The Line of Death in browser UI design and blurring the user's trust in what are the safe pixels
grogge last edited by
Very interesting read and theory:
In a nutshell, when the browsers are more and more using the pixels below the address bar for displaying sensitive information and use this area for changing settings and showing credentials, then this is training the user to lower his suspicion against the pixels below this line of death. Making it ultimately easier for an attacker to successfully trick the user to do dangerous actions by means of mimicing the browser's UI in these portions of the app screen. Of course, it's even worse for web applications as the shocking/hilarious last example demonstrates.