Security Update 2005-003

Includes a Safari/Web Kit update to address the IDN domain-name-spoofing issue. Judging by the description, it’s a good solution: by default, they disallow Roman-look-alike scripts. This allows non-Roman Unicode characters in domain names (say, for Asian languages), but disallows the use of Unicode trickery to use a domain name that looks like, say, “paypal.com”, but which really contains one or more obscure Roman Unicode characters that just happen to look like ‘a’, ‘l’, ‘p’, or ‘y’.

β˜… Monday, 21 March 2005

Ads via The Deck Ads via The Deck