SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
Researchers at Soluble today said they worked with Verisign to thwart the registration of domain names that use homoglyphs – non-Latin characters that look just like letters of the Latin alphabet – to masquerade as legit domains.
[...] There have been a number of efforts over the years, most recently in 2017, we reckon, to rid the internet of homograph abuse once and for all.
In the most recent case, it was found that the Unicode Latin IPA Extension characters could and were being exploited to setup lookalike domains.
"Between 2017 and today, more than a dozen homograph domains have had active HTTPS certificates," noted Soluble researcher Matt Hamilton. "This included prominent financial, internet shopping, technology, and other Fortune 100 sites. There is no legitimate or non-fraudulent justification for this activity."
Normally, it would not be possible to register domains with mixed scripts, as Verisign put protections in place years ago. However, the researchers found that those protections did not extend to Unicode Latin IPA, meaning that prior to Verisign updating its filters after being tipped off by Soluble, the characters could be used to set up lookalike URLs.
[...] "While it is unlikely that you, the reader, were attacked with this technique," Hamilton notes, "it is likely that this technique was used in highly targeted social-engineering campaigns."
-- submitted from IRC
The most notable of these confusables are:
| Latin: | a | g | l |
| IPA: | ɑ | ɡ | ɩ |
It is much easier to tell them apart when the confusables are shown adjacent to each other. In the spoiler below, only one of the entries is correct... how long does it take you to figure out which one it is?
- google.ɑpis
- ɡoogle.ɑpis
- ɡoogle.apis
- gooɡle.apis
- google.apis
- ɡooɡle.ɑpis
- ɡooɡle.apis
- gooɡle.ɑpis
Are you sure? This is the number of the correct entry:
Are you really sure?Did you pick number 6?That was wrong. It was number 5.
(Score: 3, Informative) by maxwell demon on Thursday March 05 2020, @09:40AM (2 children)
On my system, l and ɩ look very different, indeed more different than l and i. In particular, ɩ on my system has the height of a common lowercase letter, while l has the height of an uppercase letter. Moreover, ɩ has an arc at the bottom, while l doesn't.
So you'd have more chances to fool me with “googie” than to fool me with “googɩe”.
Actually they look more similar in <tt> (lɩ) but still, the different height very clearly distinguishes them.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Friday March 06 2020, @05:55AM (1 child)
in the summary and in your reply I see different ell-s as well. but in the variants, I see only the regular ell. Maybe it's the spoiler tag, no idea.
(Score: 2) by maxwell demon on Friday March 06 2020, @09:31AM
Maybe it's because in the spoiler tags there are only normal "l" letters. I just checked by copy-pasting it into a hex converter, and indeed every "l" is represented by the byte 6c, that is, the character “U+006C LATIN SMALL LETTER L”.
The Tao of math: The numbers you can count are not the real numbers.