Someone has come up with a Firefox exploit — one that doesn't affect IE users!
You can find links to the details, at Boing Boing: Shmoo Group exploit. Here, however, is the simple info on how to protect yourself (probably):
1) Goto your Firefox address bar. Enter about:config and press enter. Firefox will load the (large!) config page.
2) Scroll down to the line beginning network.enableIDN — this is International Domain Name support, and it is causing the problem here. We want to turn this off — for now. Ideally we want to support international domain names, but not with this problem.
3) Double-click the network.enableIDN label, and Firefox will show a dialog set to 'true'. Change it to 'false' (no quotes!), click Ok. You are done.
I say “probably” because even though this fix works for me, there are reports that it doesn't work for everyone. The test of the exploit is here.
Pingback: Ed Bott - Windows (and Office) Expertise
Pingback: Ed Bott - Windows (and Office) Expertise
Pingback: Ed Bott - Windows (and Office) Expertise
Homograph attacks aren’t so much an attack as an exploitation of a useful feature. The proper response to homograph attacks is for the Paypals of the world to spend the extra few bucks to register reasonable homographs of their domain. This attack is along the lines of setting up misspelled phishing sites, to which problem Paypal’s response should be the very same: purchase “paypall.com” and make sure it forwards to their site.
In my case, I am disappointed that the trick isn’t working for me. dig http://www.pаypal.com (with the lowercase Cyrillic а) resolves just fine to 198.41.1.35, but firefox claims it “does not resolve” and using 198.41.1.35 directly tries to send me to sitefinder. My reaction remains not, “whew, I’m safe” but “damn, something’s broken.”
Pingback: Ed Bott - Windows (and Office) Expertise
Pingback: Ed Bott - Windows (and Office) Expertise
Pingback: Not Quite a Blog 2.0
Apparently,the fix doesn’t stick when you close Firefox. Instead, you have to modify your user.js file. James Seng has some harsh words for Verisign regarding this exploit.
—–
Pingback: Displacement of Concepts
Pingback: Displacement of Concepts
Pingback: Displacement of Concepts
Pingback: ThePete.Com