You On Top

Own any domain exploit, no defense exists

A recent post regarding an exposed exploit in all browsers suggests that one can own any domain using International Domain Name (IDN) to spoof current domains.
For example:
The domain: http://www.pаypal.com/ should be interperted by all browsers into http://www.paypal.com/ but present the page www.xn--pypal-4ve.com and therefore one can ’steal’ any domain name / ssl.

At the moment there is no idea how to fix this, nor do the developers.

For more information: Description and Live Example

Note: I tried all the above suggested ideas / links on ‘Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0′ and could not make this work. Could you?

Related Entries:

New Deep Linking Tool

This entry was posted on Monday, February 7th, 2005 at 8:17 AM and filed under Internet.
Follow comments here with the RSS 2.0 (XML) feed. Apologies. Comments and trackbacks are both currently closed.

Comments are closed.

Thoughts & Ideas about SEO & Web Development

Own any domain exploit, no defense exists

This entry was posted on Monday, February 7th, 2005 at 8:17 AM and filed under Internet.
Follow comments here with the RSS 2.0 (XML) feed. Apologies. Comments and trackbacks are both currently closed.

Search

Useful Posts

Contents

Categories

Archives

You On Top

Thoughts & Ideas about SEO & Web Development

Own any domain exploit, no defense exists

This entry was posted on Monday, February 7th, 2005 at 8:17 AM and filed under Internet. Follow comments here with the RSS 2.0 (XML) feed. Apologies. Comments and trackbacks are both currently closed.

Search

Useful Posts

Contents

Categories

Archives

This entry was posted on Monday, February 7th, 2005 at 8:17 AM and filed under Internet.
Follow comments here with the RSS 2.0 (XML) feed. Apologies. Comments and trackbacks are both currently closed.