OpenID

Melih. on a recent podcast of Security Now with Steve Gibson the topic of OpenID Precautions came up. Although OpenID is still growing and probably should not be used for banking, some points came up and one especially stands out.

Many, many users when going to a secure site do NOT look so see if the lock is Closed ! Wonder if one of basic products you could provide a more VISIBLE warning and requiring the user to click on a leave site or continue with this site. As I said many users do not look down to see if the lock is closed before it is TOO Late.

Besides financial transaction sites, with all the social networking sites appearing every few months, there should be a security assurance for those logging on especially teenagers that this is the site it says it is. But don’t those sites need to sign up or acquire a certificate of authentication first. Many may not want to spend the money!

Here is the podcast Steve Gibson only makes his earnings from SpinRite. The commercials are for the podcasts and Leo Laporte and Twit

UncleDoug

thanks for that UncleDoug

Actually our Verification Engine (www.vengine.com ) does just that!
It shows a large Padlock when you get into a secure session, you just can’t miss it :slight_smile:

thanks
Melih

Just as melih said, the vengine does that, very well, I might add. I use it. Infact, it makes things so obvious it’s funny. Like if you go to a site, vengine puts a huge neon-green border around your screen!