CFA/Security-Notes: Difference between revisions

Jump to navigation Jump to search

CFA/Security-Notes (view source)

Revision as of 23:26, 26 July 2007

40 bytes added ,  26 July 2007
no edit summary
No edit summary
Line 90: Line 90:
** automatically fills out forms
** automatically fills out forms
** generates unlimited number of encrypted, unique passwords and disposable email addresses
** generates unlimited number of encrypted, unique passwords and disposable email addresses
* Single password (FF extension - Magic Password Generator, IE extension - Password Scrambler)
* Browser handles password generation; single password (FF extension - Magic Password Generator, IE extension - Password Scrambler)
** Uniquely scrambles your single password for every site you visit
** Uniquely scrambles your single password for every site you visit


Line 117: Line 117:
=== Other ===
=== Other ===
* Automated update - always checks to see if you're running the latest version, and notifies you when a security update is available (FF)
* Automated update - always checks to see if you're running the latest version, and notifies you when a security update is available (FF)
* Word of mouth security
** Social networks - 7 of your Facebook friends have purchased from this site
** Personal sources - Your computer-savvy cousin says this site is safe
** Online ratings - This site has 25 unresolved complaints according to BBB, and a reseller rating of 6.2
* Security history
** You've been to this site before
** Nothing's changed since the last time you were at this site
** You're sending a password to a site that you've never visited


* Browser Lock Down - remove security decisions from the user as much as possible; determine behavior based on configuration  
* Browser Lock Down - remove security decisions from the user as much as possible; determine behavior based on configuration  
* Personally Identifiable Information Bar
* Personally Identifiable Information Bar
* Page Security Scoring - use standard formula to calculate a score to provide consistent and trustworthy security context semantic to users
* Page Security Scoring - use standard formula to calculate a score to provide consistent and trustworthy security context semantic to users
* Security based on past actions
 
** you've been to this site before
** nothing's changed since the last time u were here
** you're sending a password to a site that you've never visited
* Social Networks
** 7 of your facebook friends have purchased from this site
** your grandchild who knows computers says this site is fine
** this site has 25 unresolved complaints according to BBB, and a reseller rating of 6.2
* Tech smarts
* Tech smarts
** Secure Remote Password Protocol
** Secure Remote Password Protocol
** let the browser handle password generation
** Watch for credit card numbers going out on the wire
** Watch for credit card numbers going out on the wire


Galen
455

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/63450"

Navigation menu