xn--qi7c1aq.biz
Registrar: domainsite.com
Expires in: April 2008


TQ

L@@Ks like somebody has found a phishing loophole.

Google is treating this as Latin and so is Wikipedia, but the are not standard Latin as they would not need to be IDN and all and obviously this would have already gone if where Latin.

Are they Phonetics?

Has ICANN screwed up again, or are they just going to delete these altogother when Nameprep gets up dated?

Interestingly there are no whois records for the Verisign equivalents!

I guess that is what Neustar meant about a more culturally sympathetic policy or whatever it was they were twittering on about.
I think it was double speak for not being able to handle the necessary encoding to the job properly!

I am also wondering what the F*ck that says about Mozilla's anti-phishing policy. F*cking laughable from where I am standing!

Don't list phishing domains...

edit TQ

Taking offers from 100$
Paypal Balance only.
The only offer you'll get for trying to sell phishing domains here is a permanent ban.

sorry

L@@Ks like somebody has found a phishing loophole.

Google is treating this as Latin and so is Wikipedia, but the are not standard Latin as they would not need to be IDN and all and obviously this would have already gone if where Latin.

I am also wondering what the F*ck that says about Mozilla's anti-phishing policy. F*cking laughable from where I am standing!


This is a serious security bug in IDN parsing code, which could facilitate identity theft. I suggest moving this to the member's section or removing the thread so the search engines don't get it.

I have already reported a critical security bug concerning this to mozilla.org and it is being investigated.

I won't bother reporting to microsoft since I don't have a microsoft machine with which to confirm this, and Rhys can do it easier than I can. Rhys, if you're reading... report a bug to the IE team.


.

This is a serious security bug in IDN parsing code, which could facilitate identity theft. I suggest moving this to the member's section or removing the thread so the search engines don't get it.

I have already reported a critical security bug concerning this to mozilla.org and it is being investigated.

I won't bother reporting to microsoft since I don't have a microsoft machine with which to confirm this, and Rhys can do it easier than I can. Rhys, if you're reading... report a bug to the IE team.


.

Not sure I agree with your interpretation, but it is clearly a serious problem.

I have already contacted Mozilla and DNJournal over the issue.

My interpretation was that it was a mistake in the way that Neustar have implemented dot Biz, but I am not a technical person, so there is plenty of scope for error on that one.

Not sure I agree with your interpretation, but it is clearly a serious problem.

I have already contacted Mozilla and DNJournal over the issue.

My interpretation was that it was a mistake in the way that Neustar have implemented dot Biz, but I am not a technical person, so there is plenty of scope for error on that one.

You may be right and I may be wrong. However, I can conceive of a scenario where this could facilitate identity theft. I won't go into it here, publicly.

However, Mozilla team claim that they are fully compliant with the IDN standard and that this is expected behaviour - these sort of strings are supposed to be normalized to ascii by nameprep before sending the DNS resolution request.

.

You may be right and I may be wrong. However, I can conceive of a scenario where this could facilitate identity theft. I won't go into it here, publicly.

However, Mozilla team claim that they are fully compliant with the IDN standard and that this is expected behaviour - these sort of strings are supposed to be normalized to ascii by nameprep before sending the DNS resolution request.

.

I would tend to agree with Mozilla, but as this is an IDN and not an ASCII domain it should not be allowed to be registered and also it should not be White Listed by Mozilla. Just because Neustar has an Anti-Phishing policy, it doesn't mean they have a clue what they are doing, and just because Verisign hasn't published one it does mean that they are somehow less competitant than any bloody cowboy registry that comes along. Mozilla ought to leave policy issues to ICANN who despite all the negative comment understand them much better than Mozilla.

Fullwidth Latin Small Letter

Fullwidth Latin Small Letter

Perhaps one of the worse things for you, the registrant, is that clicking a link / pasting this domain will take you to someone else's site (unless you also happen to own sex.biz).

Bizarre...

.

this is bug! From now on will be able to revise this mistake

Don't list phishing domains...

sorry，ｓｅｘ.biz is not phishing domain.
over:)