Bugtraq mailing list archives

Re: thoughts and a possible solution on homograph attacks

From: "Dmitry Yu. Bolkhovityanov" <D.Yu.Bolkhovityanov () inp nsk su>
Date: Tue, 8 Mar 2005 12:23:36 +0600

On Mon, 7 Mar 2005, Kevin Day wrote:

What would (to me) make more sense is if the browser made it more clear 
that a homograph was being used.

In the address bar, any character that's not from the user's language 
character set(or family of languages possibly) would appear as a 
different color. Maybe make the foreign characters red, or the 
background color around each foreign character blue or something.


        You have come to the same idea as I did :-) (hope my post to
Bugtraq will pass the moderation), just with a different flavor.  That's a
good sign for me, and this kind of solution seems to be not-so-hard to
implement.

It still would require a bit of user education, but maybe the first 
time it happened the browser can pop up with "The address of the site 
you are going to contains characters from another language. If you 
clicked on a link to a site you expected to be in [User's default 
language],


        A small addition: not "language", but "languages".  And, may be
even more -- "character set".  For example, russian-speaking users
currently use only latin letters, as all the world do.  And if IDN
somewhen becomes common, they would have to use a mixture of latin and
cyrillic letters.

        (I hope IBM wold be clever enough to grab the "IBM.com" domains,
where "B" is "cyrillic capital VE" and/or "M" is "cyrillic capital M". :-)

you might be going to a fraudulent site. The questionable 
characters are highlighted in blue in the address bar above. [x] Do not 
show this again for Cyrillic language letters"


        Unfortunately, most users in case of such warnings blindly press
[Ok] not even trying to read what they are warned about.  And if there is
a "[x] Don't show this again..." option, they will immediately swith it
on.  So, such switchable-off protection would in fact become illusory...

        _________________________________________
          Dmitry Yu. Bolkhovityanov
          The Budker Institute of Nuclear Physics
          Novosibirsk, Russia

Current thread:

thoughts and a possible solution on homograph attacks Michael Roitzsch (Mar 07)
- Re: thoughts and a possible solution on homograph attacks Michael Silk (Mar 07)
- Re: thoughts and a possible solution on homograph attacks Kevin Day (Mar 07)
  - Re: thoughts and a possible solution on homograph attacks Dmitry Yu. Bolkhovityanov (Mar 08)
    - Re: thoughts and a possible solution on homograph attacks Michael Roitzsch (Mar 08)
  - Re: thoughts and a possible solution on homograph attacks Denis Jedig (Mar 08)
- Re: thoughts and a possible solution on homograph attacks James Youngman (Mar 07)
- Re: thoughts and a possible solution on homograph attacks Thomas Wana (Mar 07)
- Re: thoughts and a possible solution on homograph attacks Benjamin Franz (Mar 07)
- Re: thoughts and a possible solution on homograph attacks Dmitry Yu. Bolkhovityanov (Mar 08)
- <Possible follow-ups>
- RE: thoughts and a possible solution on homograph attacks Scovetta, Michael V (Mar 07)
  - Re: thoughts and a possible solution on homograph attacks Mike Nice (Mar 08)
  - Re: houghts and a possible solution on homograph attacks Sven Putteneers (Mar 08)
    - Re: houghts and a possible solution on homograph attacks Nick FitzGerald (Mar 10)

(Thread continues...)