undefined | Better HN

0 pointsfloatrock7y ago0 comments

Also using similar unicode characters in your username for nefarious spoofing attacks or worse -- https://labs.spotify.com/2013/06/18/creative-usernames/

This is called a Homoglyph attack.

If you accept unicode for strings that should be "unique" (eg username), there are various normalization schemes that basically convert equivalent-ish looking characters into a consistent hash.

I have no doubt spam filters use this.

0 comments

xyzzy_plugh7y ago

I'm still waiting for the .corn TLD...

j / k navigate · click thread line to collapse

0 pointsfloatrock7y ago0 comments

Also using similar unicode characters in your username for nefarious spoofing attacks or worse -- https://labs.spotify.com/2013/06/18/creative-usernames/

This is called a Homoglyph attack.

If you accept unicode for strings that should be "unique" (eg username), there are various normalization schemes that basically convert equivalent-ish looking characters into a consistent hash.

I have no doubt spam filters use this.