On Mon, 7 Mar 2005, Kevin Day wrote: > What would (to me) make more sense is if the browser made it more clear > that a homograph was being used. > > In the address bar, any character that's not from the user's language > character set(or family of languages possibly) would appear as a > different color. Maybe make the foreign characters red, or the > background color around each foreign character blue or something. You have come to the same idea as I did :-) (hope my post to Bugtraq will pass the moderation), just with a different flavor. That's a good sign for me, and this kind of solution seems to be not-so-hard to implement. > It still would require a bit of user education, but maybe the first > time it happened the browser can pop up with "The address of the site > you are going to contains characters from another language. If you > clicked on a link to a site you expected to be in [User's default > language], A small addition: not "language", but "languages". And, may be even more -- "character set". For example, russian-speaking users currently use only latin letters, as all the world do. And if IDN somewhen becomes common, they would have to use a mixture of latin and cyrillic letters. (I hope IBM wold be clever enough to grab the "IBM.com" domains, where "B" is "cyrillic capital VE" and/or "M" is "cyrillic capital M". :-) > you might be going to a fraudulent site. The questionable > characters are highlighted in blue in the address bar above. [x] Do not > show this again for Cyrillic language letters" Unfortunately, most users in case of such warnings blindly press [Ok] not even trying to read what they are warned about. And if there is a "[x] Don't show this again..." option, they will immediately swith it on. So, such switchable-off protection would in fact become illusory... _________________________________________ Dmitry Yu. Bolkhovityanov The Budker Institute of Nuclear Physics Novosibirsk, Russia
