Webmaster-Source | Blogging Tips, Webmaster Resources, Tutorials, and More

Are Unicode Domains Really a Security Risk?

Jan 11, 2010 by Matt | Posted in Domains No Comments

I recently read an interesting piece from Mashable that suggested that ICANN allowing non-Latin (Unicode) domain names is a security risk. The problem is that Unicode characters can be rendered in browsers as Latin characters, which opens a new window of opportunity for phishers.

If the domain, created using Cyrillic scripts “raural.com” was registered, the way that Unicode-browsers will actually render that domain in latin is as “paypal.com.” In theory, phishers could pass around that link and set up a fake version of the PayPal site to harvest logins and credit card data.

It is impossible to tell the difference visually. It’s pretty scary. At least, I thought it was until I realized two things:

You shouldn’t click links in emails claiming to be from PayPal or your bank anyway. Just don’t. Type the address in manually.
Websites dealing with money, or other things that require a higher level of security, generally have an SSL certificate signed by a reputable third party.

So if you don’t click links in emails, and make sure that the SSL certificate checks-out, you’ll be safe.

It’s not that big a deal for those of us who have a good general knowledge of computer security, but it still is worrying that phishers are gaining this tool. I’m sure you know plenty of people who could easily fall into this kind of trap.

BlogBuzz January 9, 2010

Jan 9

Using the WordPress Uploader in Your Plugin or Theme

Jan 8

WordPress has a nice media uploader dialog that it uses on the editor pages. Now wouldn’t it be nice if you could use it to handle image uploads for part of a plugin or theme you’re writing? Maybe you want to add an easy…

WooThemes Increases “Permanent 2-for-1″ Offer

Jan 7

WooThemes has taken their famous “Permanent 2-for-1″ offer and made it even better. A standard theme purchase now includes two extra themes instead of just one (making it a 3-for-1 deal). Developer packages, which include the PSD source files, include three extra themes. That…

Google Releases the “Nexus One” Android Phone

Jan 6

Google has officially announced the “Nexus One,” a much-hyped Android-based phone manufactured by HTC that they (Google) will be selling. The device looks pretty neat, except, like most of the current Android phones, multitouch is not a feature. It runs version 2.1 of Android,…

WordPress Theme of the Month: LiveTwit

Jan 5

This month’s featured WordPress theme is LiveTwit by Templatic. LiveTwit is a WordPress theme that isn’t for blogging. It’s primary focus is to make it dead-simple to create a “Twitterwall” like Helveti-Tweet or wpTweety. It pulls a live feed of data from the Twitter…

AJAX Edit Comments Goes Commercial

Jan 4

AJAX Edit Comments, a popular WordPress plugin that allows commentators to edit their messages for a time after they post, has become a commercial plugin. Jeff of WP Tavern managed to ask the authors a few questions about their decision. Are there plans to…

BlogBuzz January 2, 2010

Jan 2

Best of 2009

Jan 1

Happy New Year! It is now 2010, and we’re heading into the fourth calendar year of Webmaster-Source. It has been a long year, as usual, filled with more than 35 archive pages worth of posts. That’s a lot, isn’t it? On the other hand,…

Automatically Scroll Web Pages With jQuery

Dec 31

You’re probably already aware that you can create “anchors” by giving an empty <a> element a name, and then pointing another link to #thename. But what if you want something a little more…elegant? The ScrollTo jQuery plugin allows you to make the page scroll…

©2006-2024 Webmaster-Source

Home | About/Contact | Advertise