|Bits and Pieces
Monday, February 14, 2005 Attn: Firefox users
If you havent heard of the Spoofing vulnerability issue (Homograph Attacks) of Firefox, here's some info1. The issue is related to IDN (Internationalized Domain Name). I do not have enough knowledge to explain this better, but in simple terms this is how it goes. Two strings may 'look' the same but in essence may be different. Possible, by using different unicode characters that creates visually similar symbols (ASCII). Modern browsers that are IDN-enabled2 are prone to Homograph Attacks, whereby a spoof site3 could be created of an established business. So unaware users could be guided to a fake-site that could syphon out all critical information4.
To check if your Firefox build is secure, try this:
a) By clicking one of the two urls under "IDN Spoofed URL", if you get "The Fake TSG" message, you are not secure [details abt a soln that I tried, in comments section].
Update 1: Mozilla Foundation's Official Response. Current solution is to turn-off IDN.
Update 2: One of the authors of IDN has better solutions to this problem. Here.
Interesting fact: This bug was fixed within a day of reporting! Check bug-report page.
1 Gathered from a detailed thread on Metafilter
2 List of affected browsers. IE is not IDN-enabled, so IE users are safe
3 That could've been registered using symbols resembling a genuine site's
4 'phishing' posted by pradeep | Permalink | (6)
I tried the following solution and later when I tried to log into Gmail, I couldnt (am not sure if they are related).
Reverted back to version 1.0 and was able to log into gmail. [turned off IDN]
This looks really scary...it took a while for me to understand what goes on... as both the link went to same page, but showed diff contents..
Scary possibilities, yes.
fixed in no time - thats the beauty of open source.