blog.jimbo.org.uk - Comments on IDN support http://blog.jimbo.org.uk/archives/2005/02/idn_support_1.shtml All browsers supporting even vaguely modern concepts (so, anything but IE...) these days seem to support IDN. Which I suppose is nice if you want to register a domain name with a biohazard symbol in, or you want to use the vast wealth of characters available outside of ASCII for your domain names, perhaps because your native language uses some other alphabet. Great, sounds really useful, and every credit to the people rushing to support it. Unfortunately, domain name registrars are pretty slack about checking what they let people register, it seems, and the cunning people at Shmoo.com have found a clever trick which would let phishers exploit this. If this worries you, and you don't generally need to use sites with fancy schmancy unicode characters in their names, consider switching off IDN support in your browser. In firefox, this means going into about:config, filtering by "network", and disabling "network.enableIDN" (thanks to Chris for pointing this out). Unfortunately, this setting won't stick across restarts of firefox, in the stable released builds; according to boingboing the latest builds fix this. This has been a public service announcement. [Update: The nice people at Mozilla seem to have found a third way. (via Hacking for Christ)]... en-gb Fri, 11 Feb 2005 12:07:07 +0000 Fri, 09 Mar 2007 01:33:30 +0000 http://www.movabletype.org/?v=3.2 jkg@jimbo.org.uk 180 By Dom Unfortunately, the sort of people who will do the config twiddling aren't the sort of people to be foiled by scams anyway. Next you'll be saying that people pay attention to the little padlock, too. Interweb doomed, film at 11. http://blog.jimbo.org.uk/archives/2005/02/idn_support_1.shtml#c174 174:86@http://blog.jimbo.org.uk/ Unfortunately, the sort of people who will do the config twiddling aren't the sort of people to be foiled by scams anyway. Next you'll be saying that people pay attention to the little padlock, too.

Interweb doomed, film at 11.

]]> Sat, 12 Feb 2005 01:14:58 +0000 By James To be fair, if the scam was presented in some sane context (not sure what that would be, mind) it might fool me, and I clearly bothered with the config twiddling :-) I take the general point, though. http://blog.jimbo.org.uk/archives/2005/02/idn_support_1.shtml#c176 176:86@http://blog.jimbo.org.uk/ To be fair, if the scam was presented in some sane context (not sure what that would be, mind) it might fool me, and I clearly bothered with the config twiddling :-)

I take the general point, though.

]]> Sat, 12 Feb 2005 04:25:48 +0000