Wandering Thoughts archives

An idea for a browser anti-phish feature

Here's a somewhat naive idea for a browser anti-phish feature that might actually work, at least until phish spammers started getting really creative in various ways, sparked by yesterday's entry.

First, let's start with the twin observations that the real goal of anti-phish efforts is to avoid you entering your bank login and password anywhere except on your bank's site, and that people notice the presence of things much more easily than they notice the absence of things.

(Hence, among other things, the underwhelming success that SSL has played in stopping phishing; quick, notice that the padlock has not been shown in the URL bar. When the padlock often isn't.)

So let's take the goal as a literal thing. Have the browser remember your sensitive logins and passwords, along with the websites that they're supposed to be used on, and whenever you enter both into a form on any other website the browser pops up a big 'WHOA THERE' warning.

(For obvious reasons, the browser would store the login and password hashed and salted.)

This doesn't need website or user involvement to collect the basic information; the browser can passively build an index of sensitive logins and passwords by using the 'do not remember this field' flag that banks and other places set on their forms.

The downfall of this trick comes when phishers start prompting for your login and password using something besides simple forms, ranging from the very basic 'please email us your account information' approach through having JavaScript-based data entry instead of plain forms on their phish pages.

The 'Add Comments' problem

There is one significant imperfection in my effort to give comment readers as much context as possible: the 'Add Comments' link itself is easily accessible without having read any comments. The problem with this is that the people who are leaving comments are exactly the people you most want to have all of the context.

The obvious thing to do is to only put the 'add comment' link on the bottom of the page that has all of the comments, so people have to at least scroll past the existing comments to leave a new one. But in order to make it clear to a reader how to add a comment, I think you need to do two things: you need to always show the comments on the entry's page, and you can never show the full entry on any index pages, because you need to give the reader a reason to click through to the full entry page. As it happens, I don't like either of those requirements.

You could put the existing comments on the page with the 'add comment' form itself, but this has two issues. First, it plants all of the comments in front of people, ready for them to cut and paste and quote from, and on this issue I'm with Joel Spolsky; the less quoting that gets done, the better. Second, you'd pretty much have to make the 'Add Comment' link jump directly to the form, instead of making people scroll past the comments to get to it, so people wouldn't really be getting much exposure to the comments to start with.

(One way to deal with the second issue would be a two-column page, one column with the 'add comment' form and the second column with all of the current comments.)

Why I organize comments on WanderingThoughts the way I do

DWiki has a pretty simple way of displaying comments; all comments on a single page, which also has the main entry. There's a lot of more sophisticated comment handling systems, like LiveJournal and Slashdot, and I won't deny that part of why DWiki is simple is that simple is less code. But part of it is deliberate, because it's all about the context.

Specifically, I want people who read comments to have as much context as possible, which means that I want them to at least have the chance to see all of the comments along with the original entry. I prefer flat comments over threaded comments for the same reason; flat comments force a theoretical reader to at least skim the whole thing, instead of narrowing in on just one aspect of a discussion.

(This is true of threaded comments even if everything is displayed on the same page; people are good at quickly skimming visual structures.)

The other advantage of flat comments is that they push things towards staying as a single conversation, instead of multiple conversations diverging down each different thread. Well, assuming that one squelches heated side exchanges somehow, before they take over the entire conversation.

(I believe I got this cluster of ideas from Joel Spolsky, although he wasn't writing about blog comments.)