OT: Important Security Issue in Non-IE browsers
 

Ironically IE is NOT affected by this vulnerability.

...but then unless it has the plugin for it, it doesn't support this anyway!

Thread at DSLReports Security: The state of homograph attacks

Brief Summary: browsers supporting Punycode/IDN are vulnerable to a URL spoofing attack that can easily fool less sophisticated and complacent users. The address bar will contain the expected url (in text, not an image even!) and even the https: protocol and lock icon can be spoofed.

The most disturbing part of the story is this: (emphasis mine)
http://forum.shrapnelgames.com/images/smilies/eek.gif

Proof of concept link:
http://www.shmoo.com/idn/

There is a workaround for Mozilla browsers but it only partially works. In the meantime I suggest you type in/use a bookmark and never click links in emails. http://forum.shrapnelgames.com/images/smilies/wink.gif As for Opera users, show your displeasure by pirating...oh wait, I mean, by switching to Mozilla. http://forum.shrapnelgames.com/image...ies/tongue.gif

Re: OT: Important Security Issue in Non-IE browser
 

http://forum.shrapnelgames.com/images/smilies/eek.gif

The fix for Firefix is pretty simple. Type about:config in the address bar. Scroll down until you see network.enableIDN then double-click it to change the value to false. This shouldn't hurt anything, since IE doesn't support this feature anyway (and the internet is IE-biased).

Re: OT: Important Security Issue in Non-IE browser
 

As noted in the DSLReports thread, that workaround doesn't work correctly. The behavior doesn't stick, although the setting does still appear. It will hopefully be soon fixed.

There is another workaround for Mozilla browsers that involves editing another file. This post contains it. Also see this one.

There we go.

There's also a Proxo filter that Proxomitron users can add: This one