-snip- all i could see is the XXX....XXX type feedback on the final confirmation for the receiving address.Then that's a massive flaw in their implementation. I've never used MetaMask, but I'm very surprised no one has complained about it before. 6 characters can be spoofed fairly easily.
I just checked MetaMask to see how it works.
Once you paste an address, it changes to 0xXXXX...XXXX. As shown in the following image, it only shows the first 4 characters and the last 4 characters.
Mine shows the full address after I pasted it; and just like larry, just the first and last 4 characters in the confirmation window.Once you paste an address, it changes to 0xXXXX...XXXX. As shown in the following image, it only shows the first 4 characters and the last 4 characters.
Metamask version 10.10.1 | Monitor's resolution: 1920x1080 px
Images (test network):
Send Window | Confirmation Window | ||
 |  |
Anyways, I think it's time to create another thread to continue the discussion about MetaMask.