Latest Attempt To Catch Phishers May Make Life Difficult For Small Web Vendors

from the no-fun-at-all dept

It’s no secret that there are a lot of scammers out there online, and trying to come up with ways to weed out who’s legit and who’s not has certainly been a growth industry lately. However, sometimes things get tricky. Microsoft is rolling out a new system in the latest version of Internet Explorer that aims to flag certain sites as being safe or unsafe, using much stricter verification rules that secure certificate vendors need to follow. Of course, these are also a lot more expensive, and the strict rules mean that a lot of smaller merchants may not make the cut or may not want to pay extra to get these certificates. It raises questions about whether or not it’s fair for a company like Microsoft to put the burden on the sites themselves to go out and prove to a certificate vendor that they’re legit (and willing to pay a lot more than a standard secure certificate) just to be considered safe. Obviously, it can help to cut out many questionable sites, but if it has plenty of false positives, harming perfectly legitimate vendors as well, that’s hardly a good solution.


Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Latest Attempt To Catch Phishers May Make Life Difficult For Small Web Vendors”

Subscribe: RSS Leave a comment
14 Comments
misanthropic humanist says:

This is all about defaults. Many teenagers in the arrogant throes of hormonal angst declare “I don’t respect people because they demand it, people must earn respect”.

Of course an adult recognises this as nonsense. In life we must afford all people respect by default and only withdraw that repect when it’s proven they are unworthy.

Site certification is a scam. SSL works just fine with your own generated certificates and you don’t need the say so of country club monopolists to speak for your good name. That is to taken for granted by all and sundry unless they are otherwise informed by way of proof that you are untrustworthy. And if that specific opinion is not backed the legitimacy of a court of law, then it is libelous/defamatory (or whatever the correct legal term may be in your part of the world.)

Gene says:

So?

The fact that you think knowing how to block ads on MySpace.com demonstrates some kind of computer competency or web prowess lends testiment to the hypothesis that YOU, in fact, are the n00B!

I think you would be better of to presrible to this adage made famous by Abraham Lincoln: “It is better to have one think you are a fool, than to open your mouth and remove all doubt.” Same goes for using your computer keyboard to post a comment.

Mike Chervenka (user link) says:

MS Anti Phishing

I own a small On-Line BBQ business, and my site was listed as a possible phishing site. There is a wizard that pops up, and as the owner of the site, I had to fill out an online form answering some pretty basic questions and submit it. It took less than 24 hours and the tag was removed from web site. So long as your shopping cart is encrypted, and you have a solid Privacy Policy, you should be fine. Both of which are very inexpensive to do,

That guy... says:

Microsoft and the USA

Microsoft is the like USA.

USA wants to spread democracy to every person on the planet (much like the pilgrims did when they slaughtered the Indians in an attempt to spread Chri$tendom)

Microsoft wants to spread their ideals on the world wide web.

Granted, MS has done some good things. But, they should not be taken too seriously.

People are sheep, and will be herded by the first dog bold enough to bark…no matter what size.

It angers me… people are stupid, they allow themselves to be led.

Can we blame the “leaders” for seeing an opportunity and taking advantage? I dont think so. Much like the 18 year old dude standing in line at Best Buy to buy a PS3 for $600, and then put it on eBay the next day, and sell it for $2,000… we cant blame him for taking advantage of an opportunity.

If you bitch about what MS (and the USA) are doing, you are just vocalizing the fact that you are indeed sheep.

Mafiosos have it right… they keep quiet, and smack loudly.

Note: Very few mafiosos punch, they’ll smack you all around the room, but they wont punch. It’s strategic. Think about it…

My advise to the sheep… keep quiet, and take action.

Don’t want to pay for new certificates? Read a book on advanced programing best practices.

Don’t want MS to rule the world? Get a Mac.

You have the power. You just need to know it, know how to use it, and have the ballz to execute.

Unfortunately… there are few who do. And fewer to get together to do it…

The infamous Joe says:

Re: Microsoft and the USA

I try to give people the benefit of the doubt, but I can’t see where your post and the article are related.

The best I can come up with (and I tried) is that you’re saying when America sees what they think is a problem they go out and try to fix it– even if it’s a misguided attempt.

That being the case, I welcome you to try a different browser, like Firefox. Along the same lines, if you’re in America and you don’t like it– feel free to exit my country.

I have to wonder if you were led to your mac (like I was, sheep-like, to my PC) or if you invented it.

Jake (profile) says:

Missing the point

As usual, an article about a Microsoft product degenerates into generic complaints of the Redmond company. Which is fine, but if the commentators would first reads the article, they would see what the issue is.

Sites are identified in 4 ways: Red (known phishing site), Yellow (suspected phishing site), White (normal) and Green (verified legitimate business). The only issue the new certificates have to do with is green vs. white. A small business site will not be flagged as a suspected phishing just because they don’t have the extended certificate. There’s a fair bit of uncertainty now, because some suspect that your typical consumer will only do business with “green” sites. That may be true, but those people are probably the ones who now only shop at Amazon, Target & Dell now anyways.

It’s an oversimplification to characterize it as MS identifying sites as safe/unsafe. There are 4 levels, and if you were to present it as a dichotomy, it would make much more sense to group the “White” sites with the “Green” rather than the “Yellow” and “Red.” Not getting an extended certificate won’t be enough to make it “Yellow” or “Red,” and characterizing it as a false positive if a legit site is “White” doesn’t make a lot of sense. I recommend that folks read the linked articles, as Mike’s summary and the stories’ headlines do not give a good sense of the full story.

That guy... says:

Tsk tsk tsk… my friends, my countrymen, my brothers from other mothers…

Simon, good point on Linux. Thanks for that.

The infamous Joe:
I wont expect everyone to understand everything… if you pretend to do so. I encourage you to cure Cancer and feed world hunger.

I appreciate your suggestion on FireFox, thank you. It’s my browser of choice.

As for the USA being YOUR country. My friend, if it’s yours, please remove YOUR young men and women from Iraq. If it is YOUR country, then please adjust oil prices to their respective levels. If it is YOUR country, then please reinstate the 3billion dollars that was removed from Public Education- in order to pay for YOUR war in Iraq. If it is YOUR country, please provide basic and equal health care to everyone of YOUR citizens…

If it is YOUR country, please wake up from that dismal fking sleep you are in. The one where you think you are the best in the world, and you have the god given right to do as you please in anyone’s land, for any of your capricious whims…

Having been born and raised in this country, of parents where were born and raised in this country, whose parents, in turn, were born and raised in this country… i feel strongly about this country, yes. But that strength goes both ways: to the good and the bad.

Additionally, i’ve been to many other countries, and not just on vacation, either… It’s opened my eyes.

You seem educated. Schedule a flight. Pick up a book, talk to some locals of places like Iran, Korea, Tokyo, Cuba. Speak to them about their upbringing. About their education systems. About their methodology for raising their young, their culture, their morals and their business ethic. You’ll see there are some major differences in what YOUR country calls norm. But, again, i wont expect everyone to understand everything… let me repeat for the sake of emphasis…. If you do understand everything, then I encourage you to cure Cancer and feed world hunger.

oh, and, no sir, i was not led to my mac. In fact, i do not own one. I chose to run PC because that is where my personal choice has taken me.

To charlie potatoes,
… sigh… You have no clue what it means to be “alive”. I’ll just leave it at that.

Your buddy, the fellow American who gives a sh*t enough to call it out,

That Guy…

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...