{"id":5819,"date":"2017-04-17T17:32:44","date_gmt":"2017-04-17T22:32:44","guid":{"rendered":"https:\/\/rud.is\/b\/?p=5819"},"modified":"2018-03-07T17:19:43","modified_gmt":"2018-03-07T22:19:43","slug":"when-homoglyphs-attack-generating-phishing-domain-names-with-r","status":"publish","type":"post","link":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/","title":{"rendered":"When Homoglyphs Attack! Generating Phishing Domain Names with R"},"content":{"rendered":"<p>It&#8217;s likely you&#8217;ve seen <a href=\"https:\/\/www.xn--e1awd7f.com\/\">the news<\/a> regarding yet-another researcher showing off a phishing domain attack. The technique is pretty simple:<\/p>\n<ul>\n<li>find a target domain you want to emulate<\/li>\n<li>register a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Homoglyph\">homoglpyh<\/a> version of it<\/li>\n<li>use <strike>the hacker&#8217;s favorite tool,<\/strike> Let&#8217;s Encrypt to serve it up with a nice, shiny green lock icon<\/li>\n<li>deploy some content<\/li>\n<li>phish someone<\/li>\n<li>Profit!<\/li>\n<\/ul>\n<p>The phishing works since International Domain Names have been &#8220;a thing&#8221; for a while (anything for the registrars to make more money) and Let&#8217;s Encrypt provides a domain-laundering service for these attackers. But, why should attackers have all the fun! Let&#8217;s make some domain homoglyphs in R.<\/p>\n<h3>Have Glyph, Will Hack<\/h3>\n<p>Rob Dawson has a spiffy <a href=\"https:\/\/github.com\/codebox\/homoglyph\">homoglyph generator<\/a> and even has a huge glyph-alike file, but we don&#8217;t need the full list to don the hacker cap for this exercise. I&#8217;ve made a <a href=\"https:\/\/rud.is\/dl\/homoglyphs.txt\">stripped-down version<\/a> of it that has (mostly) glyphs that should display correctly in &#8220;western&#8221; locales. You can pull the full list and tweak the example to broaden the attack capabilities. Let&#8217;s take a look:<\/p>\n<pre id=\"hglyph-01\"><code class=\"language-r\">library(stringi)\r\nlibrary(urltools)\r\nlibrary(purrr)\r\n\r\nURL &lt;- &quot;https:\/\/rud.is\/dl\/homoglyphs.txt&quot; # trimmed down from https:\/\/github.com\/codebox\/homoglyph\r\nfil &lt;- basename(URL)\r\ninvisible(try(httr::GET(URL, httr::write_disk(fil)), silent = TRUE))\r\n\r\nchars &lt;- stri_read_lines(fil)\r\nidx_char &lt;- stri_sub(chars, 1,1)\r\nstri_sub(chars, 1, 1) &lt;-  &quot;&quot;\r\nchars &lt;- set_names(chars, idx_char)\r\n\r\ntail(chars)\r\n##                                         u \r\n##          &quot;\u028b\u03c5\u0446\u057d\\u1d1c\uff55??????????????????&quot; \r\n##                                         v \r\n##        &quot;\u03bd\u0475\u05d8\\u1d20\u2174\u2228\u22c1\uff56??????????????????&quot; \r\n##                                         w \r\n##                                      &quot;\uff57&quot; \r\n##                                         x \r\n##                &quot;\u00d7\u0445\u1541\u157d\u166e\u2179\u292b\u292c\u2a2f\uff58?????????????&quot; \r\n##                                         y \r\n## &quot;\u0263\u028f\u03b3\u0443\u04af\u10e7\\u1d8c\\u1eff\u213d\uff59??????????????????&quot; \r\n##                                         z \r\n##                   &quot;\\u1d22\uff5a?????????????&quot;<\/code><\/pre>\n<p>What we did there was to read in the homoglpyh lines and create a lookup table for Latin characters. Now we need a transformation function.<\/p>\n<pre id=\"hglyph-02\"><code class=\"language-r\">to_homoglyph &lt;- function(domain) {\r\n\r\n  suf &lt;- suffix_extract(domain)\r\n  domain &lt;- stri_replace_last_fixed(domain, sprintf(&quot;.%s&quot;, suf$suffix[1]), &quot;&quot;)\r\n\r\n  domain_split &lt;- stri_split_boundaries(domain, type=&quot;character&quot;)[[1]]\r\n\r\n  map_chr(domain_split, ~{\r\n    found &lt;-  chars[.x]\r\n    pos &lt;- sample(stri_count_boundaries(found, type=&quot;character&quot;), 1)\r\n    stri_sub(found, pos, pos)\r\n  }) %&gt;%\r\n    c(&quot;.&quot;, suf$suffix[1]) %&gt;%\r\n    stri_join(collapse=&quot;&quot;)\r\n\r\n}<\/code><\/pre>\n<p>The basic idea is to:<\/p>\n<ul>\n<li>carve out the domain suffix (we need to ensure valid TLDs\/suffixes are used in the final domain) <\/li>\n<li>split the input domain into separate characters<\/li>\n<li>select a homoglyph of the character at random<\/li>\n<li>join the separate glpyhs and the TLD\/suffix back together.<\/li>\n<\/ul>\n<p>We can try it out with a very familiar domain:<\/p>\n<pre id=\"hglyph-03\"><code class=\"language-r\">(converted &lt;- to_homoglyph(&quot;google.com&quot;))\r\n## [1] &quot;\u018d\u1040\u0ed0?