Say my name, bitch! (IDN Homograph Mitigation Strategies)

Presented at Kiwicon V: It Goes b00m (2011), Nov. 6, 2011, 9:30 a.m. (30 minutes)

The advent of internationalised domains has introduced a new threat with the non-english character sets allowing visual mimicry of common domain names. IDN homographs have been a pressing issue since 2003 when they were proposed, the security implications considered, a flurry of patches and then forgotten about. These protections slipped out of source trees over the years and eventually with IDNs being implemented for several TLDs came back into fashion. In this talk we explore the efficacy of IDN homograph mitigation strategies in web browsers, email clients, mobile devices and evaluate the potential for social attacks and awesomeness.

Presenters:

• Peter Hannay
  Peter Hannay is a PhD student, researcher and lecturer based at Edith Cowan University in Perth Western Australia. His PhD research is focused on the acquisition and analysis of data from small and embedded devices. In addition to this he is involved in smart grid research and other projects under the banner of the SECAU research organisation.

Links:

• https://2011.kiwicon.org/the-con/talks/#e27

Similar Presentations:

• BalCCon2k22 - Loading (2022) / Internationalized Domain Names… and its possible bad uses
• HOPE 2020 Virtual Rescheduled / Launching the Cyrillic IDN TLD as the first Internationalized Domain Name in the World
• ToorCon San Diego 20 (2018) / Shooting Puny Phish in a Barrel