Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Hide TextExpander in the Dock

If you don't want to see TextExpander's icon in the Dock and the application switcher, you can remove it. Just open TextExpander > Preferences > Appearance, and select Hide TextExpander Icon in Dock. You'll still be able to access TextExpander from its menubar icon.

Visit Smile

 

 

Related Articles

 

 

Homographic Responses

Send Article to a Friend

In the last issue of TidBITS, I wrote about how non-English characters that resemble or are identical to Roman letters could allow scammers to spoof well-known sites by registering domain names that look identical even to the trained eye and then obtaining SSL certificates to make them look secure (see "Don't Trust Your Eyes or URLs" in TidBITS-766).

<http://db.tidbits.com/article/07983>

Over the past week, there's been some motion on a few fronts worth reporting.

First, the Mozilla Foundation will disable the internationalized domain names (IDN) support as a default in Firefox 1.0 releases. They hope to develop a more elegant approach for 1.1. They (and others) blame domain registrars for allowing domains that are homographically (written similarly) identical to well-known sites.

<http://news.netcraft.com/archives/2005/02/15/ firefox_to_disable_idn_support_as_ phishing_defense.html>

The article at Netcraft just above explains how to disable support for IDN within Mozilla, Firefox, and other browsers using the open-source "gecko" browser code by typing "about:config" in the Location field and hitting Return. Scroll down to find the setting "network.enableIDN". If this is set to true, double click it to change the setting to false. Close the window.

If you want to leave this setting on, I recommend installing SpoofStick for Firefox, a small browser extension that alerts you to homographic problems and other signs of Web spoofing.

<http://www.corestreet.com/spoofstick/>

Interestingly, although Firefox and Mozilla share much of the same code, one reader wrote that trying to install SpoofStick in Mozilla made Mozilla crash. Mozilla's plug-in infrastructure must not support Firefox's extensions, as far as I understand it. Mozilla users might look into TrustBar, which helps identify spoofed domains, although not quite in the same manner.

<http://trustbar.mozdev.org/>

Another reader wrote in to mention that her user group advised that she use Saft for Safari, which extends Safari's built-in features and has added homograph alerts.

<http://haoli.dnsalias.com/Saft/>

Finally, several readers pointed out that they couldn't get the spoof to work in their various browsers and systems. The reason? They were using systems and browsers - such as iCab under Mac OS 9 - that predate the IDN support via punycode that maps Unicode in this fashion. Older means better in this case.

 

Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Apple users who actually buy stuff.
More information: <http://tidbits.com/advertising.html>