On Will’s Idea To Stop Phishing

One of Will‘s recent posts, How To End Phishing With RSS, brings up an interesting idea to deal with phishing (if you don’t know what it is, read the post, it has a perfect explanation of it).

When you sign up for an online service, you’re given a private, randomly generated RSS feed. The URL is a jumble, password protected and seamlessly encrypted. You also have a private space to reply back with responses and your own private RSS feed.

Where I get a little iffy is on the second part of that, maybe I read it wrong but it appears to be suggesting that you publish an RSS feed for the online service to read. I don’t particularly think that would fly, and due to the nature of most communications by an online service anyway, they would generally just provide a link to the setting or location in your account that they want to draw your attention to.

Nonetheless, I think the first part is a great idea. Take Flickr, for example, I would be quite happy simply to have an RSS feed of the information commonly provided in “Flickr Mail” and, for that matter, one that contains all the content of the “Recent Activity” page rather than just the comments.

I think Signal vs. Noise touched on this recently too, with their post Message Overload, saying that the messaging services within online apps should be done away with and replaced with by putting the messages directly into the normal email flow. I would argue, instead, that they should be placed in the feed flow. Throw together an interface to let a user select all the types of things she would like to be notified of and aggregate them into a feed along the lines of what Will is talking about.

I would love to see Sxip include this sort of functionality in the Homesite code, because once they start taking off they will become the new targets for phishing attempts. As an aside, here is another post I wrote regarding a method to counter phishing and one where I explain a bit of how Sxip helps prevent phishing.

Tags: [tag:phishing], [tag:security], [tag:rss]

Leave a Reply

Your email address will not be published. Required fields are marked *