Although most Apple users install the updates, there is always an exception. If you are one of those who do not update their devices, you should know that the letter “d” is not always the letter “d” when it appears in line Safari addresses.
It may not sound serious to you, but it is a very important problem because it can lead you to adventures according to various security researchers.
IDN homogeneity attacks can occur if you write a domain name with Unicode characters that resemble typical Latin letters, but they are not.
The domains these are used for phishing, tricking users into thinking they are accessing a normal site instead of a cleverly crafted clone.
Xisigr, a security researcher at Tencent Security Xuanwu Lab, recently discovered how Apple products handle Unicode characters.
This, which he found the researcher is that Apple has done a good job with most Unicode characters, except one that is letter letter (ꝱ) (U + A771).
The character looks like a regular letter 'd', except it also features a lower apostrophe. So xisigr discovered that Safari was not showing the apostrophe, but was showing the letter dum as the Latin letter d.
The researcher reported his findings to Apple, which released security updates in July for Safari, and the software for iOS, macOS, tvOS and watchOS.
______________________
- Turkey's Vestel Venus Z20 the desperate boycott
- Decline in iPhone sales, Xiaomi's impressive growth
- Microsoft: Padlock in the Hotfix service