Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Extended Validation Certificates Certifiably Useless

Posted by Mike Fratto, Editor on February 16, 2007



A recent study shows that a new antifraud mechanism does little to help users identify phishing sites.


Extended Validation certificates are being touted by the CA/Browser Forum--an association of prominent certificate authorities and browser developers--as a means to help users identify fraudulent sites and thwart phishing. EV certificates require more stringent identification of a domain owner, and the presence of an EV certificate lets browsers provide visual clues to users, such as a green address bar in IE7.


But in a Stanford University study, EV certificates did not help users identify common phishing attacks. The only real information a user will get from an EV certificate is that a particular Web site ponied up extra cash to get one. --Mike Fratto, mfratto@nwc.com


Add Your Comment:

  Sponsored Links

Premium Content

Next Generation Data Center, Delivered, November 17th
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll