[cryptography] preventing protocol failings

James A. Donald jamesd at echeque.com
Sat Jul 23 01:29:37 EDT 2011

On 2011-07-23 7:29 AM, Marsh Ray wrote:
>  > How do the security properties change when the user clicks
>  > on a link in a phishing email?

On 2011-07-23 2:06 PM, James A. Donald wrote:
> when someone contacts me on skype, they can never
> successfully pretend to be one of my existing contacts. Why should
> someone who contacts me by email be able to pretend to be one of my
> existing contacts?

On skype, when someone who is not one of your existing contacts attempts 
to instant message you, a quite different user interface pops up, a user 
interface that prominently displays a block button.

After a while, end users become well trained to hit the block button on 
sight whenever it appears unexpectedly.

More information about the cryptography mailing list