Cov kws tshawb fawb los ntawm Soluble ib txoj hauv kev tshiab rau sau npe nrog , zoo ib yam nyob rau hauv tsos rau lwm tus thawj, tab sis qhov tseeb txawv vim muaj cov cim nrog lub ntsiab lus sib txawv. Similar internationalized domains () thaum xub thawj siab ib muag yuav tsis txawv ntawm cov thawj ntawm cov tuam txhab muaj npe nrov thiab cov kev pabcuam, uas tso cai rau lawv siv rau phishing, suav nrog kev tau txais daim ntawv pov thawj TLS raug rau lawv.
Classic hloov pauv los ntawm qhov zoo ib yam li IDN sau tau ntev tau thaiv hauv browsers thiab cov neeg sau npe, ua tsaug rau qhov txwv tsis pub sib xyaw cov cim los ntawm cov tsiaj ntawv sib txawv. Piv txwv li, lub npe dummy apple.com ("xn--pple-43d.com") tsis tuaj yeem tsim los ntawm kev hloov cov Latin "a" (U + 0061) nrog Cyrillic "a" (U + 0430), txij li thaum Cov tsiaj ntawv hauv lub npe yog sib xyaw los ntawm cov tsiaj ntawv sib txawv tsis raug tso cai. Hauv 2017 muaj ib txoj hauv kev los hla kev tiv thaiv los ntawm kev siv cov cim unicode nkaus xwb hauv lub npe, tsis tas siv cov tsiaj ntawv Latin (piv txwv li, siv cov cim lus nrog cov cim zoo li Latin).
Tam sim no lwm txoj hauv kev los hla kev tiv thaiv tau pom, raws li qhov tseeb tias cov neeg sau npe thaiv kev sib xyaw Latin thiab Unicode, tab sis yog tias cov cim Unicode tau teev tseg hauv lub npe koom nrog ib pawg ntawm Latin cim, kev sib xyaw yog tso cai, txij li cov cim tau koom nrog. tib cov tsiaj ntawv. Qhov teeb meem yog nyob rau hauv lub extension muaj homoglyphs zoo sib xws hauv kev sau ntawv rau lwm cov cim ntawm cov tsiaj ntawv Latin:
cim ""zoo li "a", ""-"g", ""-"l".
Qhov muaj peev xwm sau npe cov npe uas cov tsiaj ntawv Latin sib xyaw nrog cov cim Unicode tau txheeb xyuas los ntawm tus neeg sau npe Verisign (lwm tus neeg sau npe tsis tau sim), thiab subdomains tau tsim hauv cov kev pabcuam ntawm Amazon, Google, Wasabi thiab DigitalOcean. Qhov teeb meem tau pom nyob rau lub Kaum Ib Hlis xyoo tas los thiab, txawm tias cov ntawv ceeb toom xa tuaj, peb lub hlis tom qab nws tau kho nyob rau feeb kawg nkaus xwb hauv Amazon thiab Verisign.
Thaum lub sijhawm sim, cov kws tshawb fawb tau siv $ 400 los sau npe cov npe hauv qab no nrog Verisign:
- amzone.com
- chaw.com
- sΙlesforce.com
- kev. com
- ppΙ©e.com
- ebΙy.com ib
- static.com
- ntawm steΙmpowered.com
- lub vev xaib
- theverΙ‘e.com cov
- ntxhua khaub ncawsΙ‘tonpost.com
- pab ..com
- wawm rt.com
- wΙsΙbisys.com
- yoj.com
- cia siab tias yuav ntsib kev noj qab nyob zoo.com
- ntawm.com
- gmΙiΙ©.com ib
- goo.kv
- huffinKawm ntawv
- nyob rau hauv instaΙ‘ram.com
- microsofton hais txog qhov ua tau zoo ntawm kev ua haujlwm
- ΙmΙzonΙws.com
- ndroid.com
- ntawm netfΙ©ix.com
- nvidi.com ua
- oogΙ©e.com
Cov kws tshawb fawb kuj tau pib txhawm rau txheeb xyuas koj cov npe rau lwm txoj hauv kev nrog homoglyphs, suav nrog kev txheeb xyuas cov npe uas twb tau sau npe lawm thiab daim ntawv pov thawj TLS nrog cov npe zoo sib xws. Raws li rau HTTPS daim ntawv pov thawj, 300 lub npe nrog homoglyphs raug kuaj xyuas los ntawm Daim Ntawv Pov Thawj Transparency cav, ntawm cov cim ntawm daim ntawv pov thawj tau kaw rau 15.
Tam sim no Chrome thiab Firefox browsers tso saib cov npe no hauv qhov chaw nyob bar hauv qhov cim nrog lub npe "xn--", txawm li cas los xij, hauv kev sib txuas cov npe tshwm sim yam tsis tau hloov dua siab tshiab, uas tuaj yeem siv los ntxig cov peev txheej phem lossis txuas mus rau nplooj ntawv, hauv qab guise ntawm rub tawm lawv los ntawm qhov chaw raug cai. Piv txwv li, ntawm ib qho ntawm cov npe uas tau txheeb xyuas nrog homoglyphs, qhov kev faib tawm ntawm qhov tsis zoo ntawm lub tsev qiv ntawv jQuery raug kaw.
Tau qhov twg los: opennet.ru