[UA-discuss] [Ext] Once again

David Conrad david.conrad at icann.org
Wed Jun 27 18:14:51 UTC 2018 

Hi Maxim,

To be clear, I wasn’t endorsing the white paper, rather just suggesting it was the trigger for the BBC coverage.

After a brief scan, I do find some of the stats in the white paper interesting but don’t know enough about their methodology to go beyond that.

However, I suspect Farsight Security would be interested in suggestions in improvement for their methodology (after all, it’d mean more potential risks they’d be protecting their customers from).

Regards,
-drc

> On Jun 27, 2018, at 12:50 PM, Maxim Alzoba <m.alzoba at gmail.com> wrote:
> 
> Hi David,
> 
> I meant to that it might be good to avoid misconception of "IDN only issue".
> (unfortunately I downloaded it and read)
> 
> The Report itself does not have anything about latin script issues.
> 
>  P.s: they even failed to check which TLD are using Cyrillic Russian script (done easily via IANA script page
> https://www.iana.org/domains/idn-tables <https://www.iana.org/domains/idn-tables>
> )
> for example did not mentioned (and most probably did not review) .москва(.xn--80adxhks) with 15k domains,
> but mentioned .дети(xn--d1acj3b) with <1.5k
> 
> P.P.s: reviews which see wiki as a creditable source of information are ... entertaining
> 
> 
> 
> Sincerely Yours,
> 
> Maxim Alzoba
> Special projects manager,
> International Relations Department,
> FAITID
> 
> m. +7 916 6761580(+whatsapp)
> skype oldfrogger
> 
> Current UTC offset: -5 (Panama)
> 
>> On 27 Jun 2018, at 11:15, David Conrad <david.conrad at icann.org <mailto:david.conrad at icann.org>> wrote:
>> 
>> Hi Maxim,
>> 
>> You mean you want me to actually read the paper instead of just the executive summary?  :)
>> 
>> (A bit buried right now during the ICANN meeting)
>> 
>> Regards,
>> -drc
>> 
>>> On Jun 27, 2018, at 11:02 AM, Maxim Alzoba <m.alzoba at gmail.com <mailto:m.alzoba at gmail.com>> wrote:
>>> 
>>> Hello David,
>>> 
>>> Were pairs like 1 and l , 0 and o in latin script analyzed?
>>> (it might give better perception of what it going on and if the confusion is limited to IDNs or is it a general issue)
>>> 
>>> Sincerely Yours,
>>> 
>>> Maxim Alzoba
>>> Special projects manager,
>>> International Relations Department,
>>> FAITID
>>> 
>>> m. +7 916 6761580(+whatsapp)
>>> skype oldfrogger
>>> 
>>> Current UTC offset: -5.00 (Panama)
>>> 
>>> 
>>> 
>>>> On 27 Jun 2018, at 10:56, David Conrad <david.conrad at icann.org <mailto:david.conrad at icann.org>> wrote:
>>>> 
>>>> I suspect that might be triggered by:
>>>> 
>>>> https://info.farsightsecurity.com/farsight-idn-research-report?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioscodebook&stream=technology <https://info.farsightsecurity.com/farsight-idn-research-report?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioscodebook&stream=technology>
>>>> 
>>>>  From the executive summary:
>>>> 
>>>> Among the key findings:
>>>> 
>>>> 100M total IDN resolutions observed; 27M unique fully qualified domain names (FQDNs)
>>>> 
>>>> 8,000 IDN homographs representing or containing a top global brand name
>>>> 
>>>> Unicode “confusables” make up a significant percentage of the characters found in IDNs; 91% of all characters observed in IDN homographs are considered “confusable” -- a “confusable” is a Unicode code point that is often easily confused with other characters, ligatures, and/or digraphs.
>>>> 
>>>> Brands in banking and other related sectors are frequently imitated using IDN homographs with ~750 unique FQDNs observed per month
>>>> 
>>>> 91% of IDN homographs offered some sort of webpage
>>>> 
>>>> We found clear violations of the ICANN Guidelines for the Implementation of Internationalized Domain Names
>>>> 
>>>> 66% of all IDN homograph IP addresses were found to be geolocated in the United States
>>>> 
>>>> 93% of IDN homograph FQDNs had IPv4-based address records
>>>> 
>>>> 
>>>> Regards,
>>>> -drc
>>>> 
>>>>> On Jun 27, 2018, at 10:27 AM, Andrew Sullivan <ajs at anvilwalrusden.com <mailto:ajs at anvilwalrusden.com>> wrote:
>>>>> 
>>>>> I see, via Slashdot, that the BBC is once again promoting this problem:
>>>>> 
>>>>> https://it.slashdot.org/story/18/06/26/2031212/scammers-abuse-multilingual-domain-names <https://it.slashdot.org/story/18/06/26/2031212/scammers-abuse-multilingual-domain-names>
>>>>> 
>>>>> A
>>>>> --
>>>>> Andrew Sullivan
>>>>> ajs at anvilwalrusden.com <mailto:ajs at anvilwalrusden.com>
>>> 
>> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ua-discuss/attachments/20180627/8c9bebbb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/ua-discuss/attachments/20180627/8c9bebbb/signature.asc>

More information about the UA-discuss mailing list