|?.com&quot;<\/code><\/pre>\n<p>Now, that&#8217;s using all possible homoglyphs and it might not look like <code>google.com<\/code> to you, but imagine whittling down the list to ones that are really close to Latin character set matches. Or, imagine you&#8217;re in a hurry and see that version of Google&#8217;s URL with a shiny, green lock icon from Let&#8217;s Encrypt. You might not really give it a second thought if the page looked fine (or were on a mobile browser without a location bar showing).<\/p>\n<h3>What&#8217;s the solution?<\/h3>\n<p>Firefox has a configuration setting to turn these IDNs into <a href=\"https:\/\/en.wikipedia.org\/wiki\/Punycode\">punycode<\/a> in the location bar. What does that mean? We can use the <code>urltools::puny_encode()<\/code> function to find out:<\/p>\n<pre id=\"hglyph-04\"><code class=\"language-r\">puny_encode(&quot;\u018d\u1040\u0ed0?|?.com&quot;)\r\n## [1] &quot;xn--|-npa992hbmb6w79iesa.com&quot;<\/code><\/pre>\n<p>Most folks will be much less likely to trust that domain name (if they bother looking in the location bar). Note that it will still have the &#8220;everything&#8217;s ?&#8221; green Let&#8217;s Encrypt lock icon, but you shouldn&#8217;t be trusting SSL\/TLS anymore for integrity or authenticity anyway.<\/p>\n<p>Chrome Canary (super early bird alpha versions) expands IDNs to punycode by default today and a shorter-cycle release to stable channel is forthcoming. I&#8217;m told Edge does somewhat sane things with IDNs and if Safari doesn&#8217;t presently handle them Apple will likely release an interstitial security update to handle it.<\/p>\n<h3>FIN<\/h3>\n<p>See if you can generate some fun look-alike&#8217;s, such as <code>???????.com<\/code> and drop some latte change to register an IDN and add a free hacking certificate to it to see just how easy this entire process is. Note that attackers are automating this process, so they may have beat you to your favorite homoglyph IDN.<\/p>\n<p>If you&#8217;re on Chrome, give the <a href=\"https:\/\/chrome.google.com\/webstore\/detail\/punycode-alert\/djghjigfghekidjibckjmhbhhjeomlda\">Punycode Alert<\/a> extension a go if you&#8217;d like some extra notification\/protection from these domains.<\/p>\n<p>NOTE: <code>to_homoglyph()<\/code> is not vectorised (it&#8217;s an exercise left to the reader).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It&#8217;s likely you&#8217;ve seen the news regarding yet-another researcher showing off a phishing domain attack. The technique is pretty simple: find a target domain you want to emulate register a homoglpyh version of it use the hacker&#8217;s favorite tool, Let&#8217;s Encrypt to serve it up with a nice, shiny green lock icon deploy some content [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[91],"tags":[810],"class_list":["post-5819","post","type-post","status-publish","format-standard","hentry","category-r","tag-post"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is\" \/>\n<meta property=\"og:description\" content=\"It&#8217;s likely you&#8217;ve seen the news regarding yet-another researcher showing off a phishing domain attack. The technique is pretty simple: find a target domain you want to emulate register a homoglpyh version of it use the hacker&#8217;s favorite tool, Let&#8217;s Encrypt to serve it up with a nice, shiny green lock icon deploy some content [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\" \/>\n<meta property=\"og:site_name\" content=\"rud.is\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-17T22:32:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-03-07T22:19:43+00:00\" \/>\n<meta name=\"author\" content=\"hrbrmstr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"hrbrmstr\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\"},\"author\":{\"name\":\"hrbrmstr\",\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"headline\":\"When Homoglyphs Attack! Generating Phishing Domain Names with R\",\"datePublished\":\"2017-04-17T22:32:44+00:00\",\"dateModified\":\"2018-03-07T22:19:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\"},\"wordCount\":601,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"keywords\":[\"post\"],\"articleSection\":[\"R\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\",\"url\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\",\"name\":\"When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/#website\"},\"datePublished\":\"2017-04-17T22:32:44+00:00\",\"dateModified\":\"2018-03-07T22:19:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/rud.is\/b\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"When Homoglyphs Attack! Generating Phishing Domain Names with