The state of homograph attacks - Security | DSLReports Forums (Page 4)

Author	All Replies
Ant718 join:2002-01-30 Bronx, NY	reply to Cudni Re: The state of homograph attacks said by Cudni: Looks fixed in later (non official builds). I'm using moox build (just installed) Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b) Gecko/20050206 Firefox/1.0+ (MOOX M3) and get page not found Cudni where can I get the Moox build?
	to forum · permalink · 2005-02-09 15:15:37 ·
B Premium,MVM join:2000-10-28	said by Ant718: where can I get the Moox build? There are probably a few places. -- B -- In a realm outside causality and function
	to forum · permalink · 2005-02-09 15:22:53 ·
Ant718 join:2002-01-30 Bronx, NY	good thing I found one prior to looking back here for your lame @$$ response. I would have really felt stupid.. NOT! LOL! 14m>j00!
	to forum · permalink · 2005-02-09 16:36:35 ·
huntandpeck join:2002-01-01 Alexandria, VA	reply to B said by B: "Application Data" (not Applications) might be marked hidden and/or system. The Bookmarks file (along with other profile directory entities) should only be edited or manipulated while Mozilla/Fireweasel is SHUT DOWN. I have told my system to show hidden files and I know enough to shut the program down before editing the file; however, now that I've found my bookmarks file, I'm going to eradicate every trace of Mozilla-based programs I can find and start all over. Thanks, Cliff
	to forum · permalink · 2005-02-09 17:35:34 ·
SUMware Premium join:2002-05-21 kudos:2	reply to Ant718 You can find Moox builds here.
	to forum · permalink · 2005-02-09 18:40:37 ·
Ant718 join:2002-01-30 Bronx, NY	said by SUMware: You can find Moox builds here. Thanks but i had it already
	to forum · permalink · 2005-02-09 19:31:40 ·
translator join:2005-02-10 2 edits	reply to Drunkula That is my translation into privoxy. Hope it works for you too. Add these two lines to default.filter: FILTER: IDN-Removal Remove IDN exploitable URLs s%(<a(rea\|)[^>])href=([^>]\&\#[0-9]+;.)>.<(/a(rea\|)\|br)>%Removed IDN exploitable URL: $3%Usg You'll also need to define an action in default.action, ("Defaults" ruleset): +filter{IDN-Removal} \
	to forum · permalink · 2005-02-10 16:50:40 ·
EGeezer Summertime Premium join:2002-08-04 Midwest kudos:7 Reviews: ·Callcentric	reply to BeesTea MozillaZine blogs :" IDN will be turned off " OK, so they are going to disable by default. However, whichever way they go, there will be cries of discontent. I must agree the root of the problem lies in the lax enforcement by registrars... Anybody with a stolen credit card or Western Union money order can register anything not already taken. At the same time, disabling by default is consistent with the security philosophy of providing minimum functionality needed to do the job. See »weblogs.mozillazine.org/gerv/arc···556.html said by blog: IDN Spoofing Strategy After much discussion, staff@mozilla.org and drivers@mozilla.org have agreed a short-term strategy for dealing with the recently-publicised issues relating to IDN and domain spoofing. First off, we want to make it clear: we support Opera's position that this is a registrar/registry problem. These issues were known when IDN was proposed, guidelines were developed for avoiding the problem by restricting registrations, and the DNS registration organisations need to step up and implement them. (Certificate Authorities should also, as a simple matter of acting responsibly, not issue certs for domains which are part of a homographic block registered to two or more entities.) However, we also have a duty to protect our users. So, in the mean time, the enableIDN preference will be set to "false" in Firefox 1.0.1 and Mozilla 1.8 beta, including all official localisations. An XPI will be made available to turn it on again; this XPI will make the risks of doing so clear. This means that by default, links to IDN domains which use the Unicode rather than the punycode form for the href will fail, and the browser will display any IDN domain visited in its raw form. In the future (Firefox 1.1 and beyond) we hope to be able to turn IDN back on again. We may be able to find a way to turn it on selectively for those TLDs which have a demonstrable record of good practice - but we can't promise to do that. It partly depends on how much resource maintaining a white or black list would take. (To help with that decision, please tell me of any instances where the registration of two homographic domains to different entities has happened in TLDs other than .com.) So if people want to see full, unrestricted IDN back in Mozilla and Firefox, the best way is to put pressure on the world's registrars and registries to fulfil their obligations to their customers - both domain owners and Internet users - and commit to implementing the ICANN guidelines. A followup, deserving of a studious read, is at »weblogs.mozillazine.org/gerv/arc···562.html
	to forum · permalink · 2005-02-16 21:27:04 ·
B Premium,MVM join:2000-10-28	Thanks, Geezer! Gerv sounds a lot more responsible than Goodger does. One thing he skirted was that the current builds already have the apparent open to turn off IDN support... but that it doesn't work. I hope that toggle will be fixed in these new builds? -- B -- In a realm outside causality and function
	to forum · permalink · 2005-02-17 11:17:51 ·
Sir Raleigh Premium,MVM join:2001-07-31 Raleigh, NC	reply to EGeezer Re: Another IDN workaround - using AdBlock extensi I have discovered that this fix using Adblock interfears with some legit sites, too. For example, I could not log in to zap2it for my TV grid, and the "Go" button in the Grid's tool bar didn't work either until I un-ticked "Site Blocking". I had to remove this fix to get everything back working again. Just a word of caution, here that if a link or button on a web page doesn't seem to work, check this out first before you tear your machine apart. -- I used to know all this stuff!
	to forum · permalink · 2005-02-18 19:53:12 ·
B Premium,MVM join:2000-10-28	It's probably not the particular string added, it's probably that you enabled Site Blocking at ALL. I had the same problem with a click-through for a discount at FatWallet. The site handling the discount must also be an advertiser in my block list -- so as long as you don't enable Site Blocking, AdBlock stops images but NOT web pages from the relevant site. So, anyway, I too disabled Site Blocking. It would be good for a future revision of AdBlock to allow Site Blocking on... a site by site basis! -- B -- In a realm outside causality and function
	to forum · permalink · 2005-02-18 20:25:33 ·
Sir Raleigh Premium,MVM join:2001-07-31 Raleigh, NC	Yep, it was Site Blocking. I turned it off and I was able to log in and the "Go" button worked. In another post (I've lost it now, so don't ask... ), it was suggested to turn on "Check Parent Links" just above "Site Blocking". I tried that but it didn't do any good. Oh well, I understand one of the nightly builds of FF has already taken care of the problem, so I'll just wait until the upgrade comes out. -- I used to know all this stuff!
	to forum · permalink · 2005-02-18 20:38:35 ·

Broadband Tech > Security > Security > The state of homograph attacks

Re: The state of homograph attacks

MozillaZine blogs :" IDN will be turned off "

Re: Another IDN workaround - using AdBlock extensi