TCH-Thomas Posted February 15, 2005 Posted February 15, 2005 Slashdot (http://slashdot.org/article.pl?sid=05/02/15/1922215&from=rss) writes tsu doh nimh writes "Netcraft has the story that Mozilla has decided to drop support for international domain names in future versions of its Firefox Web browser. The decision comes after demonstrations by the Schmoo Group that the feature can be used to aid in phishing scams and other browser naughtiness." From the article: "The attack can be disabled in Firefox and Mozilla by setting 'network.enableIDN' to false in the browser's configuration (enter about:config in the address bar to access the configuration functions). The Mozilla development team today made this the default setting. Users who want IDN support will be able to turn it on, but will be warned about the risks involved." I havent read the articles that this links to yet, but are they saying some domain names are better (more safe) than others? Quote
MikeJ Posted February 15, 2005 Posted February 15, 2005 I havent read the articles that this links to yet, but are they saying some domain names are better (more safe) than others? <{POST_SNAPBACK}> They are saying that allowing international character sets in the domain names can allow people to spoof other names (by hiding characters in the domain so it looks like you are browsing another). That article on slashdot is a little misleading, though. Mozilla is not dropping support, they are only disabling it by default until they can come up with a better solution. You can still turn the feature back on. Quote
TCH-Thomas Posted February 15, 2005 Author Posted February 15, 2005 But isnt this something that lets say those who fakes paypal already do with just a-z and 0-9 letters? Quote
MikeJ Posted February 15, 2005 Posted February 15, 2005 But isnt this something that lets say those who fakes paypal already do with just a-z and 0-9 letters? <{POST_SNAPBACK}> If you look in the example in the article, they show that they can make the address bar look like it's browsing "http://www.paypal.com"'>http://www.paypal.com" by hiding the extra characters using international characters. Using standard ascii characters you can't hide that it's not actually www.paypal.com in your address bar. In the links they can, but not the address bar. Many people hide links by putting something like http://www.paypal.com as the text, but actually link it to something else. That's a different kind of spoofing (and easier to see when your address bar doesn't say the same as the link did). Quote
TCH-Thomas Posted February 15, 2005 Author Posted February 15, 2005 Ok, I think I understand. I was just a little worried that they are taking the internet one step back even if mozillas solution is only temporary. Thanks Mike J Quote
MikeJ Posted February 15, 2005 Posted February 15, 2005 I was just a little worried that they are taking the internet one step back even if mozillas solution is only temporary. <{POST_SNAPBACK}> The effect should be very minimal, and internationalized domain names are uncommon. Heck, the most widely used browser doesn't even support internationalized domain names. Quote
Nicholas Naime Posted February 15, 2005 Posted February 15, 2005 What they mean is this: ww.shmoo.com/idn Examples: hxxp://xn--tdali-d8a8w.lv/ hxxp://tūdaliņ.lv/ Or, more specifically: hxxp://www.pаypal.com I have edited this post to remove the actual links. Please do not add links of this nature in the forums. Thank you - Tch-RobertM Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.