Russian a new security risk?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Russian a new security risk?

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786

    Russian a new security risk?

    INTERNATIONAL DOMAIN NAMES POSE A NEW SECURITY RISK

    from an article here: http://www.sciam.com/2002/0602issue/0602scicit5.html
    which i found on slashdot

    ----------------------------------
    One example is a homograph of microsoft.com incorporating the Russian Cyrillic letters "c" and "o," which are almost indistinguishable from their Latin alphabet counterparts. The two students who registered it, Evgeniy Gabrilovich and Alex Gontmakher of the Technion-Israel Institute of Technology in Haifa did so to make a point: they suggest that a hacker could register such a name and take advantage of users' propensity to click on, rather than type in, Web links. These fake domain names could lead to a spoof site that invisibly captures bank account information or other sensitive details.
    ----------------------------------
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    742
    Thank's for the good reading Tedob1.
    I have only one comment: I just loves the Internet .

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    And people are just now figuring this kinda crap out?!? About the only thing that keeps people from impersonating others online (if you can even call it that) are company lawyers that are continually looking for this kind of crap... of course, that flies about as far as the borders of this country (the US).

    It's always been a huge security risk... just how can you be absolutely sure that the "person" or company you are talking to on the other side of that connection is exactly who you think it is, etc... the short answer: you really can't... yes, there are such things are "Certificate Authorities" but 1) who's to say that they are trustworthy (or someone isn't impersonating a so-called "reliable one") and 2) who's to say they haven't been spoofed themselves (there was a famous case with MicroSoft on this many moons ago now - just a case-in-point).

    Certainly a lot to think about... reminds me of a talk I once had with Ranum - about the only way to make sure that the person is who they say they are and that you have a secure way of chatting with them: locking the two of you in a basement together where you can a system of public keys (for reasonably strong public key cryptogrpahy) and exchange them on secure media. Even then... it's not foolproof.
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    380
    lol you sound like a spy draziw

    I would suggest calling the company if you expect to deal with them, if they have a thick foreign accent or don't answer the phone, it's fishy...
    [shadow]Scorp666, the Infamous Orgasmatron[/shadow]

  5. #5
    Member
    Join Date
    May 2002
    Posts
    64
    man that could get your paranoia going... I dont trust mostly anyone online unless I know them personally and then..... I wonder what thier motives are for being my friend in the first place.....hehe jk.

    There was a law I believe that was passed that prevented lets say my new company farbrausch (not really mine but check it out online) from having somone take the .com title ahead of me and trying to sell it back to me for an outragious amount.
    Integrity...loyalty.....and the willingness to make a better world for us all.

  6. #6
    Banned
    Join Date
    Aug 2001
    Posts
    46
    LOL Spy ay that rings some Bells

  7. #7
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    "Internationalizing names might succeed only in turning the global network into a Tower of Babel. "

    Ain't that the truth.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  8. #8
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Hah, Ill register antionline.com and h4x0r all of your passwords

    Im wondering if Verisign took down the system of international domain names or is it still up?

  9. #9
    Originally posted here by Seeker_319

    man that could get your paranoia going... I dont trust mostly anyone online unless I know them personally and then..... I wonder what thier motives are for being my friend in the first place.....hehe jk.




    No need to joke. I agree with what you have to say. Only the paranoid survive...



    This sounds very similar to the old "fake Hotmail page" were you would enter your password and it would be recorded.....

  10. #10
    Banned
    Join Date
    Aug 2001
    Posts
    46
    Yeah, that sounds about right only the paranoid survive because they are causious

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •