News.com reports that Microsoft’s next operating system may protect sensitive information windows from being forged by putting personalized details in the edges. (The example was dogs’ names: “A hacker can create a spoof page with dogs’ names running along the border but, in all likelihood, not one reading ‘Buffy, Skip and Jack Daniels–and in that order,’ Biddle said.”) A simlar idea has already been implemented in the Verified by Visa program, which displays a message unique to each cardholder in its pop-up screen.

I think it’s a smart approach, but for me it only emphasizes how poor the security cues are in current-generation Web browsers. A small padlock or key in the status area is insufficient as a cue for something as important as encryption. Perhaps the entire location block should change color for secured sites, in addition to the padlock (which would remain to help visually impaired users.)

When it comes to important transactions, I see no benefit in making security subtle.

This entry was posted on Thursday, May 8th, 2003 at 11:11 pm and is filed under Miscellany.. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.