funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ICANN Approves Non-Latin Domain Name Characters

From: "Dr. Neal Krawetz" <hf () hackerfactor com>
Date: Sat, 31 Oct 2009 10:34:35 -0600 (MDT)
fergie wrote:


If nothing else, expanding the TLD space expands the abuse footprint.


Since it does not introduce a new character set (everything is translated
to letters, numbers, and hyphens), it really does not break any existing
applications.  New applications that choose to decode and store will need
to track string lengths and not just look for a null terminator since
everything becomes binary.

Rendering fonts (decoding the unicode) is not usually an issue. The only
thing it does introduce is more variations for phishers.  For example,
xn--ctbank-com-k8ab.cn becomes cítíbank-com.cn.
However, phishing has always been a problem.

Frankly, I don't see it significantly increasing the threat landscape since
it does not introduce any new risks.

What I do wonder is if there will be backwards compatibility.
Is "xn--hackerfactor.com" then same as "hackerfactor.com" since they have
the same translation?  Or do I have to register a new domain to prevent
direct phishing?  I mean, there could be some pretty cool exploits if
someone registers xn--bankofamerica.us before the real bankofamerica.us
can register it.
As far as I can tell, www.bankofamerica.us really is the bank.
  bankofamerica.us has address 171.161.161.173
  bankofamerica.us has address 171.159.65.173
  bankofamerica.us has address 171.159.193.173
  173.161.161.171.in-addr.arpa domain name pointer www.bankofamerica.com.
  173.65.159.171.in-addr.arpa domain name pointer www.bankofamerica.com.
  173.193.159.171.in-addr.arpa domain name pointer www.bankofamerica.com.
However:
  Host xn--bankofamerica.us not found: 3(NXDOMAIN)

Since the "xn--" prefix is just for an encoding, I would hope that it would
apply to all existing domains.  However, since ICANN does not say that it
will, I seriously doubt that it will.  Expect more phishing.

Frankly, I have never seen ICANN fast-track any issues without introducing
more problems than they were trying to solve.  ICANN is a committee without
any depth of thought.  As I wrote in my blog, ICANN has a hard job, but
they go out of their way to make it harder.  They take years to enforce
their own regulations, send all complaints to competing courts, and after
ignoring important topics for years, they will haphazardly create a
proposal, open it for comment, and then make a quick policy decision with
very little serious thought.

                                        -Neal
--
Neal Krawetz, Ph.D.
Hacker Factor Solutions
http://www.hackerfactor.com/
Author of "Introduction to Network Security" (Charles River Media, 2006)
and "Hacking Ubuntu" (Wiley, 2007)

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: