-
Website
http://pauljacobson.org/ -
Original page
http://pauljacobson.org/2008/04/20/safari-is-too-insecure-for-paypal-and-will-be-blocked/ -
Subscribe
All Comments -
Community
-
Top Commenters
-
IrcMaidon
2 comments · 1 points
-
Tyler Reed
3 comments · 2 points
-
abaranov
5 comments · 2 points
-
Jonathan
2 comments · 1 points
-
Duncan Drennan
8 comments · 1 points
-
-
Popular Threads
-
A couple Afrihost should implement to fix its partly inaccessible Client Zone
6 days ago · 2 comments
-
Google Maps South Africa launch
1 week ago · 3 comments
-
Nokia N97 2.0: now with iSync support
5 days ago · 1 comment
-
The new communication Wave isn’t what you think it is
1 month ago · 8 comments
-
Is history repeating itself with Nokia?
1 week ago · 2 comments
-
A couple Afrihost should implement to fix its partly inaccessible Client Zone
For EV Certs, the issuers must pass an independent audit and they must all follow the same guidelines when issuing an EV Cert:
* Establish the legal identity as well as the operational and physical presence of website owner;
* Establish that the applicant is the domain name owner or has exclusive control over the domain name; and
* Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer.
This should make it more difficult for the bad guys and give users more information about those who do get issued an EV Cert (their physical address, for example.)
The other issue that's got PayPal concerned (and many others, including Mozilla) is phishing. Firefox has a built in Phishing Protection feature that warns you when you've ended up on a site known to be a phishing site. This is another way that you can know you're at the real PayPal and not PayyPall. IE 7 has a some protection against phishing too.
Safari has many great attributes, but helping users stay safe on the Web of 2008 isn't at the top of that list and I hope they release an update soon that has both EV Certs and some form of phishing protection. They're the third most popular browser and with a user base in the millions, they've got a real responsibility to stay competitive with the leading browsers.
Firefox and IE have both stepped up on this and so should Safari.
- A
For EV Certs, the issuers must pass an independent audit and they must all follow the same guidelines when issuing an EV Cert:
* Establish the legal identity as well as the operational and physical presence of website owner;
* Establish that the applicant is the domain name owner or has exclusive control over the domain name; and
* Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer.
This should make it more difficult for the bad guys and give users more information about those who do get issued an EV Cert (their physical address, for example.)
The other issue that's got PayPal concerned (and many others, including Mozilla) is phishing. Firefox has a built in Phishing Protection feature that warns you when you've ended up on a site known to be a phishing site. This is another way that you can know you're at the real PayPal and not PayyPall. IE 7 has a some protection against phishing too.
Safari has many great attributes, but helping users stay safe on the Web of 2008 isn't at the top of that list and I hope they release an update soon that has both EV Certs and some form of phishing protection. They're the third most popular browser and with a user base in the millions, they've got a real responsibility to stay competitive with the leading browsers.
Firefox and IE have both stepped up on this and so should Safari.
- A
http://www.tuaw.com/2008/04/21/paypal-says-it-w...
http://www.tuaw.com/2008/04/21/paypal-says-it-w...