Last month, security firm F-Secure proposed the creation of a ".safe" TLD as a way to protect financial institutions and consumers from phishing attacks. The basic idea was that the TLD would connote safety, allowing consumers to use a website without worrying about being on a spoof site. Of course, this is an obviously flawed idea, since it would only work (in theory) if every financial institution shelled out for the domain, while even then, phishers would find ways to dupe people into going to phony sites. Apparently that idea didn't go over too well, so now the company is promoting the same thing, except this time it's ".bank" as opposed to ".safe". The key, according to the company's chief Mikko Hypponen, is to make the TLD cost $50,000, so that only legitimate institutions would bother to register one. Again, this runs into the exact same problems. Phishers would find still find ways of duping people into going to the wrong site, while the $50,000 price tag would deter many banks, particularly small banks and credit unions. Not surprisingly, many security experts are roundly trashing the idea for being ineffective. Obviously, phishing remains a problem, but the idea that it can be solved with a new TLD represents a failure to understand the problem, which is not exactly inspiring from the head of a security firm.
If you liked this post, you may also be interested in...
- Keith Alexander Tells Senators He Can't Think Of Any Other Way To Keep The US Safe Other Than Bulk Metadata Collections
- CEO Of 21st Century Fox Thinks People Aren't Really Asking For A La Carte TV Channels
- Rep. Peter King's Office Suggests NPR Producer Lied About Being Detained At Border By DHS
- USTR Says TPP Must Be Kept Secret, Because The Public Is Too Stupid To Understand It
- DailyDirt: Technology Is Changing The Way We Talk Because Internetz, LOL