DOCSLIB.ORG

Phishing Defense Against IDN Address Spoofing Attacks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Phishing Defense Against IDN Address Spoofing Attacks Phishing Defense against IDN Address Spoofing Attacks Viktor Krammer 1,2 1 E-Commerce Competence Center 2 Vienna University of Technology Vienna, Austria [email protected] ABSTRACT fake mails sent to potential victims. Phishing has been al- Address spoofing is a common trick used in phishing scams ready discussed one decade ago under the more general term Web spoofing in literature [15]. to confuse unsuspecting users about a Web site’s real ori- 1 gin. With the introduction of Unicode characters into do- A real-world phishing incident was recently reported in main names, also known as Internationalized Domain Names Austria targeting the Bank Austria Web site located at www. (IDN), the risk has significantly increased even for the most ba-ca.com by registering the fake domain ba-cq.com. cautious users. The author explores the various types of While this classic address spoofing attack can be discov- address spoofing attacks focusing on IDN, and presents a ered by carefully looking at the current URL, the recently in- novel client-side Web browser plug-in Quero which imple- troduced concept of Internationalized Domain Names (IDN) ments several techniques—including highlighting—to pro- can be taken advantage of to spoof addresses which are no tect the user against visually undistinguishable address ma- longer visually distinguishable from their legitimate counter- nipulations. parts. Simplified IDN extends the repertoire of registrable characters to (a subset of) Unicode [1] (version 3.2). How- ever, due to compatibility considerations, this is not done Categories and Subject Descriptors by a modification to DNS, but left to a client-side resolver D.2 [Software]: Software Engineering; H.5.2 [Information referred to as IDNA (Internationalizing Domain Names in Systems]: Information Interfaces and Presentation—User Applications), which transparently maps Unicode domain Interfaces labels to ASCII-only, DNS-compatible labels and vice versa. Although the authors of IDNA had security in mind, Ga- brilovich and Gontmakher [16] discovered a possible attack General Terms scenario, called the homograph attack, in which the char- Security, Algorithms, Design acters might be replaced by visually identical ones (homo- graphs)2 found in Unicode. Attempts to show only the Keywords ASCII representation of IDN domains in Web browsers or restrict the use of Unicode characters depending on the top- Internet Security, Phishing, Internationalized Domain Names, level domain have so far enjoyed only moderate success. Unicode, Usability, Web Browsers, Internet Explorer “Users can not reliably parse domain names” [12], a reality we must face given the steadily growing number of inexpe- 1. INTRODUCTION rienced Web users. Phishing has become a widespread problem of today’s In- In this article I focus on IDN address spoofing attacks ternet by tricking unsuspecting users into revealing sensitive and propose techniques to protect the user and help her de- information, such as login credentials, on fake Web sites. tect suspicious characters in domain names by following the The URL displayed in the address bar of the Web browser is recently published Unicode Security Considerations [11]. I for many users a trustworthy reference point for their current have implemented an IDN enabling plug-in for Internet Ex- 3 location in the World Wide Web. Furthermore, the domain plorer, called Quero Toolbar [26], and experimented with name has the potential to indicate the origin of the content, the proposed anti-spoofing techniques. In section 2 I dis- a circumstance that is commonly exploited by “phishers” cuss the different types of address spoofing in more detail, and referred to as address spoofing. followed by a list of requirements that an efficient solution Other techniques typically used in phishing attacks in- should take into account in section 3. Section 4 presents my clude content spoofing and spamming, the former referring solution, implemented in Quero, which is briefly described to their resemblance to original Web sites and the latter to in section 5. Related work is discussed in section 7 and con- cluding remarks are given in section 8. Permission to make digital or hard copies of all or part of this work for 1http://futurezone.orf.at/it/stories/86570/ personal or classroom use is granted without fee provided that copies are 2 not made or distributed for profit or commercial advantage and that copies Unicode defines for example the Latin small letter ‘a’ bear this notice and the full citation on the first page. To copy otherwise, to (U+0061) and the Cyrillic small letter ‘a’ (U+0430) as dif- ferent code points. republish, to post on servers or to redistribute to lists, requires prior specific 3 permission and/or a fee. Quero Toolbar is freeware and has been downloaded over Copyright Viktor Krammer, May 2006. 10,000 times between 01/2005–01/2006 1 2. TYPES OF ADDRESS SPOOFING Example: http://www.ebay.com:8080@login. ATTACKS dll-from-email-satitle-update-user-information. secure-connection.attackersdomain.com/... Basically, what all address spoofing attacks have in com- mon is that they lead the user to think she is on a legitimate 2.1.3 Confusion by Random Addresses Web site while actually viewing a fake page. This is achieved by crafting a URL that resembles so closely or is even indis- Although this is not really an address spoofing attack, it tinguishable from the real address so that the user does not is often encountered in phishing scams. The attacker either notice the trick. Address spoofing attacks can be classified does not try to disguise the address at all or relies on a into attacks that rely on user confusion and mistakes, vul- serious-sounding address that has nothing in common with nerabilities in either the Web browser or the legitimate Web the legitimate one. site and visual ambiguity between the encoding of the ad- For instance, http://secure-user-survey.com/exec/ dress and its visual representation. The focus in this article obidos/subst/home/ may mislead users into disclosing per- is mainly on the last type of spoofing, involving security is- sonal information. This attack works best if the user does sues that were introduced or aggravated by the adoption of not look at the address at all. Internationalized Domain Names. Attacks based on software 2.2 Vulnerability-based Attacks vulnerabilities or IDN encoding ambiguity are considered to be the most dangerous, because they can also fool the most This type of address spoofing attack relies on security flaws Internet-savvy user. Below I give a summary of the various in either the Web browser (client-side) or the Web applica- types of address spoofing attacks. tion of the victim’s Web site (server-side), and is therefore very dangerous and hard to detect. 2.1 User Confusion-based Attacks 2.2.1 Client-side Vulnerabilities 2.1.1 Confusion by Name Similarity An historic example is for instance the vulnerability doc- The attacker registers a slightly different domain name umented in the Secunia Advisory SA12304 [33], where In- than the real one. For instance, southtrustonlines.com ternet Explorer fails to update the address bar after a se- instead of southtrust.com. This works because registrars quence of actions is performed on a named window. Al- do not manually review each registration and do not perform though marked as unpatched by Secunia, IE 6.0 SV1 is not similarity checks. Additionally, the attacker might use a fake affected by this vulnerability. Quero’s pop-up blocker blocks or stolen identity for the registration. this attack as well. Another client-side vulnerability in IE known as chrome 2.1.2 Confusion by Address Complexity UI spoofing allows an attacker to spoof elements of the browser’s The simplest and most common form found in phishing UI by creating chromeless pop-up windows [5]. Actual phish- scams is a URL with an IP address. According to the phish- ing attacks use this to overlay the address bar with the origi- ing archive of the Anti-Phishing Working Group4, a real- nal address of the Web site being spoofed. IE 6.0 SV1 limits world attack used for example the following URL: the ability of chrome UI spoofing by restricting the position where such pop-up windows may appear [2]. http://61.129.33.105/secured site/www.skyfi.com/ index.html?MfcISAPICommand=SignInFPP&UsingSSL=1 2.2.2 Server-side Vulnerabilities In these attacks, mainly based on cross-site scripting vul- Often the attacker tries to confuse the user by the sheer nerabilities, malicious content is injected into the victim’s length of the address by adding a cryptic query string and Web site. Strictly speaking, this kind of attack is not an mentioning the original name of the victim’s Web site some- address spoofing attack but the symptoms are the same, where in it to make the address look more familiar. A variant leading the user to believe she is viewing content from the of this attack type is subdomain spoofing, which takes ad- legitimate site when in fact she is not. vantage of the fact that the host name is displayed in least significant label first order. By crafting a sufficiently long 2.3 IDN-based Attacks chain of subdomains the important part of the address, usu- While the former address spoofing attacks are on a word ally the second/third level domain label, may no longer fit or more abstract level, we define IDN-based attacks as being into the visible part of the address field, fooling gullible users on a lower, character-based level, particularly exploiting the into thinking that the domain name is the first part of the encoding subtleties of Unicode. There have been no real- URL.
