Comments on: Single-Site Browsers http://blogs.yankeegroup.com/2008/04/21/single-site-browsers/ the global connectivity experts™ Wed, 10 Mar 2010 15:11:25 -0500 hourly 1 By: Dan Guido http://blogs.yankeegroup.com/2008/04/21/single-site-browsers/comment-page-1/#comment-2432 Dan Guido Mon, 21 Apr 2008 23:52:42 +0000 http://blogs.yankeegroup.com/2008/04/21/single-site-browsers/#comment-2432 The one critical problem that I see with SSBs is that if someone receives a phishing e-mail and the website it brings them to looks exactly like the one they see in the SSB, will they still give up their credentials? Or will they close Firefox and open the SSB? My money is on them giving up the info anyway. Also, I think it requires that you deny access to your website from normal browsers to derive the most benefit from using SSBs, both from a user uptake perspective and as a protection against CSRF. I'm writing up something about this that should be ready tonight or tomorrow at my blog here: http://isisblogs.poly.edu. If you have trackbacks turned on, you should see it. Last thing, the multiple SSBs problem isn't so much of a problem. I've been using one for Gmail, Gcal, Twitter, and Facebook for a few days now and it hasn't overwhelmed me (yet). The one critical problem that I see with SSBs is that if someone receives a phishing e-mail and the website it brings them to looks exactly like the one they see in the SSB, will they still give up their credentials? Or will they close Firefox and open the SSB? My money is on them giving up the info anyway.

Also, I think it requires that you deny access to your website from normal browsers to derive the most benefit from using SSBs, both from a user uptake perspective and as a protection against CSRF.

I’m writing up something about this that should be ready tonight or tomorrow at my blog here: http://isisblogs.poly.edu. If you have trackbacks turned on, you should see it.

Last thing, the multiple SSBs problem isn’t so much of a problem. I’ve been using one for Gmail, Gcal, Twitter, and Facebook for a few days now and it hasn’t overwhelmed me (yet).

]]>