Survey: New HackerProof Design

How Can I Help Comodo? (Please We Need You!) Please Tell Us Your Views and Vote Here!
1

Hi Everyone,

Please help us evaluate the new HackerProof logo design by taking a short survey. We appreciate it!

Click here: http://www.surveymonkey.com/s.aspx?sm=fS2zVjaUX2ynmt9O4gka1g_3d_3d

Thanks,
Alex

2

Oh, please . . .

In order for the logo to mean anything, you have to say a bit to the curious user (who clicks on the logo) how this “hacker proof” system works. Simply plastering a logo all over the place does not affect security at all. Saying you do “extensive tests” is a bunch of handwaving. Tell users what you test for!

I’m not saying you have to give details or patented or trade secret info, but at least an overview of the types of tests you perform wouldn’t hurt. Does it test for database injections? Does it test for DOS attacks? Does it test for DNS poisoning? Does it test for email header injections on web forms? Does it test for session hijacking? Does it test cross site scripting and clickjacking? Does it run virus scans on downloads? Does it check for mixed security on websites and forms? I don’t have a clue!

Seriously, this logo doesn’t make me feel any safer because I don’t know how it protects me or anybody else.

In addition, I’m gonna be honest: Any decent HTML programmer can add a fake logo to the website. It’s not hard to spoof.

The best assurance IMHO is not a silly logo, but an Extended Validation Certificate.

If you put the logo on a site with an EV cert, then I can be pretty sure it’s safe. Legit businesses are unlikely to try to fake the logo. Otherwise, it could easily be faked by anybody with a decent HTML/CSS background.

Frankly, the EV cert does a lot more to assure me of the security of a website than a logo. The fact that it’s integrated into the browser chrome makes it a lot more difficult to fake.

What might be nice is a browser plugin that tells the user that the logo is legit - I’d find it a lot easier to believe a browser plugin downloaded from a trusted source than an image on a page.

It’s not about the design of the logo - it’s about how it works. And right now, nobody has a clue how it works, other than it does some random tests and places an easily faked image on a page.

3

This survey, taken last, week did not produce favourable results towards the new design.

4

Well, my biggest issues are kinda with the concept itself, not the design. It’s rather silly to think of security in terms of artwork.