G
Guest
Guest
Archived from groups: alt.games.mame (More info?)
Since the implemenatation of special characters in URLs seems to not have
been made too well, all mentioned browser, which can deal with doamins
like <http://www.schön.de/>, have a bug allowing phisher to trick a user.
IE cannot be tricked in this case since it cannot deal with those domains
at all.
A demo is at <http://www.shmoo.com/idn/>. You see Paypal links, see the
Paypal URL when touching the link, and after you clicked at it you see
the Paypal URL in your URL field. But end up elsewhere.
Unfrtunately 3 more bugs came out for Mozilla based browsers. Fixes are
already in the Nighty Builds, but not beedn tested enough. In a few days
there should be official updates out for all browsers.
--
By(e) Andreas
Old school arcade classics at http://www.tombstones.org.uk/~ankman/
Linux without installation? http://www.knopper.net/knoppix/index-en.html
OE user? Ease the pain and try the better newsreader http://xnews.newsguy.com/
Registered as user #289125 with the Linux Counter http://counter.li.org/
Since the implemenatation of special characters in URLs seems to not have
been made too well, all mentioned browser, which can deal with doamins
like <http://www.schön.de/>, have a bug allowing phisher to trick a user.
IE cannot be tricked in this case since it cannot deal with those domains
at all.
A demo is at <http://www.shmoo.com/idn/>. You see Paypal links, see the
Paypal URL when touching the link, and after you clicked at it you see
the Paypal URL in your URL field. But end up elsewhere.
Unfrtunately 3 more bugs came out for Mozilla based browsers. Fixes are
already in the Nighty Builds, but not beedn tested enough. In a few days
there should be official updates out for all browsers.
--
By(e) Andreas
Old school arcade classics at http://www.tombstones.org.uk/~ankman/
Linux without installation? http://www.knopper.net/knoppix/index-en.html
OE user? Ease the pain and try the better newsreader http://xnews.newsguy.com/
Registered as user #289125 with the Linux Counter http://counter.li.org/