing the "theme" to look like something else isn't going to fix fundamental interface flaws. Firefox also has problems with the behavior of drop-down menus and selecting items in them.
... and then they built the supercollider.