Say my name, bitch! (IDN Homograph Mitigation Strategies) presented at KiwiCon 2011

by Peter Hannay,

Tags: Security

Summary : The advent of internationalised domains has introduced a new threat with the non-english character sets allowing visual mimicry of common domain names. IDN homographs have been a pressing issue since 2003 when they were proposed, the security implications considered, a flurry of patches and then forgotten about. These protections slipped out of source trees over the years and eventually with IDNs being implemented for several TLDs came back into fashion. In this talk we explore the efficacy of IDN homograph mitigation strategies in web browsers, email clients, mobile devices and evaluate the potential for social attacks and awesomeness.