[nycbug-talk] Homeograph URL spoofing exploit for browsers

G. Rosamond george
Mon Feb 7 13:45:39 EST 2005


On Feb 7, 2005, at 11:09 AM, Bob Ippolito wrote:

> On Feb 7, 2005, at 11:04, Bob Ippolito wrote:
>
>> http://www.shmoo.com/idn/
>> http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html
>>
>> Browsers that support IDN (unicode domain names) are easily 
>> susceptible to spoofing attacks because there are many code points 
>> that look the same.  Their specific example uses а (CYRILLIC 
>> SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER 
>> A) in most fonts.  ShmooGroup has registered u'p\N{CYRILLIC SMALL 
>> LETTER A}ypal.com' and have a browser-trusted cert for it.
>
> (that title was supposed to be homeograph -- my typing skills have 
> apparently left me)
>

This made a security list I found out about this weekend. . . a lot 
cleaner than Bugtraq.  It's at www.secunia.com.

Highly recommended.

Anyone else have any feedback on the Secunia list?

I find Bugtraq frustrating sometimes for the side comments and banter.

George





More information about the talk mailing list