[16938] in cryptography@c2.net mail archive
Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
daemon@ATHENA.MIT.EDU (Ben Laurie)
Tue Feb 22 11:36:58 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 17 Feb 2005 17:24:01 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: Taral <taral@taral.net>
Cc: Amir Herzberg <herzbea@macs.biu.ac.il>,
Ian Grigg <iang@systemics.com>, cryptography@metzdowd.com
In-Reply-To: <20050209190622.GA17685@yzma.clarkk.net>
Taral wrote:
> On Wed, Feb 09, 2005 at 07:41:36PM +0200, Amir Herzberg wrote:
>
>>Want to protect your Mozilla/FireFox from such attacks? Install our
>>TrustBar: http://TrustBar.Mozdev.org
>>(this was the first time that I had a real reason to click the `I don't
>>trust this authority` button...)
>>
>>Opinions?
>
>
> Why should I trust you? Filtering xn--* domains works for me, and
> doesn't require that I turn my browser over to unreviewed, possibly
> buggy code.
Errr ... your browser _is_ unreviewed, possibly buggy code.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
