[cap-talk] Firefox and identifiability, small steps or large
Ian G
iang at systemics.com
Wed Feb 9 08:28:10 EST 2005
Ka-Ping Yee wrote:
>On Wed, 9 Feb 2005, Ian G wrote:
>
>
>>So, yes, we all who are working to deal with phishing would
>>certainly value your help. But it would be a really good
>>idea if any one who wants to help starts from the point of
>>view of seeing what else is out there and seeing what they
>>can pick up on and save effort on.
>>
>>
>
>Are there any studies that evaluate the effectiveness of
>existing anti-phishing measures with real users?
>
>
Both of below did small scale trials on 10 - 50
users. I think their size is about applicable
given the experimental nature. More would
obviously support their results, but it seems
prudent to concentrate efforts on getting the
product closer to more users than doing more
experiments than just enough to confirm the
basic direction. All IMHO.
I've copied Amir above, he may know of other
experimental results with real users.
1. TrustBar: Protecting (even Naïve) Web Users from Spoofing and
Phishing Attacks
Amir Herzberg[1] and Ahmad Gbara,
Computer Science Department
Bar Ilan University
http://www.cs.biu.ac.il/~herzbea//Papers/ecommerce/spoofing.htm
2. Zishuang (Eileen) Ye, Sean Smith:
Trusted Paths for Browsers.
USENIX Security Symposium 2002, pp. 263-279.
http://www.informatik.uni-trier.de/~ley/db/conf/uss/uss2002.html#YeS02
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
More information about the cap-talk
mailing list