Barbershop Approach to Security

To fix the bug I mentioned in Spoofing for Dummies, Microsoft announced that it is removing support for following form of URL in IE:

http(s)://username:password@server/resource.ext

In the old days (old as in swords were still popular), barbers also served as surgeons which explains the design of the barber's pole (blue band for barber service, red band for surgery service).  Well, micro-surgery wasn't invented yet so a surgery typically involved a lot of cutting and sawing.

While I respect the IE teams decision, the 'fix' surprised me and reminded me of the barbershop of old days.  Maybe this is why barbers often ask me if I am there for just a haircut…