[technology taskforce] Google Developers : Humans can't read URLs. How can we fix it? - HTTP 203
Johan Helsingius
julf at julf.com
Fri Feb 7 19:59:32 UTC 2020
The fact is that people click on links and do searches, they don't type
in domain addresses.
Anyway, how do you know "mybankinfo.com" is a safe site in the first
place? And if someone can steal credentials or place malware, looking at
the URL won't help.
Julf
On 07-02-2020 20:52, Dev Anand Teelucksingh wrote:
> A large problem is when bad persons obscure the domains of companies in
> phishing campaigns so that persons go to the bad persons' website on
> another domain and steal their credentials or get malware installed.
>
> So say you get an email link from a trusted person whose been hacked
> saying - "hey we're not sure your paycheck was delivered to mybankinfo.
> Can you login to mybankinfo.com.paymentlogin.info
> <http://mybankinfo.com.paymentlogin.info> and check?
> The challenge is that persons may just see "mybankinfo.com
> <http://mybankinfo.com>" and assume they are going to the mybankinfo.com
> <http://mybankinfo.com> site.
> And because they clicked on the link, how would the browser "know" what
> the site you really intended to go to?
>
> Dev Anand
>
> On Fri, Feb 7, 2020 at 3:04 PM Johan Helsingius <julf at julf.com
> <mailto:julf at julf.com>> wrote:
>
> On 07-02-2020 19:49, Dev Anand Teelucksingh wrote:
> > Hmm....How would persons know what is the website they are viewing on
> > without the URL?
>
> How many users check out the website info in URLs anyway? How will they
> know that Mybankinfo.com is OK, but mybank.info <http://mybank.info>
> isn't?
>
> Shouldn't it be the job of the browser to check if the web site is the
> one you want to talk to (based on certificates)?
>
> Julf
>
> _______________________________________________
> ttf mailing list
> ttf at atlarge-lists.icann.org <mailto:ttf at atlarge-lists.icann.org>
> https://mm.icann.org/mailman/listinfo/ttf
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of
> your personal data for purposes of subscribing to this mailing list
> accordance with the ICANN Privacy Policy
> (https://www.icann.org/privacy/policy) and the website Terms of
> Service (https://www.icann.org/privacy/tos). You can visit the
> Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style
> delivery or disabling delivery altogether (e.g., for a vacation),
> and so on.
>
>
> _______________________________________________
> ttf mailing list
> ttf at atlarge-lists.icann.org
> https://mm.icann.org/mailman/listinfo/ttf
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>
More information about the ttf
mailing list