Read more.Latest security measures by PayPal could block Apple's browser, as well as older versions of Internet Explorer
Read more.Latest security measures by PayPal could block Apple's browser, as well as older versions of Internet Explorer
older versions of browsers i can see a very valid reason for blocking... but safari in general? never used it so you will have to excuse me but are there actual issues or is this a vendetta of some sort?
VodkaOriginally Posted by Ephesians
I don't see anything wrong with that. If it doesn't support the security requirement, which is available in other browsers (available on the Mac too), then it's up to Apple to sort it out. Since Safari has such a small user base I doubt it's going to effect too many of PayPal's customers.
I see no problem either they give their browser required support or it's banned.
Feel Free to add me to your Raptr, XFire, XBL or PSN Friend List
My Steam Profile - Hexus Steam Community
I think it is ironic that paypal are promoting this when you consider that many people would lump them in the same category as the untrustworthy shysters that EV SSL Certificates are supposed to fix.
The problem with normal SSL certificates is that the issuing authorities (Verisgn etc) will issue them to anyone who pays the fee. The certificate certifies that the holder was who they said they where, and owned the domain that the certificate was issued to. It does not certify that the holder is trustworthy in any way. Because of this, I personally don’t trust a website with a valid SSL certificate any more than I trust one with an expired or self signed one. All a valid certificate proves is that the website owner stumped up $100.
EV SSL certificates attempt to fix this trust problem by doing more identity checks on the person or organisation applying for the certificate, but if you look at their list of who is eligible you will see that they will still give out certs to just about anyone with money, so they have not really fixed the trust problem, and this just comes over as a way to extract higher fees for certificate signing. For example under their rules there would be nothing to stop someone registering a company named HS3C, getting an SSL cert for it, and then using that domain to fake the HSBC website.
The way to fix the trust problem is to create a new category of certificate, to be issued by a trusted government institution instead of a commercial entity trying to make a profit, and to only issue certificates to institutions that the issuer considers trustworthy. For example to reduce the phishing of bank details, the bank of England could become a certificate issuing authority, and would issue certificates to banks in the UK that it regulates considers to be of good standing, and who abide by the banking code. If I saw a banking website with a Bank of England certificate, I would be able to trust it much more, because I would know that the Bank of England knows who they are and considers them trustworthy. Under this plan all the usual UK high street banks would be eligible, as well as most foreign banks who have offices in the UK. PayPal would not be eligible as they are not regulated as a bank.
Back to PayPal’s problem with phishing, the real problem there is nothing to do with PayPal’s website, but with the fact that it is so easy to fake emails from PayPal, to send victims to a different fraudulent website. PayPal could fix that easily by attaching digital signatures to all their emails, so that fakes could be quickly detected.
As a further to this, I was clearing out my Spam folder last night and noticed an email from "NatWest". Oviously being in my spam folder it was showing me the HTML as opposed to rendering it. It ammused me, most of the graphics were pointing to the PayPal servers
I don't know what the graphics were, although I was tempted to move it to my inbox to take a look![]()
There are currently 1 users browsing this thread. (0 members and 1 guests)