PayPal excludes Safari from "Safer Browsers"

I've seen some very convincing PayPal phishing sites in recent years. I've also worried many times that friends and relatives less savvy in the ways of the phisher may inadvertently hand off a password or two and blame me – the one who talked them into a PayPal account to begin with – for the draining of their life savings. Thankfully PayPal shares my concern for said friends and family members and has published a guide to "Safer Browsers." Apple's Safari web browser, however, was not included in the list of recommended browsers.

This is not all that surprising, at least to anyone who's followed Safari security concerns. Despite having improved in certain areas, such as IDN spoofing, Safari still lacks some fundamental security features found in Internet Explorer (7+), Firefox and Opera. Features such as Extended Validation certificates are heavily promoted by PayPal, despite the warnings of critics who feel that many targets of phishing scams don't notice the green background in the URL field until it's too late -- if at all. Plugins like Saft do their bit, adding a few security features too. But until Safari catches up with IE and Firefox in the area of security, it's not likely that PayPal's list is going to include the otherwise spectacular browser.

[via Macworld]