Load more

Recommended publications
  • International Standard Iso/Iec 10646
    This is a preview - click here to buy the full publication INTERNATIONAL ISO/IEC STANDARD 10646 Sixth edition 2020-12 Information technology — Universal coded character set (UCS) Technologies de l'information — Jeu universel de caractères codés (JUC) Reference number ISO/IEC 10646:2020(E) © ISO/IEC 2020 This is a preview - click here to buy the full publication ISO/IEC 10646:2020 (E) CONTENTS 1 Scope ..................................................................................................................................................1 2 Normative references .........................................................................................................................1 3 Terms and definitions .........................................................................................................................2 4 Conformance ......................................................................................................................................8 4.1 General ....................................................................................................................................8 4.2 Conformance of information interchange .................................................................................8 4.3 Conformance of devices............................................................................................................8 5 Electronic data attachments ...............................................................................................................9 6 General structure
    [Show full text]
  • Unicode and Code Page Support
    Natural for Mainframes Unicode and Code Page Support Version 4.2.6 for Mainframes October 2009 This document applies to Natural Version 4.2.6 for Mainframes and to all subsequent releases. Specifications contained herein are subject to change and these changes will be reported in subsequent release notes or new editions. Copyright © Software AG 1979-2009. All rights reserved. The name Software AG, webMethods and all Software AG product names are either trademarks or registered trademarks of Software AG and/or Software AG USA, Inc. Other company and product names mentioned herein may be trademarks of their respective owners. Table of Contents 1 Unicode and Code Page Support .................................................................................... 1 2 Introduction ..................................................................................................................... 3 About Code Pages and Unicode ................................................................................ 4 About Unicode and Code Page Support in Natural .................................................. 5 ICU on Mainframe Platforms ..................................................................................... 6 3 Unicode and Code Page Support in the Natural Programming Language .................... 7 Natural Data Format U for Unicode-Based Data ....................................................... 8 Statements .................................................................................................................. 9 Logical
    [Show full text]
  • Character Properties 4
    The Unicode® Standard Version 14.0 – Core Specification To learn about the latest version of the Unicode Standard, see https://www.unicode.org/versions/latest/. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trade- mark claim, the designations have been printed with initial capital letters or in all capitals. Unicode and the Unicode Logo are registered trademarks of Unicode, Inc., in the United States and other countries. The authors and publisher have taken care in the preparation of this specification, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The Unicode Character Database and other files are provided as-is by Unicode, Inc. No claims are made as to fitness for any particular purpose. No warranties of any kind are expressed or implied. The recipient agrees to determine applicability of information provided. © 2021 Unicode, Inc. All rights reserved. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction. For information regarding permissions, inquire at https://www.unicode.org/reporting.html. For information about the Unicode terms of use, please see https://www.unicode.org/copyright.html. The Unicode Standard / the Unicode Consortium; edited by the Unicode Consortium. — Version 14.0. Includes index. ISBN 978-1-936213-29-0 (https://www.unicode.org/versions/Unicode14.0.0/) 1.
