Security, part 2

I think the essence of my last post was lost in the screenshots. In particular, I am painfully aware of doron’s point that users don’t care about security. That’s not the point of this exercize. Instead, the point is to make sure that web content cannot be mistaken for browser chrome. This must involve (IMO at least) some sort of border around unsecure content. You can’t possible put a trustable border around all the browser chrome, but you can put a trustable border around untrusted content. Whether or not users actually read the security info is unimportant. You no longer have the opportunity to spoof the master password dialog.

Atom Feed for Comments 3 Responses to “Security, part 2”

  1. George Olive Says:

    What about putting a “seal” on toolbars. This would be an icon or menu item that the browser user picked, but would not be programatically readable thru xul. Thus is someone tried to reproduce the menu, the seal would not be there.

    Since the seal is user selected, no spoofer could know what image it contained.

    I’m just learning how xul works, so I hope this idea doesn’t sound too stupid.

  2. Scott Gammans Says:

    That is a fascinating idea George, and no, it doesn’t sound stupid at all. Benjamin is well aware of my complaints with remote XUL security in Mozilla 1.7, so I think “out-of-the-box” suggestions like yours and BS’s “trust border” concept are worthy of further study.

  3. Stephen Duncan Jr Says:

    I was thinking of something similar, George: like a user-created Throbber or something that would always show (the Throbber was based on the fact that it’s already unclear-meaning UI, and that the address bar was chosen to always show).

    I hadn’t really thought of it from the same point of view as you, though. So, it’s more like , it’s always there on every bar of browser chrome that we’re worried about being spoofed, and the user would, assumably, see a toolbar or such without it, and think “that doesn’t look right”. The advantage being that safe chromeless pop-ups would be possible.

    The problem, of course, is getting users to create something, and where do you put it so that it’s not horribly in the way, but get the users to notice it, and notice when it’s gone.

Leave a Reply