Re: A security change in Chrome you would be wise to correct


Antony Stone
 

I would suggest that more people click on links to arrive at a web page than
type in the address themselves.

This is how phishing attacks work - you receive a plausible-looking email
claiming to be from Amazon, eBay, your bank, an airline, etc. telling you
there's a problem with your account (or perhaps making you a special offer),
and giving you a link to click on. The site you land on looks almost
identical to the real one.

Such sites then typically invite you to log in, maybe buy something, then
present an error message, redirect you to the real site, and take your
credentials (and possibly credit card details too, if they got you to go that
far) and do whatever they want with them.

So, in my opinion, anything which disguises the real web address from users is
a very bad thing. It conceals potentially important information, and it
treats people as though they don't understand the web, which encourages people
not to understand the web and be vulnerable as a result.


Antony.

On Wednesday 12 September 2018 at 16:49:26, Brian Vogel wrote:

Tempest in a teacup. The end user is responsible for entering the web
address that they want, and that's what gets loaded.

Every modern web browser has allowed the end user to omit the www for some
years now and inserts that in most cases when necessary.

If you, for any you, aren't taking a quick look around a page after it
loads, and saying "hmmmmm?," if you're not encountering what you're used
to, the display of the address is the last issue to worry about. Just go
back to the address bar and enter the corrected address.

--

Brian
--
This email was created using 100% recycled electrons.

Please reply to the list;
please *don't* CC me.

Join nvda@nvda.groups.io to automatically receive all group messages.