nationwide interception of Facebook & webmail logincredentials in Tunisia
Ben Clifford
benc at hawaga.org.uk
Fri Feb 11 15:04:24 GMT 2011
> I think the one further thing the man in the pub needs to understand is that,
> when he sees a padlock, he should click on it and see whether the names that
> comes up is what he expected.
Safari does that for you automatically - when I go to natwest's home page
and click on the online banking link, I get 'Royal Bank of Scotland Group
plc'. So RBS either 0wns or owns natwest? But it doesn't match up with who
I went to - NatWest.
(Also, I went to the obvious 'natwest.co.uk' and was redirected to
nwolb.co.uk. Poor training for your users: don't be surprised when you're
using natwest online banking if the URL is some strange letter sequence
rather than the website you went to...)
--
More information about the ukcrypto
mailing list