    [Show full text]
  • Proper Display of Bidirectional Structured Text
    Proper display of bidirectional structured text Authors ● Aharon Lanin (Google) ● Gilead Almosnino (Microsoft) ● Lina Kemmel (IBM) ● Mati Allouche (former IBM) ● Mohamed Mohie (IBM) ● Tomer Mahlin (IBM) Basic terminology 1. Structured text ­ text with inherent structure which must be preserved during display to ​ assure its readability. This article focuses exclusively on the following types of structured text: a. URI (i.e. http://www.hello.world.com/folder) b. email address (i.e [email protected]) ​ ​ c. regular expression (i.e. [a­z]{1}) In this article the term also appears abbreviated as STT (structured text). ​ ​ ​ ​ 2. Bidi ­ Bidirectional a. RTL character ­ character which belongs to a language with ​ right­to­left script (e.g. Arabic, Hebrew, Farsi etc.) b. RTL language ­ language with RTL script (e.g. Arabic, Hebrew, Farsi ​ etc.) c. Bidi language1 ­ a synonym for RTL language ​ ​ d. RTL sentence / phrase / message ­ a sentence, message or phrase ​ which belongs to a RTL language (e.g. Arabic, Hebrew, Farsi etc.) e. Bidi text / data / string ­ text which includes RTL characters but not ​ necessarily belongs to a bidi language. It can be an English sentence that includes RTL, e.g a word in Hebrew or Arabic script. 3. BTD – base text direction. The overall direction of a piece of text and a ​ ​ ​ ​ ​ ​ ​ parameter to the UBA. LTR for English sentences. RTL for Arabic and Hebrew sentences. If the incorrect BTD is applied to a piece of text, it may 1 Please note that neither characters nor languages themselves are bidirectional. Each separate character either has a well defined unique direction (e.g.
    [Show full text]
  • Tech Day: Universal Acceptance
    Tech Day: Universal Acceptance Mark Švančárek Universal Acceptance Today’s Objectives • Definition of Universal Acceptance • Universal Acceptance Steering Group • Challenges • BiDi Stuff • Conclusion 2 Definition of Universal Acceptance ALL domain names and ALL email addresses should work in ALL Internet-enabled applications, devices and systems 3 Universal Acceptance Steering Group (UASG) • A community-based team • ICANN's role is that of supporter, provider of funds • Formed to identify topline issues and proposed solutions, and disseminate best practices • Objective: Help software developers and website owners update systems to keep pace with evolving Internet standards • Message: Universal Acceptance will enable the next billion users build and access their own spaces and identities online • UASG.tech 4 UASG Activities Review Popular Websites, Dev Frameworks, Browsers, OS Build Use Cases, Test Environments, EAI Community Outreach Live Workshops, Panel Discussions, Presentations Writing Knowledge Databases, Whitepapers, Quick Guides 5 Challenges • Technical Challenges • Challenging old assumptions Today’s • Updating old software discussion • Managing backward-compatibility • Business Challenges Learn more • Understanding the opportunity at UASG.tech • Evaluating return on investment 6 Technical Challenges – Old Assumptions • Sometimes coders make bad assumptions about domain name strings and email address strings • This may be because RFCs have changed (e.g. SMTPUTF8) • Or standards may be misleading (e.g. HTML5.3 email input type definition)
    [Show full text]
  • Middle East-I 9 Modern and Liturgical Scripts
    The Unicode® Standard Version 13.0 – Core Specification To learn about the latest version of the Unicode Standard, see http://www.unicode.org/versions/latest/. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trade- mark claim, the designations have been printed with initial capital letters or in all capitals. Unicode and the Unicode Logo are registered trademarks of Unicode, Inc., in the United States and other countries. The authors and publisher have taken care in the preparation of this specification, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The Unicode Character Database and other files are provided as-is by Unicode, Inc. No claims are made as to fitness for any particular purpose. No warranties of any kind are expressed or implied. The recipient agrees to determine applicability of information provided. © 2020 Unicode, Inc. All rights reserved. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction. For information regarding permissions, inquire at http://www.unicode.org/reporting.html. For information about the Unicode terms of use, please see http://www.unicode.org/copyright.html. The Unicode Standard / the Unicode Consortium; edited by the Unicode Consortium. — Version 13.0. Includes index. ISBN 978-1-936213-26-9 (http://www.unicode.org/versions/Unicode13.0.0/) 1.
