Comments: PayPal protected with Trustbar and Petnames

Ian, few comments on your entry:

In your screen shot of TrustBar you evidently did _not_ select the name PayPal, Inc. yourself... Like, I suspect, many users, you simply used the automatically-presented identifier (PayPal, Inc.) which TrustBar extracted from PayPal's certificate...

If you _would_ have assigned your own, chosen name to the site, e.g. My PP, this will be marked with green background, see enclosed...

And I think to complete the picture, it would be nice to also show the screen with a user-chosen logo.

One last comment: at the end, you said:

> One thing that neither of those tools will do is work without SSL.

That's not quite true for TrustBar; we allow users to assign names/logos also for unprotected sites. Without SSL, this by itself does not protect users from MITM, but as you often wrote, most attacks, at least so far, were by weaker attackers, so this does provide some value.

Furthermore, in our new releases, we are adding some defenses (even against MITM) for the important case of unprotected login sites (some already available); I'll describe these in separate note.

Best, Amir

Posted by Amir at September 18, 2005 07:49 AM
Post a comment









Remember personal info?






Hit Preview to see your comment. 
MT::App::Comments=HASH(0x55ce96f39c18) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.