Difference between revisions of "Trusted Location"
From MgmtWiki
(→Problems) |
(→Problems) |
||
| Line 7: | Line 7: | ||
==Problems== | ==Problems== | ||
*A [https://en.wikipedia.org/wiki/Spoofed_URL spoofed URL] describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in web browser technology, allowing a malicious computer attack. During such an attack, a computer user innocently visits a web site and sees a familiar URL in the address bar such as http://www.wikipedia.org but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief. | *A [https://en.wikipedia.org/wiki/Spoofed_URL spoofed URL] describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in web browser technology, allowing a malicious computer attack. During such an attack, a computer user innocently visits a web site and sees a familiar URL in the address bar such as http://www.wikipedia.org but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief. | ||
| + | *A common attack is to replace one character with a similar character, say a 1 (one) for an l (ell) or a Turkish e for a Latin e. Most users will not be able to recognize the changes and will assume the site is one that is familiar to them. | ||
==Solutions== | ==Solutions== | ||
Revision as of 13:03, 4 December 2018
Full Title or Meme
A Trusted Location is one that will display a well-known tag showing who they are and what they intend.
Context
- As a part of having a Trusted Identity in Cyberspace a series of Framework Profiles have been created to allow digital Entities to give users a statement about the policies that they support.
Problems
- A spoofed URL describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in web browser technology, allowing a malicious computer attack. During such an attack, a computer user innocently visits a web site and sees a familiar URL in the address bar such as http://www.wikipedia.org but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief.
- A common attack is to replace one character with a similar character, say a 1 (one) for an l (ell) or a Turkish e for a Latin e. Most users will not be able to recognize the changes and will assume the site is one that is familiar to them.
Solutions
References
- The wiki page on Cookies provides some alternate solutions.
- The wiki page on Trusted Identifier can be used to bind a URL with a Trusted Location to a real-world Entity.
