With any CA's (or better, the right one's) private key, they could still use it to stage a MITM attack on the website, assuming they have the right access.
Basic living is perfectly sustainable for our current population and beyond I think (and I think I've read but have no source), anything above that could be allotted based on the newly scarce resource of human creativity or whatever we decide. Also many scarce resources could likely be made non scarce with 'free' labor of robots/AIs.
Even having an email address to send reports to would be good for a lot of websites. I sometimes don't bother reporting these issues for fear of being threatened with legal action.
you can send security reports about yahoo to security@yahoo-inc.com. All of them are addressed, and you won't be threatened with legal action. If you're lucky you might get a T-shirt.
PS: I'm an ex-paranoid. things might have changed since I left, but I'm pretty sure they'll still listen to reports.
Are they disabling the submit button for a second or two after showing it? Otherwise you can trick the user into clicking where the submit button is going to appear and then trigger the autocomplete.
One possible exploit I can think of would be to put up a form that doesn't have an visible credit card fields, but somehow convincing the autofill code to fill it in anyhow. The user thinks they are just autofilling their email but in hidden fields are populating their credit card info. It would be easy to not fill in <input type="hidden"> fields, but field inputs that are more literally hidden (off the top of the screen, obscured by other elements, white-on-white text and elements, etc) is a harder problem. I could see a user clicking through the popup without noticing the popup mentions more info than they realize, because the user is expecting it already and doesn't carefully examine it.
That will have to be addressed by the Chrome permissions dialog ... Agreed though, I think it would be wise to make the user type-in their CVC or something before transmitting the payment info.
> One possible exploit I can think of would be to put up a form that doesn't have an visible credit card fields, but somehow convincing the autofill code to fill it in anyhow.
Since the system provides a preview of exactly what is being sent and its designed to be used with completely hidden forms to start with, this isn't an exploit.
Speculation: it will be as bad as the Windows Vista UAC dialog. People will just click Yes to get things moving. Permission prompt is not new, except this time they risk losing their credit card information instead of minor things like leaking their geolocation.
Something based on public key cryptography.
Private keys contained in some kind of protected device where they can't be easily stolen from. Or, even better, distributed.
> Also, on other note: username is Not an email address. Do not ask me for my username when you really mean email address.
Are you saying that sites should allow users to use email addresses to log in, rather than usernames? As I understand it, the former is a more recent thing.
I think they're saying that if a website requires an email address to login, they should label it as email address instead of username.
I can't stand it when I try and log in to a website and fail 4 times. Then finally click "Forgot Username" and all that pops up is a box saying my username is my email address.
