Search engines, links, and bookmarks can point
the browser in the right direction without forcing you to type
extra long and largely meaningless URLs. As a result, the average
user might not pay a lot of attention to addresses or get a lot
of meaningful information from them. What is the most obvious
visual clue users leverage to determine where they are? The
rendered page itself! Unfortunately, it is very easy to replicate
the look and feel of a legitimate page on a fraudulent server.
There??™s more: The replica does not even need to be that accurate,
as we explain next.
When you enter your credentials in Windows, both for accessing
the machine or for performing privileged operations such as
accessing a network share, you expect the username and password
dialog to have a certain look and feel. If you are prompted
by a dialog that is even slightly different from what you expect,
there is a very high chance that you will notice that something is
not right. This knowledge will help you to assess the risk and
make decisions such as notentering your credentials and seeking
the attention of the system administrator/computer savvy
spouse/teenager of the household. Such a good property is by
no means inherent to Windows itself, but it??™s quite the result of
the consistency derived from the fact that authentication is managed
at the common infrastructure level (in this case, the operating
system) rather than left to every application.
Pages:
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152