Firefox update helps prevent Web site spoofing

The Mozilla Foundation has released Firefox 1.0.1, an update to their popular Web browser for multiple platforms including Mac OS X. The new release is available for download from the Mozilla Web site. The updated release has improved stability and "several fixes to guard against spoofing and arbitrary code execution," according to the developers.

The Firefox 1.0.1 release now displays by default International Domain Names as "punycode" instead of Unicode. This helps eliminate a "spoofing" problem recently publicized by e-security firm Secunia.

Unicode is the 16-bit character set that enables computers to display characters from many international languages. Punycode is what's described as a "bootstring encoding" of Unicode. The problem addressed by the Firefox update stems from Unicode's ability to display characters that look like regular ASCII characters, but aren't.

By converting IDN URLs to Punycode, Firefox will make users more aware if the Web site they're visiting is not what it truly appears to be -- helping to reduce the likelihood that Firefox users will be the victims of a "phishing" attack, yielding sensitive information to a phony Web site they think is another location.

This story, "Firefox update helps prevent Web site spoofing" was originally published by PCWorld.

  
Shop Tech Products at Amazon