More Extortion-ware (Not Really)
Well, not really since this does not appear to be an automated attack, rather a manual and specific one. Also, hello, “cyber cafe”? I am not sure that this constitutes a new form of hijack, but is rather a single case of blinding naivete.
I am worried about the dangers of automatic filling of passwords, however, and would like to see more discussion of what the end user can do. I have talked about this repeatedly on the podcast. I’ve been playing with Sxipper in Firefox but don’t think it solves that particular problem any better. I have submitted a feature request, however, to delay filling in credentials until confirming the Sxipper dialog as it at least may introduce a window where you can try to confirm the validity of site and cancel out before potentially exposing yourself, if there is any cause for concern.
