New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Internet Explorer is truly the safest browser. Great time to live in.
/s
There were reports on Bugzilla 12 years ago and resulted in a network.IDN_show_punycode option. Not sure when & why they changed default value from true to false.
https://bugzilla.mozilla.org/show_bug.cgi?id=279099
https://bugzilla.mozilla.org/show_bug.cgi?id=282270
Muzilla-bugzilla
Try Yandex Browser - https://browser.yandex.ru/desktop/main/
This just in: Supporting anything above the standard 128 bit ASCII is generally found to be broken and wrong!
We ended up abusing this a few years ago to goatse a coworker who used to spend far too much time on a conspiracy theory forum.
That's just a rebranded Chromium.
That mix of Firefox, Opera and Chrome, they takes the best from all of them and develop own product. Also proxy included inside.
Yandex is cancer.
I meant to start a timer from the time I first learned about punycode until the time I first saw this publicized as a phishing method. Oh well. Still have popcorn.
Something similar happened recently with some characters:
http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
But this one, seems impossible to detect =/
Even with HTTPS and so.
Just kidding but not funny
Seems like you've misunderstood what the vulnerability is.
Go get a job at McDonalds, they're hiring.
@hieuhuynh is completely right: Internet Explorer chopped off the full punycode address thus hiding it from the end user. While that's not the same behavior as Chrome and Firefox which displayed it in its full unicode glory, it's still equally bad. Do you really think most users understand what punycode symbolizes? They just care about the original link they clicked.
On a positive note, apparently @deadbeef just lost his job at McDonald's so you have a shot now @Detruire . Best of luck to ya!
Apparently.
Ya I know that, I just kidding with him, bro