R\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/rud.is\/b\/#website\",\"url\":\"https:\/\/rud.is\/b\/\",\"name\":\"rud.is\",\"description\":\"&quot;In God we trust. All others must bring data&quot;\",\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/rud.is\/b\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\",\"name\":\"hrbrmstr\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"url\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"width\":460,\"height\":460,\"caption\":\"hrbrmstr\"},\"logo\":{\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\"},\"description\":\"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7\",\"sameAs\":[\"http:\/\/rud.is\"],\"url\":\"https:\/\/rud.is\/b\/author\/hrbrmstr\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/","og_locale":"en_US","og_type":"article","og_title":"When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is","og_description":"It&#8217;s likely you&#8217;ve seen the news regarding yet-another researcher showing off a phishing domain attack. The technique is pretty simple: find a target domain you want to emulate register a homoglpyh version of it use the hacker&#8217;s favorite tool, Let&#8217;s Encrypt to serve it up with a nice, shiny green lock icon deploy some content [&hellip;]","og_url":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/","og_site_name":"rud.is","article_published_time":"2017-04-17T22:32:44+00:00","article_modified_time":"2018-03-07T22:19:43+00:00","author":"hrbrmstr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"hrbrmstr","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#article","isPartOf":{"@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/"},"author":{"name":"hrbrmstr","@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"headline":"When Homoglyphs Attack! Generating Phishing Domain Names with R","datePublished":"2017-04-17T22:32:44+00:00","dateModified":"2018-03-07T22:19:43+00:00","mainEntityOfPage":{"@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/"},"wordCount":601,"commentCount":4,"publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"keywords":["post"],"articleSection":["R"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/","url":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/","name":"When Homoglyphs Attack! Generating Phishing Domain Names with R - rud.is","isPartOf":{"@id":"https:\/\/rud.is\/b\/#website"},"datePublished":"2017-04-17T22:32:44+00:00","dateModified":"2018-03-07T22:19:43+00:00","breadcrumb":{"@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/rud.is\/b\/2017\/04\/17\/when-homoglyphs-attack-generating-phishing-domain-names-with-r\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/rud.is\/b\/"},{"@type":"ListItem","position":2,"name":"When Homoglyphs Attack! Generating Phishing Domain Names with R"}]},{"@type":"WebSite","@id":"https:\/\/rud.is\/b\/#website","url":"https:\/\/rud.is\/b\/","name":"rud.is","description":"&quot;In God we trust. All others must bring data&quot;","publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rud.is\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886","name":"hrbrmstr","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","width":460,"height":460,"caption":"hrbrmstr"},"logo":{"@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1"},"description":"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7","sameAs":["http:\/\/rud.is"],"url":"https:\/\/rud.is\/b\/author\/hrbrmstr\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p23idr-1vR","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":11685,"url":"https:\/\/rud.is\/b\/2018\/12\/23\/certifiably-gone-phishing\/","url_meta":{"origin":5819,"position":0},"title":"Certifiably Gone Phishing","author":"hrbrmstr","date":"2018-12-23","format":false,"excerpt":"Phishing is [still] the primary way attackers either commit a primary criminal act (i.e. phish a target to, say, install ransomware) or is the initial vehicle used to gain a foothold in an organization so they can perform other criminal operations to achieve some goal. As such, security teams, vendors\u2026","rel":"","context":"In &quot;Cybersecurity&quot;","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6078,"url":"https:\/\/rud.is\/b\/2017\/06\/13\/keeping-users-safe-while-collecting-data\/","url_meta":{"origin":5819,"position":1},"title":"Keeping Users Safe While Collecting Data","author":"hrbrmstr","date":"2017-06-13","format":false,"excerpt":"I caught a mention of this project by Pete Warden on Four Short Links today. If his name sounds familiar, he's the creator of the DSTK, an O'Reilly author, and now works at Google. A decidedly clever and decent chap. The project goal is noble: crowdsource and make a repository\u2026","rel":"","context":"In &quot;AppSec&quot;","block_context":{"text":"AppSec","link":"https:\/\/rud.is\/b\/category\/appsec\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/06\/Cursor_and___Development_scamtracker_-_master_-_RStudio.png?fit=1200%2C529&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/06\/Cursor_and___Development_scamtracker_-_master_-_RStudio.png?fit=1200%2C529&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/06\/Cursor_and___Development_scamtracker_-_master_-_RStudio.png?fit=1200%2C529&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/06\/Cursor_and___Development_scamtracker_-_master_-_RStudio.png?fit=1200%2C529&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/06\/Cursor_and___Development_scamtracker_-_master_-_RStudio.png?fit=1200%2C529&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":10800,"url":"https:\/\/rud.is\/b\/2018\/05\/24\/gdpr-unintended-consequences-part-1-increasing-wordpress-blog-exposure\/","url_meta":{"origin":5819,"position":2},"title":"GDPR Unintended Consequences Part 1 \u2014 Increasing WordPress Blog Exposure","author":"hrbrmstr","date":"2018-05-24","format":false,"excerpt":"I pen this mini-tome on \"GDPR Enforcement Day\". The spirit of GDPR is great, but it's just going to be another Potempkin Village in most organizations much like PCI or SOX. For now, the only thing GDPR has done is made GDPR consulting companies rich, increased the use of javascript\u2026","rel":"","context":"In &quot;Commentary&quot;","block_context":{"text":"Commentary","link":"https:\/\/rud.is\/b\/category\/commentary\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11088,"url":"https:\/\/rud.is\/b\/2018\/07\/26\/two-new-apache-drill-udfs-for-processing-urils-and-internet-domain-names\/","url_meta":{"origin":5819,"position":3},"title":"Two new Apache Drill UDFs for Processing UR[IL]s  and Internet Domain Names","author":"hrbrmstr","date":"2018-07-26","format":false,"excerpt":"Continuing the blog's UDF theme of late, there are two new UDF kids in town: drill-url-tools? for slicing & dicing URI\/URLs (just going to use 'URL' from now on in the post) drill-domain-tools? for slicing & dicing internet domain names (IDNs). Now, if you're an Apache Drill fanatic, you're likely\u2026","rel":"","context":"In &quot;Apache Drill&quot;","block_context":{"text":"Apache Drill","link":"https:\/\/rud.is\/b\/category\/apache-drill\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6193,"url":"https:\/\/rud.is\/b\/2017\/08\/29\/rpad-domain-repurposed-to-deliver-creepy-and-potentially-malicious-content\/","url_meta":{"origin":5819,"position":4},"title":"Rpad Domain Repurposed To Deliver Creepy (and potentially malicious) Content","author":"hrbrmstr","date":"2017-08-29","format":false,"excerpt":"I was about to embark on setting up a background task to sift through R package PDFs for traces of functions that \"omit NA values\" as a surprise present for Colin Fay and Sir Tierney: [Please RT]#RStats folks, @nj_tierney & I need your help for {naniar}!When does R silently drop\/omit\u2026","rel":"","context":"In &quot;Cybersecurity&quot;","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/08\/Plot_Zoom.png?fit=868%2C1200&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/08\/Plot_Zoom.png?fit=868%2C1200&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/08\/Plot_Zoom.png?fit=868%2C1200&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2017\/08\/Plot_Zoom.png?fit=868%2C1200&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":11859,"url":"https:\/\/rud.is\/b\/2019\/02\/03\/r-package-update-urlscan\/","url_meta":{"origin":5819,"position":5},"title":"R Package Update: urlscan","author":"hrbrmstr","date":"2019-02-03","format":false,"excerpt":"The urlscan? package (an interface to the urlscan.io API) is now at version 0.2.0 and supports urlscan.io's authentication requirement when submitting a link for analysis. The service is handy if you want to learn about the details \u2014 all the gory technical details \u2014 for a website. For instance, say\u2026","rel":"","context":"In &quot;R&quot;","block_context":{"text":"R","link":"https:\/\/rud.is\/b\/category\/r\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/5819","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/comments?post=5819"}],"version-history":[{"count":0,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/5819\/revisions"}],"wp:attachment":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/media?parent=5819"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/categories?post=5819"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/tags?post=5819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}