this post was submitted on 22 Sep 2025
109 points (96.6% liked)
Technology
77925 readers
4431 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's a reputable looking domain if I've ever seen one
It's a punycode domain, it's how non-Roman characters in domain names are represented. Your browser will convert it to the actual Unicode characters in the address bar (and if you type them in yourself and hit enter, it'll get translated into punycode for the actual request)
This is the Japanese katakana spelling out "Mariusu" so I'm guessing the author is called Marius
xn--gckvb8fzb
マリウス.com
Very interesting, today I learnt something cool and new ty
I've heard it's a security feature not ro render unicode in the url because otherwise people could use Unicode lookalike characters to spoof a domain.
The term "Human" does not include people who primarily read non latin-based languages silly
Shit, I forgot that Human now just means the native English-speaking world.
Ideally they should show both side by side.
Let's say that I go to google.com. The UI shows
https://google.com/. No punycode because it is plain ascii. Everything is as expected.Now let's say I click on a link for googӏe.com. The ui shows
https://xn--googe-hof.com/ (googӏe.com)I'd be like, holy shit that is a shady URL!That's how I imagine it helping, although I am not a UI expert. There could be a better way. But that googӏe.com scares me -- I can't visually tell that it is not a normal lowercase "l".
P.S. for the URL in question,
https://xn--gckvb8fzb.com/ (マリウス.com)I imagine that if I went to it frequently, I might begin to recognize the punycode, sorta like how people recognize rickroll URLs.Because it does not match google.com
For most security - centric websites, the right name is ASCII only.
For any that aren't, people would have the opportunity to become familiar with the correct fingerprint over time and have a chance to notice a difference.
I'm curious to hear if you think there is a better way. What I'm saying is unlikely to ever be implemented in a browser and I'm not trying to convince you or anything, just say why I personally would appreciate it.
Yep. Do you all have important URLs with Unicode characters?
I think it would be great if registries screened registrations for confusable names. Even if they did though, I wouldn't expect them to succeed 100%
NGL that is a beautiful website
Don't worry, you can instead visit this reputable URL: https://cheap-bitcoin.online/scanner-hijacker/malicious-payload/trojan_extractor_tool.msi?firewall=tamper&id=11aa4591&origin=spoof&payload=%28function%28%29%7B+return+undefined%3B+%7D%29%28%29%3B&sessiontoken=spoof&useragent=inject
( https://phishyurl.com/ via https://chaos.social/@FlohEinstein/115212955110814540 )
The FQDN is only a translation lookup between a human readable name and an IP address, it doesn't say anything about the trustworthiness of the content or its operators, it's just a name. DNS exists for convenience not establishing trust.