Bill Gates' commented on 6/15/2006:
========================
This is very good work and its great to hear there is a strong collaboration with the IE team. The methodology here
is a powerful one that can be used for lots of things.
 
I do question whether our security model should expect people to be able to look at a URL and decide something about
it, whether it is spoofed or not. I love techniques like the password reuse analyzer that can determine from patterns
whether something bad is happening without the user having to be sophisticated. Likewise reputation systems that work
on behalf of all users.
 
We are using the secure desktop in Windows to try and have some user decisions clearly be non-spoofable. I wonder if
there are flaws in the secure desktop approach that this methodology could help us find.
=======================