[thelist] IE7 Ecommerce problem
BJ
bj at kickasswebdesign.com
Wed Oct 4 12:27:42 CDT 2006
IE7 has a phishing filter built in, that users can turn on, and will be
widely pushed as one of their security features. In fact, according to
an email I received from Zoe Gillenwater, they're already talking it up,
at least they did at the conference she attended recently.
There are two problems with it. The first is that it's giving a fair
amount of false positives. This brands legitimate sites as "phishers".
The false positives can appear on any page, and are often very deep into
the ecommerce payment process where most folks who own an ecommerce site
wouldn't look after initially testing out the cart to see if it works.
The only way to report the issue is to find the page within the site
which is being labelled *boldly* as a phishing site, and click the link
there for site owners to report false positives, which MS seems to be
handling quickly now, but since IE7 is to be released as a priority
download through autoupdate it could be very hurtful to a lot of
business people on the web who aren't aware of this and get nailed at
the time of the IE7 "bulk" release.
The other problem with it is that there is a link within the IE7 browser
where anyone can report a "suspicious" site, which seems to have the
effect of labelling the site in question fairly quickly, and whether the
MS folks are vetting these reports is questionable at this point. The
potential for abuse is astronomical. Anyone can report their
competitors' sites as phishing sites. Even if the issue is caught by the
legitimate site owner within a few days there may be enough residual
damage via word of mouth to put a dent in that person's business.
I found out about it through this thread on WebProWorld:
<http://www.webproworld.com/viewtopic.php?t=67905>
If you have a blog, please blog this issue. I've posted it on the
cubecart forum, if y'all belong to other ecommerce ap forums please pass
the word. I would also suggest being proactive and notifying clients for
whom you've designed ecommerce sites about the issue, so they don't
think it's anything you did, and so they can deal with it before the big
turd hits the fan. This could get very ugly.
--
Ciao for Now,
bj
SAVE THE INTERNET! http://savetheinternet.com
http://kickasswebdesign.com
devblog: http://kickasswebdesign.com/wordpress/
Kickass WebGeek Resources: http://kickasswebdesign.com/webgeekdir/
Refresh Delaware Valley - Web Accessibility Group
http://refreshdelval.org
"I'd put my money on the Sun and solar energy. What a source of power!
I hope we don't have to wait until oil and coal run out before we tackle that."
-Thomas Edison
More information about the thelist
mailing list