[dm-devel] [PATCH v2] hex2bin: make the function hex_to_bin constant-time
Linus Torvalds
torvalds at linux-foundation.org
Wed May 4 19:51:49 UTC 2022
On Wed, May 4, 2022 at 12:43 PM Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>
> א.cc is correct. If you can't load it, your browser or something in
> your stack is broken.
It's just google-chrome.
And honestly, the last thing I want to ever see is non-ASCII URL's.
Particularly from a security person. It's a *HORRIBLE* idea with
homoglyphs, and personally I think any browser that refuses to look it
up would be doing the right thing.
But I don't think that it's the browser, actually. Even 'nslookup'
refuses to touch it with
** server can't find א.cc: SERVFAIL
and it seems it's literally the local dns caching (dnsmasq?)
> Choosing a non-ASCII domain like that clearly a
> bad decision because people with broken stacks can't load it?
No. It's a bad idea. Full stop. Don't do it.
Linus
More information about the dm-devel
mailing list