« Do We Need More Studies on Reused Passwords? | Main | The Problem With EV SSL »

April 18, 2008

Safari in PayPal's Crosshairs?

Some followup from PayPal’s February rumblings about Safari:

“‘In our view, letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seat belts,’ said PayPal Chief Information Security Officer Michael Barrett.

“In a white paper that outlines a five-pronged action plan aimed at slowing the phishing epidemic, Barrett said there’s a ‘significant set of [PayPal customers] who use very old and vulnerable browsers’ and made it clear that any browser that falls into the ‘unsafe’ category will be banned.

“‘At PayPal, we are in the process of reimplementing controls which will first warn our customers when logging in to PayPal of those browsers that we consider unsafe. Later, we plan on blocking customers from accessing the site from the most unsafe—usually the oldest—browsers,’ he declared.

“Barrett only mentioned old, out-of-support versions of Microsoft’s Internet Explorer among this group of ‘unsafe browsers,’ but it’s clear his warning extends to Apple’s Safari browser, which offers no anti-phishing protection and does not support the use of EV SSL certificates.”

(Link)

Larry Dignan says PayPal will lose this confrontation:

“So what are the motives here? PayPal–a huge phishing target–obviously wants more protection. It obviously wants EV SSLs, but Apple won’t budge. The solution: Go public.

“But is Apple really going to be pressured this way? Highly unlikely. PayPal seems to be hung-up on EV SSL certificates, but couldn’t Apple meet anti-phishing requirements another way? Why wouldn’t Apple just create lists of offending sites or warn users if a page is sketchy? Does Apple really have to buy into EV SSL?

“Meanwhile, it’s unclear whether PayPal would actually follow through on a Safari ban. PayPal isn’t going to annoy Apple users. And it isn’t going to turn off transactions on the iPhone either. In this stand-off I’d say the advantage is all Apple.”

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 4:17 PM | Add Comment

Leave a comment











Type the characters you see in the picture above.

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Avaya Article: How to Feed Data into the Avaya Event Processor
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
 Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: Developing a Software Policy for Your Organization
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Win a Lenovo ThinkPad X300 Notebook in the Intel Resource Center Scavenger Hunt
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
 Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Enterprise Search--Do You Know What's Out There?
HP Demo: StorageWorks EVA4400
 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES