Weekly Digest #83

Articles

Browser In The Browser (BITB) Attack

Using JQuery to animate fake pop-up windows

User can mitigate it by dragging the window to the edge to check if the window is a real popup or fake popup

Watch Your Step: The Prevalence of IDN Homograph Attacks

• the unicode form of the IDN must resemble a legitimate and popular domain name (without the TLD). The algorithm maintains a constant list of such domain names that are likely to be spoofed by attackers, and the resemblance is measured using character replacement maps.
• the IDN and its legitimate and popular domain name match must be registered by different owners

Tutorials

How to use dig, dns query tool

The Right Way To Compare Floats in Python

>>> a, b, c = 0.1, 0.2, 0.3
>>> # Don't do this:
>>> a + b <= c
False
>>> # Do this instead:
>>> math.isclose(a + b, c) or (a + b < c)
True
>>> import numpy as np
>>> # Use numpy.allclose() to check if two arrays are equal
>>> # to each other within a tolerance.
>>>…