[TrustBar] Re: [Anti-fraud] Question:why/do US banks differ
in protecting loginpages???
Amir Herzberg
herzbea at macs.biu.ac.il
Mon Jul 4 18:05:47 EDT 2005
Florian Weimer wrote:
> * Amir Herzberg:
>
>>BTW: coming soon - TrustBar to automatically warn of suspect sites based
>>on user's feedback (we already have a small DB of suspect sites from
>>users). We are looking forward to cooperate with others on exchanging
>>suspect sites information; we'll definitely publish a simple API to
>>receive our lists (well, really, it'll simply be an XML file you can
>>download).
>
> How will Trustbar clients access the database?
Simple HTTP GET request. Reason: so that HTTP proxies (and local
browser) will automatically cache the result. This provides a simple, if
not optimal, mechanism for local caching, which gives us both
performance and privacy advantages.
BTW, for the same reasons, requests will _not_ be based on a specific
domain or public key. Instead, requests will be for `buckets` containing
results for multiple domains/keys (based on a simple hash-based data
structure). In very early release of this we may simply use a single
query and bucket.
Feedback?
These functions are not yet in the alpha version of 0.4 posted in my
site; still in the pipe.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame
More information about the TrustBar
mailing list