[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

what if...?

Subject: what if...?
From: smb at cs.columbia.edu (Steven Bellovin)
Date: Thu, 22 Dec 2011 22:13:40 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <CAJNg7VLJzwZk19AkNOjrw87OZ5+2taoGsXTk6thR2oRsE=gDwQ@mail.gmail.com> <[email protected]>

On Dec 22, 2011, at 7:04 PM, Jeroen van Aart wrote:

> Marshall Eubanks wrote:
>> Does your Mom call you up every time she gets a dialog box complaining
>> about an invalid certificate ?
>> If she has been conditioned just to click "OK" when that happens, then
>> she probably can't.
> 
> Everyone I have observed clicks "ok" or "confirm exception" (if I remember the phrase correctly) as soon as possible. Sadly I think only a few security conscious (IT) people will actually think twice and reject it if they don't trust it.
> 
> That to me proves this aspect ssl is somewhat flawed in that regard. But then I am preaching to the choir. :-)


See the definition of "dialog box" at http://www.w3.org/2006/WSC/wiki/Glossary

		--Steve Bellovin, https://www.cs.columbia.edu/~smb

References:
- what if...?
  - From: esuarez at fcaglp.fcaglp.unlp.edu.ar (Eduardo A. Suárez)
- what if...?
  - From: marshall.eubanks at gmail.com (Marshall Eubanks)
- what if...?
  - From: jeroen at mompl.net (Jeroen van Aart)

Prev by Date: IPv6 RA vs DHCPv6 - The chosen one?
Next by Date: IPv6 RA vs DHCPv6 - The chosen one?
Previous by thread: what if...?
Next by thread: what if...?
Index(es):
- Date
- Thread