That’s feasible for any site that has a login though, such as PayPal and eBay which we see with the phishing scams.

Well, I would compare it to having a login box to PayPal on every shopping site you buy things from via PayPal, instead of being redirected to the PayPal site. How do you know it’s really a trustworthy PayPal box then? It looks good and recognizable, but could still used for phishing scams.

With Meebo, you go to Meebo at all times (if I’m correct – have only tried it a few times). You know you can trust the site. With this project, you login at various sites and you get used to logging in at various sites. Your alarm bells likely won’t ring anymore when you have to login at a site that looks trustworthy, with the same login box you use on all those other sites, but is a phishing site in reality.. (or hacked)

The remark about it being open source is a fair point, but that assumes that you can check the code as a user. You won’t do that every time. I think the danger is in the familiarity with the login box that is created, instead of a familiarity with a site/url.

Doesn’t it become really easy to gather login information by adjusting the code and putting it on your own site for people to use this way? I’m afraid that people will trust this too easily and will just login on any site instead of just the ones they trust.

That’s a good point, and it could of course happen. That’s feasible for any site that has a login though, such as PayPal and eBay which we see with the phishing scams. So I guess the question is whether it’s worth having an open source version available to anyone, or scrap the project to help prevent any “scams” from occurring.

I could have sworn that the files were underneath the Downloads tab on the Google Code page yesterday, but I could be wrong. They’re not there today though for some odd reason.

Doesn’t it become really easy to gather login information by adjusting the code and putting it on your own site for people to use this way? I’m afraid that people will trust this too easily and will just login on any site instead of just the ones they trust.

I totally agree with change. But since any modifications made to the code, will also be open source( I hope it is GPL), i am sure that malicious intent will be caught easily. Yeah Pidgin is a killer, but i think i will try this anyway.