[UA-discuss] [Ext] Once again
David Conrad
david.conrad at icann.org
Wed Jun 27 18:14:51 UTC 2018
Hi Maxim,
To be clear, I wasn’t endorsing the white paper, rather just suggesting it was the trigger for the BBC coverage.
After a brief scan, I do find some of the stats in the white paper interesting but don’t know enough about their methodology to go beyond that.
However, I suspect Farsight Security would be interested in suggestions in improvement for their methodology (after all, it’d mean more potential risks they’d be protecting their customers from).
Regards,
-drc
> On Jun 27, 2018, at 12:50 PM, Maxim Alzoba <m.alzoba at gmail.com> wrote:
>
> Hi David,
>
> I meant to that it might be good to avoid misconception of "IDN only issue".
> (unfortunately I downloaded it and read)
>
> The Report itself does not have anything about latin script issues.
>
> P.s: they even failed to check which TLD are using Cyrillic Russian script (done easily via IANA script page
> https://www.iana.org/domains/idn-tables <https://www.iana.org/domains/idn-tables>
> )
> for example did not mentioned (and most probably did not review) .москва(.xn--80adxhks) with 15k domains,
> but mentioned .дети(xn--d1acj3b) with <1.5k
>
> P.P.s: reviews which see wiki as a creditable source of information are ... entertaining
>
>
>
> Sincerely Yours,
>
> Maxim Alzoba
> Special projects manager,
> International Relations Department,
> FAITID
>
> m. +7 916 6761580(+whatsapp)
> skype oldfrogger
>
> Current UTC offset: -5 (Panama)
>
>> On 27 Jun 2018, at 11:15, David Conrad <david.conrad at icann.org <mailto:david.conrad at icann.org>> wrote:
>>
>> Hi Maxim,
>>
>> You mean you want me to actually read the paper instead of just the executive summary? :)
>>
>> (A bit buried right now during the ICANN meeting)
>>
>> Regards,
>> -drc
>>
>>> On Jun 27, 2018, at 11:02 AM, Maxim Alzoba <m.alzoba at gmail.com <mailto:m.alzoba at gmail.com>> wrote:
>>>
>>> Hello David,
>>>
>>> Were pairs like 1 and l , 0 and o in latin script analyzed?
>>> (it might give better perception of what it going on and if the confusion is limited to IDNs or is it a general issue)
>>>
>>> Sincerely Yours,
>>>
>>> Maxim Alzoba
>>> Special projects manager,
>>> International Relations Department,
>>> FAITID
>>>
>>> m. +7 916 6761580(+whatsapp)
>>> skype oldfrogger
>>>
>>> Current UTC offset: -5.00 (Panama)
>>>
>>>
>>>
>>>> On 27 Jun 2018, at 10:56, David Conrad <david.conrad at icann.org <mailto:david.conrad at icann.org>> wrote:
>>>>
>>>> I suspect that might be triggered by:
>>>>
>>>> https://info.farsightsecurity.com/farsight-idn-research-report?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioscodebook&stream=technology <https://info.farsightsecurity.com/farsight-idn-research-report?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioscodebook&stream=technology>
>>>>
>>>> From the executive summary:
>>>>
>>>> Among the key findings:
>>>>
>>>> 100M total IDN resolutions observed; 27M unique fully qualified domain names (FQDNs)
>>>>
>>>> 8,000 IDN homographs representing or containing a top global brand name
>>>>
>>>> Unicode “confusables” make up a significant percentage of the characters found in IDNs; 91% of all characters observed in IDN homographs are considered “confusable” -- a “confusable” is a Unicode code point that is often easily confused with other characters, ligatures, and/or digraphs.
>>>>
>>>> Brands in banking and other related sectors are frequently imitated using IDN homographs with ~750 unique FQDNs observed per month
>>>>
>>>> 91% of IDN homographs offered some sort of webpage
>>>>
>>>> We found clear violations of the ICANN Guidelines for the Implementation of Internationalized Domain Names
>>>>
>>>> 66% of all IDN homograph IP addresses were found to be geolocated in the United States
>>>>
>>>> 93% of IDN homograph FQDNs had IPv4-based address records
>>>>
>>>>
>>>> Regards,
>>>> -drc
>>>>
>>>>> On Jun 27, 2018, at 10:27 AM, Andrew Sullivan <ajs at anvilwalrusden.com <mailto:ajs at anvilwalrusden.com>> wrote:
>>>>>
>>>>> I see, via Slashdot, that the BBC is once again promoting this problem:
>>>>>
>>>>> https://it.slashdot.org/story/18/06/26/2031212/scammers-abuse-multilingual-domain-names <https://it.slashdot.org/story/18/06/26/2031212/scammers-abuse-multilingual-domain-names>
>>>>>
>>>>> A
>>>>> --
>>>>> Andrew Sullivan
>>>>> ajs at anvilwalrusden.com <mailto:ajs at anvilwalrusden.com>
>>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ua-discuss/attachments/20180627/8c9bebbb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/ua-discuss/attachments/20180627/8c9bebbb/signature.asc>
More information about the UA-discuss
mailing list