sorry if this is old<br>thanks to ign for this info<br><br>Eric Johanson has reported a security issue in Safari, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. <br><br>The problem is caused due to an unintended result of the IDN (International Domain Name) implementation, which allows using international characters in domain names. <br><br>This can be exploited by registering domain names with certain international characters that resembles other commonly used characters, thereby causing the user to believe they are on a trusted site. <br><br>Secunia has constructed a test, which can be used to check if your browser is affected by this issue: <br>http://secunia.com/multiple_browsers_idn_spoofing_test/ <br><br>Solution: <br>- Don't follow links from untrusted sources. <br>- Manually type the URL in the address bar. <br><br>More information <br>http://secunia.com/advisories/14163/ (Firefox/Mozilla/Camino) <br>http://secunia.com/advisories/14164/ (Safari) <br><br>The latest version of Saft provides a fix for this in Safari: <br>http://haoli.dnsalias.com/Saft/ <br><br>This is a pretty interesting problem, and from what I understand it's not really the browsers fault. I'll be curious to see what the official solution is. <br><br>On the bright side, the same company has recently discovered far more problems with Internet Explorer for Windows (including spoofing problems, which have been an issue there for a while): <br>http://secunia.com/advisories/11165/ <br><br><br><br><br>