Vanotsvakurudza kubva kuSoluble nzira itsva yekunyoresa domains nayo , zvakafanana pakuonekwa kune mamwe madomasi, asi zvakatosiyana nekuda kwekuvapo kwemavara ane chirevo chakasiyana. Similar internationalized domains () inogona pakutanga kutarisa isingasiyane kubva kumatunhu emakambani anozivikanwa uye masevhisi, izvo zvinovatendera kuti vashandise phishing, kusanganisira kuwana chaiwo TLS zvitupa kwavari.
Classic substitution kuburikidza neinotaridzika yakafanana IDN domain yave yakavharwa mumabhurawuza uye maregistrars, nekuda kwekurambidzwa kwekusanganisa mavara kubva kune akasiyana alphabets. Semuenzaniso, dummy domain apple.com ("xn--pple-43d.com") haigone kugadzirwa nekutsiva Latin "a" (U+0061) neCyrillic "a" (U+0430), kubvira mavara ari mudura anosanganiswa kubva kune akasiyana alphabets haabvumidzwe. Muna 2017 paiva nzira yekunzvenga dziviriro yakadaro nekushandisa mavara eunicode chete mudura, pasina kushandisa arufabheti yechiLatin (semuenzaniso, kushandisa zviratidzo zvemutauro zvine mavara akafanana nechiLatin).
Ikozvino imwe nzira yekunzvenga chengetedzo yawanikwa, zvichibva pakuti vanyori vanovhara kusanganisa chiLatin ne Unicode, asi kana mavara eunicode anotsanangurwa mudura ari eboka remavara echiLatin, kusanganisa kwakadaro kunobvumidzwa, sezvo mavara ari arufabheti imwe chete. Dambudziko nderekuti mukuwedzera kune homoglyphs akafanana mukunyora kune mamwe mavara echiLatin alphabet:
chiratidzo""zvakafanana" na "a", ""- "g", ""-"l".
Iko mukana wekunyoresa madomasi umo mavara echiLatin anosanganiswa neakatsanangurwa Unicode mavara akaonekwa nemunyori Verisign (mamwe maregistrar haana kuedzwa), uye subdomain dzakagadzirwa mumasevhisi eAmazon, Google, Wasabi uye DigitalOcean. Dambudziko rakaonekwa munaNovember gore rapfuura uye, kunyangwe zviziviso zvakatumirwa, mwedzi mitatu gare gare yakagadziriswa paminiti yekupedzisira chete muAmazon neVerisign.
Munguva yekuyedza, vaongorori vakashandisa $400 kunyoresa anotevera madomasi neVerisign:
- amzon.com
- chsese.com
- sslesforce.com
- Wemasai.com
- Ι©ppΙ©e.com
- ebyy.com
- Static.com
- bvvabativa.com
- kumaru.com
- gdc-dc.com
- washinwtonpost.com
- pΙypΙΙ©.com
- wmlmrt.com
- www.kakora.com
- yhoo.com
- cΙ©oudfΙ©are.com
- de.com
- gmΙiΙ©.com
- goleleapis.com
- huffinΙ‘tonpost.com
- anetsons.net
- microsoftonΙ©ine.com
- Mazai.com
- roidndroid.com
- netfix.com
- nvidiΙ.com
- Ι©oogΙ©e.com
Vatsvakurudzi vakatanga zvakare kutarisa madomasi ako kuti uwane dzimwe nzira dzine homoglyphs, kusanganisira kutarisa matunhu akanyoreswa kare uye zvitupa zveTLS zvine mazita akafanana. Kana zviri zvitupa zveHTTPS, mazana matatu madomasi ane homoglyphs akatariswa kuburikidza neSitifiketi Transparency logs, iyo chizvarwa chezvitupa chakarekodhwa gumi neshanu.
Azvino mabhurawuza eChrome neFirefox anoratidza madomasi akadaro mubhawa rekero mune notation ine prefix "xn--", zvisinei, mumalinks madomasi anooneka pasina kushandurwa, anogona kushandiswa kuisa zviwanikwa zvinokuvadza kana zvinongedzo pamapeji, pasi pekunyengedza. yekuadhaunirodha kubva kumasaiti ari pamutemo . Semuenzaniso, pane imwe yenzvimbo dzakatarwa dzine homoglyphs, kugoverwa kweiyo yakaipa vhezheni yejQuery raibhurari yakanyorwa.
Source: opennet.ru