I disagree that what Safari is doing is good for the user. Safari used to show h... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		move-on-by on Jan 30, 2019 \| parent \| context \| favorite \| on: Google Takes Its First Steps Toward Killing the UR... I disagree that what Safari is doing is good for the user. Safari used to show https://stripe.ian.sh/ as "Stripe, Inc". By hiding the URL, it significantly increased the phishing potential of the website. Feel free to visit the above false stripe site, its not malicious and has a great write up in the issue. In this case they are putting a lot of blame on EV Certificates - which I agree causes more harm then good - but Safari's decision to cover up the URL made the issue significantly worse.

beaconstudios on Jan 30, 2019 [–]

that is unrelated to the "hide the path" functionality - as you pointed out, it's because they displayed the EV name instead of the URL. That's a separate, and much more harmful, UI choice - because EV certificates are poor evidence of association.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact