February 25, 2005

Firefox update

I just installed Firefox ver 1.01.

The open-source project released Firefox 1.0.1 to fix, among other bugs, a vulnerability in the Internationalized Domain Names (IDN), a standard for handling special character sets in domain names that lets companies register domain names that appear to be the same in different languages.

The IDN vulnerability allowed an attacker to create a fake Web site on a non-Microsoft browser in order to pull off a phishing scam. A spoofed link would seem to be a legitimate URL in the address bar of affected browsers. But instead of taking the victim to the trusted site, the link would lead to a phony Web site with a domain rendered as the same address under the IDN process.

The updated browser will display the IDN Punycode in the address bar, preventing URL spoofing. Punycode is the encoding of Unicode strings into the limited character set supported by the Domain Name System and IDN.

More here.

Posted by Linkmeister at February 25, 2005 09:30 AM

Thanks, Linky. I wouldn't have known otherwise. The browser update tool kept telling me no updates were available!

Posted by: Lee at February 25, 2005 10:18 AM

I enjoyed reading your Blogg, your "who da guy" is very interesting! GOD BLESS!

Lynn Vasquez

Posted by: Lynn Vasquez at February 27, 2005 10:16 PM