undefined | Better HN

0 pointsriffraff15y ago0 comments

not really. Consider for example yahoo's implementation: when I get redirected to Y! for login, I have my personal login seal on the page that grants me that I am actually talking to yahoo and not some scam site.

0 comments

stonemetal15y ago

What about man in the middle?(Go to yahoo get your image and display it for you.) Heck even pass your credentials through to yahoo to verify that you gave me the correct credentials.

riffraffOP15y ago

I believe that falls out of the definition of "trivially easy to phish"

j / k navigate · click thread line to collapse

0 pointsriffraff15y ago0 comments

0 comments

stonemetal15y ago

What about man in the middle?(Go to yahoo get your image and display it for you.) Heck even pass your credentials through to yahoo to verify that you gave me the correct credentials.

riffraffOP15y ago

I believe that falls out of the definition of "trivially easy to phish"

j / k navigate · click thread line to collapse