[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [idn] nameprep2 and the slash homograph issue
JFC (Jefsey) Morfin wrote:
Actually I repeat that all the propositions to change what the user can
see is user hurting. The need for the click to send a request which the
one the user want, not the one the phisher want. IMHO one does not
increase security in hiding the existand of the danger, one increases
the risks.
Jefsey, it must be difficult to participate in this kind of group when
English is not your main language, but I, for one, do appreciate your
wise contributions, so I take them seriously.
However, I must disagree with this particular suggestion (if I
understand you correctly). If a phisher spams users, it is not the email
app's responsibility to direct the user to whatever site the app might
guess is the "correct" one. No, I think it's better for the app to warn
the user in some way that this is a phishy email, and might be evil.
This is similar to the advice that you should not give your Social
Security Number (SSN) or credit card number to someone over the phone,
unless *you* are the one dialing the phone number (using a well-known,
published phone number).
Erik