Re: TrustBar and insecure sites of PayPal, MS Passport, Yahoo!, Chase, ...

["David Wall @ Yozons, Inc." <dwall () yozons com>]

> and most visible and sensitive web sites still ask users to enter
> passwords into unprotected web forms - making it trivial for attackers
> to emulate these pages and steal passwords. These include PayPal, chase,
>   Microsoft's passport, Yahoo!, eBay, TD Waterhouse,...  (I've checked
> most of them about a month ago and this was still the case; I've checked
>   PayPal today...)

Your tool may be nice, but Paypal does redirect to an SSL site if you type
in paypal.com or www.paypal.com and if you click the "log in" link.  Of
course, this helps, but since most web users are not savvy and don't use
your tool, such a "fix" rarely helps.  After all, someone who is naive
enough to follow such paypal links probably doesn't know anything about
keeping themselves safe online, which is why they are targeted.

David