No Homo-Graph

Checks for homo-graphs in the domain name of the current website to prevent phishing.

Vad är No Homo-Graph?

No Homo-Graph är en Chrome-tillägg utvecklad av em_te, och dess huvudfunktion är "Checks for homo-graphs in the domain name of the current website to prevent phishing.".

Tilläggsskärmbilder

screenshot
screenshot
screenshot

Ladda ner No Homo-Graph-förlängningens CRX-fil

Ladda ner No Homo-Graph-filändelser i crx-format, installera Chrome-tillägg manuellt i webbläsaren eller dela crx-filerna med vänner för att enkelt installera Chrome-tillägg.

Användarmanual för Tillägg

                        About this Add-on
Using computer algorithms, No Homo Graph checks in real-time to see if websites you visit are spelled similar to a user-defined list of domains. If similar matches (a.k.a. homo-graphs) are found, a modal dialog is shown preventing you from interacting with the website until you indicate awareness of the risks involved. The modal dialog is modal to the website only and doesn't prevent you from switching tabs or replacing it with another website altogether. The user-defined list of domains is populated with popular domains like PayPal, Western Union, Google, Yahoo, MyEtherWallet and MoneyGram and the user is free to add and remove from the list.

For example, it will catch things like "paypaᶘ.com" if you have "paypal.com in your list.

How No Homo Graph Works
When you visit a website, this add-on parses the second-level and third-level domain from the URL and calculates the difference between them and the domains in your user-defined list. If the domains are puny-code encoded, they will be converted to Unicode. If the domains contain Cyrillic characters that look like Ascii characters, they will be converted into Ascii. If the difference is below a threshold (2 permutations if the domain is less than 7 characters excluding the TLD), it will alert the user that a match was found.

What are the Limitations?
This add-on is not fool-proof. An attacker can simply make more changes to the domain until it is different enough. But then it becomes easier to spot with the naked eye.

How is my Information Stored?
All info is stored locally on your computer.

What are Homo-Graph Attacks?
See these links:
https://slashdot.org/story/02/05/28/0142248/spoofing-urls-with-unicode
https://dev.to/loganmeetsworld/homographs-attack--5a1p

Example attacks:
https://xn--80aa0cbo65f.com (fake paypal.com)
https://www.xn--80ak6aa92e.com (fake apple.com)
http://www.xn--o1aae.com (fake cnn.com)                    

Grundläggande Information om Tillägg

Namn No Homo-Graph No Homo-Graph
ID knkgpopkjopfceiagfeneimdpeeiffej
Officiell webbadress https://chromewebstore.google.com/detail/no-homo-graph/knkgpopkjopfceiagfeneimdpeeiffej
Beskrivning Checks for homo-graphs in the domain name of the current website to prevent phishing.
Filstorlek 33.95 KB
Antal Installationer 75
Aktuell Version 0.2.5
Senast Uppdaterad 2020-03-22
Publiceringsdatum 2020-03-19
Utvecklare em_te
E-post [email protected]
Betalningssätt free
URL till Sekretesspolicy Sidan https://em-te.github.io/privacy
Stödda Språk de,en,nl,es,ru,zh-CN,ja,ko
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "__MSG_extensionName__",
    "author": "Terry Yuen",
    "version": "0.2.5",
    "description": "__MSG_extensionDescription__",
    "manifest_version": 2,
    "default_locale": "en",
    "icons": {
        "16": "icon_16.png",
        "24": "icon_24.png",
        "38": "icon_38.png",
        "48": "icon_48.png",
        "96": "icon_96.png"
    },
    "permissions": [
        "",
        "activeTab",
        "webNavigation",
        "storage"
    ],
    "background": {
        "scripts": [
            "punycode.js",
            "background.js"
        ],
        "persistent": true
    },
    "page_action": {
        "default_icon": {
            "16": "icon_16.png",
            "24": "icon_24.png",
            "38": "icon_38.png",
            "48": "icon_48.png"
        },
        "default_title": "__MSG_pageActionTitle__",
        "default_popup": "popup.html"
    },
    "options_ui": {
        "open_in_tab": true,
        "page": "settings.html"
    }
}