    [Show full text]
  • Introduction to Universal Acceptance (UA)
    Introduction to Universal Acceptance (UA) Universal Acceptance Steering Group (UASG) 23 September 2019 Universal Acceptance – Report UASG007 TABLE OF CONTENTS About This Document 4 Target Audience 4 Background Concepts 5 Domain Names 5 Country Code Top-level Domains (ccTLDs) 5 Generic Top-level Domains (gTLDs) 5 Domain Name Internationalization 6 The Need for Universal Acceptance (UA) 6 U-labels and A-labels 6 Email Address Internationalization (EAI) 7 Dynamic Link Generation (Linkification) 8 The Dynamic Nature of the Root Zone Registry 8 Universal Acceptance in Action 9 Five Criteria of Universal Acceptance 9 User Scenarios 11 Nonconformance to Universal Practices 12 Technical Requirements for UA Readiness 13 High-Level Requirements 13 Developer Considerations 14 Designing Software for Compatibility and Flexibility 14 Good Practices for Developing and Updating Software to Achieve UA-Readiness 14 Authoritative Sources for Domain Names: DNS Root Zone and IANA Lists 21 Email with IDNs and Why It Is Not the Same as EAI 21 Linkification and Its Challenges 22 Good Practice Recommendations 22 Unicode - Background and Code Point Attributes 23 UTF8, UTF16, and Other Encoding Methods 23 IDNA - A Brief History and Current State 24 Use Cases for Testing 24 Upgrading Software for EAI 25 Advanced Topics 25 Complex Scripts 25 Right-to-Left Languages and Unicode Conformance 25 The Bidi Algorithm 25 The Bidi Rule for Domain Names 27 Joiners 27 Homoglyphs and Similar Characters 28 Introduction to Universal Acceptance - Report UASG007 // 2 Normalization, Case Folding, and String Preparation 28 Case Folding and Mapping 30 Glossary and Other Resources 31 Glossary 31 RFCs and Key Standards 34 Key Standards 37 Online Resources 38 Introduction to Universal Acceptance - Report UASG007 // 3 About This Document The Internet’s technologies, including its naming components, continually evolve and change.
    [Show full text]
  • Arabic Alphabet Pdf
    Arabic alphabet pdf Continue It is used by many to start any language by teaching it parts of speech; however, it is logically better to start our trip by teaching arabic alphabet (Arabic letters), as this is a reasonable starting point. Consider the lack of alphabets, then, how can we form words and/or sentences?! Pronunciation Of Transliteered Isolated Isolated َ د d'l دَال kh ﺧـ ـﺨـ ـﺦ As Ch in the name of Bach خ khā̛ َﺧﺎء h ﺣـ ـﺤـ ـﺢ hā̛ in pronunciation َﺣﺎء j ﺟـ ـﺠـ ـﺞ Sometimes as G in a Girl or, as J's Jar ج Jim ﺛـ ـﺜـ ـﺚ ِﺟﻴﻢ As Th in the theory of ث thā̛ ﺛَﺎء t ت ﺗـ ـﺘـ ـﺖ ـﺔ tā̛ ﺗَﺎء Like T in Tree ت tā̛ ﺗَﺎء b ﺑـ ـﺒـ ـﺐ bā̛ - As B in Baby ـﺎ ـﺎ ﺑَﺎء leff as in Apple̛ أﻟِﻒ Pronunciation Original Medial Final Transcription ﺿـ ـﻀـ ـﺾ as D in the dead still heavy in pronunciation ض d'd َﺿﺎد with ﺻـ ـﺼـ ـﺺ As S in the garden is still heavy in pronunciation ص garden َﺻﺎد sh ﺷـ ـﺸـ ـﺶ as w in she ِﺷﻴﻦ ش shins ﺳـ ـﺴـ ـﺲ sin - Like S in see ِﺳﻴﻦ z ز ـﺰ ـﺰ As in the zoo ز z'y َزاي r ـﺮ ـﺮ rā̛ - Like R in Rama and َراء z ذ ـﺬ ـﺬ Like The Th's ذ z'l ذَال d د ـﺪ ـﺪ as D's dad َ َ How F ف fā̛ ﻓَﺎء gh ﻏـ ـﻐـ ـﻎ As Gh in Gandhi غ ghain ﻋـ ـﻌـ ـﻊ ̛ع ﻏَﻴﻦ /aliﻋﻠﻲ /ع has no real equivalent sometimes they replace it sound with sound like, for example, Ali's name for ع ainﻋَﻴ ٍﻦ ع ẓ ﻇـ ـﻈـ ـﻆ As in zorro still heavy in pronunciation ظ ẓā̛ ﻇﺎء tons ﻃـ ـﻄـ ـﻂ As T in the table is still heavy in pronunciation ط tā̛ ﻃﺎء d <ﺻـ ـﺼـ ـﺺ <7 w'w'w' , Like the W in response to the وَاو h ﻫـ ـﻬـ ـﻪ Like the H in He ه ﻫـ hā̛ ﻫَﺎء n ﻧـ ـﻨـ ـﻦ nun - Like the
    [Show full text]
  • UAX #9: Unicode Bidirectional Algorithm
