I believe you have heard about web phishing that try to fool you to enter your credit card information via a fake website.
Now, with new technology such as EV SSL ( Extended Validation SSL), the EV SSL enabled web browser is able to tell you if you are in a trusted website with legitimate company.
When the company is trusted, the address barin your browser will be in green like the following:
However, please keep in mind that this technology addresses the problem that the website is authentic and original but it does not address the issues that the website contain certain vulnerabilities. To be more laymen terms, the technology confirms that you are recognised company but does not 100% tell you that the company's website is free from vulnerability by attackers.
I suggest that major SSL vendors should educate the users what exactly this technology offers instead of 100% trust what the authentic website offers. If the authentic website contain vulnerabilities such as Cross Site Scripting, the site is still fragile to the attackers.
Posts
1 comment:
Firefox would indicate phising site also and warn you.
Post a Comment