February 25, 2005 – (HOSTSEARCH.COM) – ICANN on Wednesday issued a statement on the vulnerability of “certain web browsers” (FireFox) to URI and domain name spoofing using Internationalised Domain Name (IDN) resolution. The flaw leaves FireFox users vulnerable to domain spoofing by using characters from foreign languages that look similar to English letters to simulate URLs in the browser’s address bar.
Secunia offers a demonstration of the attack method that users can click on which will go to a webpage with the URL for PayPal if the browser is vulnerable to the attack.
secunia.com/multiple_browsers_idn_spoofing_test/
When clicked on in Microsoft’s Internet Explorer however the test comes up with a page cannot be displayed error.
ICANN described the attack like this, “Homograph domain name spoofing works by exploiting the visual resemblance, or near resemblance of certain characters and symbols. These can be characters in the standard ASCII character set (such as the resemblance between the numeral "1" and the lower-case letter "l" or the letter "O" and the numeric zero ("0") in some fonts), or characters taken from different languages (such as the character "?" [Greek capital letter Beta], and the character "B" [Latin capital letter B], or the potential confusion amongst Chinese, Japanese, and Korean character sets).”
ICANN is hoping to start an open debate in order to modify the IDN protocol without restricting internet use for users of non-English languages.
