F-Secure Calls for '.safe' TLD 243
Rajesh writes "According to F-Secure, ICANN (Internet Corporation for Assigned Names and Numbers), the organization responsible for the global coordination of the Internet's system of unique identifiers, should introduce a .safe domain name to be used by registered banks and other financial organizations."
Maybe its just me.. (Score:3, Insightful)
As a matter of principle... (Score:5, Insightful)
Not going to help (Score:3, Insightful)
Re:Maybe its just me.. (Score:2, Insightful)
Because you know (Score:5, Insightful)
Countdown... (Score:5, Insightful)
A TLD does not solve this problem. An alert user does, aided by tools like regular check-ups, challenge-response systems or cryptography.
We've all heard how some corporations lose several thousands of records of personal data. What does that
Great but... (Score:5, Insightful)
How will it protect users from their own idiocy? (Score:5, Insightful)
Will this really make a difference? (Score:4, Insightful)
There will always be idiots, who will fill in their credit card information at visa.safe.ru!
Thats all well and good (Score:1, Insightful)
until the trojan redirects the DNS which whould nev..... whoops [google.com], ahh yeah but wouldnt the SSL certficate give it away you ask ? not if you install your own wildcarded cert which would never hap... whoops [wikipedia.org]
its not the name thats the problem its educating people on the threat of phishing
Is it useful? (Score:4, Insightful)
Assumptions (Score:2, Insightful)
Re:As a matter of principle... (Score:3, Insightful)
Why, F-secure can offer a service to make sure this doesn't happen! In fact, why not just say F-secure is responsible for validating sites in this TLD. That would be great.
The idea isn't really flawed, but the source is questionable. Its like a company that makes carbon filtering equipment says that all power plants should meet X carbon emissions. Great idea, not news, and blatantly self-serving.
Re:Assumptions (Score:3, Insightful)
They would need to implement some tough rules for who can register them for it to have a chance of working. Smething I don't think they have the backbone to do.
All this assumes people actually look at where a link goes before clicking it.
Oh God, Not Again! (Score:3, Insightful)
quick, someone who knows regex copy the most highly modded comments from here [slashdot.org], here [slashdot.org], here [slashdot.org], here [slashdot.org] and here [slashdot.org], and save us [xkcd.com]!
This is a great idea, I'm sure it'll work (Score:4, Insightful)
Putting a label on something doesn't make it true. (Score:1, Insightful)
In a way, labels are a sort of self-fulfilling prophesy. People put labels on things in the hopes that the labels are true. This is why nobody names their child "Loser" or "Stupid". Because what if it becomes true?! Then the parents would blame themselves.
I think am going to name my children "Nobel" and "Pulitzer".
.safe will be even more unsafe (Score:3, Insightful)
Dumb idea, game over. Next...
Re:Great but... (Score:3, Insightful)
On the face of it... (Score:4, Insightful)
We have
Financial institutions are a major power in our society, like government, so maybe they should have a specific domain. This would make looking for a financial place predictable. "I need to find my bank's web site. Ah, I will try bankname.bank" knowing that you will at least get a real bank, and not a phishing scam built on a typo in a name.
There are other major market segments which could justify a TLD like libraries (.lib?) and medical (.med?).
We should not let a fear of abusers stop us from trying to organize things in a predictably way. With more TLD options, we could possibly avoid domain names having to be ever longer because their name was already taken.
Not only that... (Score:5, Insightful)
What next? Will someone build a ship and claim it's unsinkable? Oh wait...
Re:Maybe its just me.. (Score:4, Insightful)
Also,
Re:On the face of it... (Score:3, Insightful)
the answer (Score:4, Insightful)
Q: (what was the question again?)
Re:Because you know (Score:1, Insightful)
Yes, social engineering seems to work even when the e-mails they get "from their bank" (yeaaaaah...) says:
"Hello, me is the president of AOL, aiiight! Yo usaz out there shou' know there are some issuez with our website right now. You must go to this link and fill in your credit card number so we can get you back yo numbaz!
Chill!
The president of your bank"
I have seen one of the bank e-mails that people were tricked by. It was a big joke how incompetent it was written. Clearly people don't read them thoroughly and know nothing about the fact that professional e-mails are usually spell-checked and grammar-corrected before sent to thousands of customers.
I laughed loud at the idiots who actually fell for it (we're not talking about a copy from a Paypal letter that had changed it hyperlinks but rather a text written badly from scratch), very obvious it was a fake e-mail. So immensly obvious