Page 1 of 1

Chrome & Firefox Phish Attack Uses Domains Identical to

Posted: Sat Apr 15, 2017 11:37 am
by therube

Re: Chrome & Firefox Phish Attack Uses Domains Identical to

Posted: Sat Apr 15, 2017 8:11 pm
by fatboy
If to switch network.IDN_show_punycode;true, the Cyrillic domains are displayed incorrectly:
http://xn--80agdepgfuajcazx2e.xn--p1ai/ instead of http://антонгородецкий.рф/ even if network.IDN.use_whitelist;true
and network.IDN.whitelist.xn - p1ai;true.
It is possible to use network.IDN.restriction_profile;strict

Re: Chrome & Firefox Phish Attack Uses Domains Identical to

Posted: Tue Apr 18, 2017 1:19 am
by therube
Bug 1332714 IDN Phishing using whole-script confusables on Windows and Linux


@fatboy, thanks for that link. Íňťéŕíšťíňg ŕéáďíňg.

Re: Chrome & Firefox Phish Attack Uses Domains Identical to

Posted: Thu Apr 20, 2017 8:09 pm
by yes_noscript
Pale Moon unstable add a about:config setting to controll that:
Added an option to display punycode domain for IDN websites to combat phishing.
Preference: browser.identity.display_punycode
0 = Display IDN name in identity panel (previous behavior)
1 = Display punycode name for DV SSL domains (default)
2 = Also display punycode for HTTP sites if IDN name used


from https://www.palemoon.org/unstable/releasenotes.shtml