Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

Amir Herzberg wrote:
> 1. TrustBar will automatically download from our own server, 
> periodically, a list of all of the unprotected login sites, including 
> any alternate protected login pages we are aware of. By default, 
> whenever a user accesses one of these unprotected pages, she will be 
> automatically redirected to the alternate, protected login page.

I like this idea a lot...

> 2. TrustBar allows users to assign a name or a logo to sites, protected 
> or not (to help users identify fake sites). We now added a mechanism 
> computes a hash of every unprotected site for which the user has 
> assigned name/logo. TrustBar compares this hash on subsequent accesses 
> to the same site. If the site is not modified in five subsequent 
> accesses, TrustBar begins displaying `Same since <date>`; and when the 
> site changes, TrustBar displays a warning. This can help users notice a 
> fake version of their login page. Unfortunately, this mechanism does not 
> work very well on most real-life login pages, since most of them contain 
> a tiny bit of frequently-changing data such as date or `random` 
> identifiers (mostly to identify a cookie-less client, we think). We are 
> working on improving the mechanism so it will be tolerant to such tiny 
> changes, without exposing the user to malicious changes.

...but don't like the principle of this one. Trying to work out which 
changes are safe and which are not is a very risky business indeed - and 
without that, it won't work very well in practice. How is the user 
supposed to translate a last-modified date (which, BTW, already arrives 
in an HTTP header) into a level of risk? They can't remember exactly 
what the entire page looked like last time they visited, so if it's 
changed recently, they have no clue if it's a risky change or not.

Gerv