Re: Multiple Browsers IDN Spoofing Test



On 8 Feb, 2005, at 7:05 PM, Christian Persch wrote:
...
Epiphany gets the location in the location bar and statusbar from the
embedded mozilla rendering engine. Any fix that mozilla comes up with -- see https://bugzilla.mozilla.org/show_bug.cgi?id=279099 -- will be
inherited by Epiphany automatically. So there is no action from us
required.
...
I doubt very much that that's true; some of the proposals for fixing 
that bug include changing the way URIs are formatted in the address 
field, but none of them (that I've seen) would change the URI reported 
to embeddors.
This is something for every browser, including Epiphany, to solve. Even 
if IDN is killed off by this problem (which wouldn't surprise me), a 
general solution is still needed to visually distinguish similar 
domains, for the current phishing scams that work quite well without 
IDN-level uncanny similarity.
(Ultimately I hope the browser industry will converge on a standard and 
reliable method of distinguishing domains, so that people are not less 
safe when using someone else's computer or when going to an Internet 
cafe. But every browser vendor can't just sit around waiting for the 
others to find a solution that works.)
--
Matthew Thomas
http://mpt.net.nz/




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]