On Fri, Oct 30, 2009 at 9:02 PM, Sam Cayze <[email protected]> wrote:
> This is kind of a game changer.
You really think so? There are millions of non-English websites out
there already. I don't read them, because I can only read English,
but they're full of non-English languages and non-Latin characters.
The domain names are ASCII, but that generally means some romanization
of their native language. Pardon the pun, but it's all Greek to me.
The only thing that will be changing is that now the domain name will
be in their native character set. Very nice and convenient for them,
to be sure, but "game changer"?
In other words, "www.zhaodaola.com.cn" might become
"www.找到啦.com.cn". So what? :-)
The only reason I even care a little bit is that IDNs
(Internationalized Domain Names) have already been used for look-alike
attacks. There are lots of characters that look like ASCII but
aren't. Some enterprising attackers have used that to register domain
names that look like those of well-known organizations. For example:
http://www.ΥΑΗΟΟ.com
That might look like http://www.YAHOO.com, but it's actually
constructed using Greek characters, and goes to some other site.
Fortunately, browsers are already evolving countermeasures against
such attacks. I'd consider it more of a threat if we weren't already
faced with hordes of lusers who never look at URLs anyway.
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
