Posted on 02/07/2007 1:17:07 PM PST by ShadowAce
Microsoft IE7 Browser Starts Showing Green for Web Sites That Pass More Rigorous Test
NEW YORK (AP) -- Users of Microsoft Corp.'s latest Web browser can start looking for the address bar to turn green while shopping or banking.
The security feature in Internet Explorer 7 is activated when sites have what's known as an extended-validation certificate. That's given out to merchants that have undergone and passed screening that is more rigorous than what is normally required to obtain regular certificates, which trigger a closed padlock on the browser familiar to many online shoppers.
But lack of a green bar shouldn't be interpreted as a sign a merchant is fraudulent.
Many smaller and newer businesses will not be able to get the EV certificates because rules for verifying them have yet to be written.
And the green bar only appears when there's a transaction or login -- such as entering a credit card number or password. The address bar might remain white while visiting the home page of a merchant with EV certification.
The appearance of the green bar should tell visitors that the merchant does exist and operates at the location it says it does, though it doesn't validate its quality of service.
Browser makers and certificate issuers have been working on the EV system for nearly two years partly to address the rise of "phishing" scams in which Web sites try to mimic legitimate businesses to steal passwords and other sensitive data.
Although certificate issuers used to always check to make sure sites were really what they said they were, newer competitors have tried to cut costs by checking only that the site owns the domain name. Scam artists -- needing only a credit card and a domain name -- have thus been able to obtain the certificates necessary to appear legitimate.
The green bar feature is currently available on Microsoft's IE7, which comes with Windows Vista computers and is available as an upgrade for some older systems. Other browsers such as Mozilla's Firefox and Opera Software ASA's Opera also are working on similar features.
The tool for IE7 complements a newly launched filter that displays a red warning for known phishing sites and yellow for suspicious ones. In some cases, that filter must be turned on for the feature to start working properly.
Sites initially using EV certificates include eBay Inc., Overstock.com Inc. and Charles Schwab & Co.
That is quiet ridiculous.
In Firefox, Changing the color of the address bar is a 4 line piece of code in chrome.css , add some more code to have it only change for your specific scam website, put it in a virus in an email, and you're set.
It can't be much more complicated for a virus to change the appropriate code for IE7 also. Especially for a pc that has been opened up with windowshades or similar skinning software.
The potential for this to get hacked is enormous. What a scam.
Doesn't Microsoft EVER think ahead to what can go wrong with their "mega-cool-outta-site" ideas???
Here's another typically BAD IDEA from the folks who brought you the "What-Me-Worry" Operating System.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.