Tag Archives: spoofing

Presenting IDN spoofing threats to ICANN’s security committee

Posted on March 5, 2009 by Chris Weber

I had the chance to present to the ICANN Security and Stability Advisory Committee during their ICANN Mexico conference. It was an opportunity to give a portion of my upcoming presentation on Exploiting Unicode-enabled Software, focusing just on IDN visual … Continue reading →

Posted in Unicode, Web | Tagged IDN, spoofing | Leave a comment

The current state of IDN homograph spoofing in 2009 – you don’t need a .CN to do it

Posted on February 25, 2009 by Chris Weber

Aside from the frightening SSL stuff, Moxie Marlinspike stirred up some good interest in Internationalized Domain Names at Black Hat in DC with his domain lookalike attack. Since I’ve been studying the topic for a while, I wanted to point … Continue reading →

Posted in Unicode, Web | Tagged IDN, spoofing | Leave a comment

Unicode attacks and test cases – Visual Spoofing, IDN homograph attacks, and the Confusables

Posted on November 29, 2008 by Chris Weber

Let’s face it, playing tricks that mess with people’s perception can be fun. With Unicode, there’s lots of fun tricks to be had. What’s to stop someone from believing the following is what it appears to be: www.аmazon.com Looks like … Continue reading →

Posted in Unicode, security | Tagged confusables, spoofing, testing, Unicode | 6 Comments

Tag Archives: spoofing

Presenting IDN spoofing threats to ICANN’s security committee

The current state of IDN homograph spoofing in 2009 – you don’t need a .CN to do it

Unicode attacks and test cases – Visual Spoofing, IDN homograph attacks, and the Confusables

Archives

Meta