- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Chrome, Firefox, and Opera users beware: This isn’t the apple.com you want
Posted on 4/21/17 at 9:50 am
Posted on 4/21/17 at 9:50 am
LINK
Visiting https://www.xn--80ak6aa92e.com/ is safe, and you should actually go there now to see what your address bar shows to see if you are vulnerable.
quote:
If you're using Chrome, Firefox, or Opera to view websites, you should be aware of a weakness that can trick even savvy people into trusting malicious impostor sites that want you to download software or enter your password or credit card data. The weakness involves the way these browsers display certain characters in the address bar. Until Google released version 58 in the past 24 hours, for instance, Chrome displayed https://www.xn--80ak6aa92e.com/ as https://www.apple.com. The latest versions of Firefox and Opera by default continue to present the same misleading address. As the screenshot above demonstrates, the corresponding website has nothing to do with Apple. Had a malicious attacker registered the underlying xn--80ak6aa92e.com domain, she could have used it to push backdoored software or to trick visitors into divulging passwords or other sensitive information.
Visiting https://www.xn--80ak6aa92e.com/ is safe, and you should actually go there now to see what your address bar shows to see if you are vulnerable.
3
Posted on 4/21/17 at 10:01 am to Korkstand
quote:
Visiting https://www.xn--80ak6aa92e.com/ is safe, and you should actually go there now....
Posted on 4/21/17 at 10:15 am to LSUtigerME
I wouldn't steer you guys wrong. I would hope I would get banned if I linked a malware site.
Posted on 4/21/17 at 10:26 am to Korkstand
phew, just updated chrome to make it show the correct link... that's insane
P.S: For chrome users, you can actually hover over the link Korkstand posted and see what Chrome will show you on the other end, without having to even click on it. Originally it said apple.com - which is terrifying (luckily I just don't click on links... like ever)
P.S: For chrome users, you can actually hover over the link Korkstand posted and see what Chrome will show you on the other end, without having to even click on it. Originally it said apple.com - which is terrifying (luckily I just don't click on links... like ever)
Posted on 4/21/17 at 10:32 am to BaddestAndvari
quote:
For chrome users, you can actually hover over the link Korkstand posted and see what Chrome will show you on the other end, without having to even click on it. Originally it said apple.com - which is terrifying (luckily I just don't click on links... like ever)
Ditto for Firefox. I applied the about:config fix the article describes for all my Firefox profiles yesterday.
Posted on 4/21/17 at 10:40 am to BaddestAndvari
quote:Opera does that as well. When I clicked the link opera tells me its not a legit site though.
P.S: For chrome users, you can actually hover over the link Korkstand posted and see what Chrome will show you on the other end, without having to even click on it. Originally it said apple.com - which is terrifying (luckily I just don't click on links... like ever)
Posted on 4/21/17 at 10:50 am to BaddestAndvari
so when I hover over the long link (second one) it says apple.com. So am I in danger here?
Im using Chrome
ETA sorry for the stupid question, just want to make sure I understand.
Im using Chrome
ETA sorry for the stupid question, just want to make sure I understand.
This post was edited on 4/21/17 at 10:51 am
Posted on 4/21/17 at 10:59 am to 4WHLN
quote:
ETA sorry for the stupid question, just want to make sure I understand.
Does ETA'ing it's "stupid" mean you understand now?
(If not, then yes, you should update.)
Posted on 4/21/17 at 11:00 am to 4WHLN
In this instance, no. The fake apple.com was created by the discloser as a proof of concept. The vulnerability takes advantage of the code to display representations of unicode characters in the browser bar as the unicode character. Chrome and by extension Opera (which is currently built on chromium) is patching this issue. Firefox is still vulnerable.
Posted on 4/21/17 at 11:14 am to 4WHLN
quote:You are not in danger by clicking that particular link, but yes, if it shows 'apple.com' then your browser needs to be updated.
so when I hover over the long link (second one) it says apple.com. So am I in danger here?
Posted on 4/21/17 at 11:41 am to Korkstand
gotcha. I am now updated. thanks for the info 
Posted on 4/21/17 at 10:52 pm to Korkstand
What about mobile? I have a note 5 and it's saying everything is updated but it's still bringing me to the apple.com....
Posted on 4/22/17 at 12:38 am to CENLALSUFAN
The mobile browsers will probably be a little behind. My chrome on Android still shows apple, but the chrome canary version seems to be updated. I'd give it a few days. Meanwhile, I wouldn't worry too much about this. As long as you use your bookmarks, type in an address, or stick to trusted sites, you'll be fine.
This post was edited on 4/22/17 at 12:39 am
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News