Jesus H. What will they think of next?
About Safari International Domain Name support:
The Issue
Safari can display Unicode characters in URLs, allowing you to access foreign language websites using their native language. For example, you could enter the Japanese language URL “宝島.jp” to visit the website instead of using the Latin alphabet that represents that domain name to get there.
However, lookalike characters could be used to make users believe that they are viewing a different site than what they actually are. For example, the Cyrillic letter “a” could be used in place of the Latin letter “a,” making it difficult for a user to tell if they are at “www.apple.com” or a malicious imposter website that's designed to look like the real one. These sites can be used to collect account numbers, passwords, and other personal information. This can affect any web browser with support for International Domain Names. Security Update 2005-003 addresses this issue.
The Solution
Security Update 2005-003 provides a user-editable list of scripts that are allowed to be displayed natively in domain names. The default list does not include Latin lookalike scripts (Cherokee, Cyrillic, and Greek) that could be used to trick users into navigating to malicious sites.