    Technical Reports Proposed Update Unicode® Standard Annex #9 UNICODE BIDIRECTIONAL ALGORITHM Version Unicode 10.0.0 (draft 1) Editors Mark Davis ([email protected]), Aharon Lanin ([email protected]), and Andrew Glass ([email protected]) Date 2016-11-08 This Version http://www.unicode.org/reports/tr9/tr9-36.html Previous http://www.unicode.org/reports/tr9/tr9-35.html Version Latest http://www.unicode.org/reports/tr9/ Version Latest http://www.unicode.org/reports/tr9/proposed.html Proposed Update Revision 36 Summary This annex describes specifications for the positioning of characters in text containing characters flowing from right to left, such as Arabic or Hebrew. Status This is a draft document which may be updated, replaced, or superseded by other documents at any time. Publication does not imply endorsement by the Unicode Consortium. This is not a stable document; it is inappropriate to cite this document as other than a work in progress. A Unicode Standard Annex (UAX) forms an integral part of the Unicode Standard, but is published online as a separate document. The Unicode Standard may require conformance to normative content in a Unicode Standard Annex, if so specified in the Conformance chapter of that version of the Unicode Standard. The version number of a UAX document corresponds to the version of the Unicode Standard of which it forms a part. Please submit corrigenda and other comments with the online reporting form [Feedback]. Related information that is useful in understanding this annex is found in Unicode Standard Annex #41, “Common References for Unicode Standard Annexes.” For the latest version of the Unicode Standard, see [Unicode].
    [Show full text]
  • Displaying Bidirectional Text Concordances in KWIC Format
    Displaying Bidirectional Text Concordances in KWIC format Pavel Rychl´y, Vojtˇech Kov´aˇr Faculty of Informatics Masaryk University Botanick´a68a, 602 00 Brno, Czech Republic {pary,xkovar3}@fi.muni.cz Abstract. The concordance view is one of the main functions of a corpus query system. Usually, it is displayed in the “Key Word(s) In Context” (KWIC) format. It is a table that contains a keyword (or keywords) in its middle column and the left and right context - words that girdle the keyword - in the other two columns. The concordance view enables corpus users to see all possible occurrences of the keyword easily. Other important task for corpus query system is to deal with as many languages as possible. Documents in corpora can also be bilingual or multilingual, e.g. many documents in any language contain English expressions. By handling languages with right-to-left script, e.g. Arabic or Persian, these bilingual documents are usually bidirectional. Since the data is stored in logical order, there is a problem how to display the correct word order in the concordance view. The current corpus query systems can not handle this task well. In the paper, we describe the problem of displaying bidirectional texts in the word concordance view and introduce a system that can handle these texts. A few examples of English word sequences in a corpus of Persian are given. We describe display algorithms and corpus input file modifications needed to achieve the correct word order in the concordance view. We also discuss some related problems, e.g. working with neutral characters (like punctuation or numbers) and the recognition of the left-to-right (right-to-left) text boundaries.
    [Show full text]
  • The Unicode Standard, Version 3.0, Issued by the Unicode Consor- Tium and Published by Addison-Wesley
    The Unicode Standard Version 3.0 The Unicode Consortium ADDISON–WESLEY An Imprint of Addison Wesley Longman, Inc. Reading, Massachusetts · Harlow, England · Menlo Park, California Berkeley, California · Don Mills, Ontario · Sydney Bonn · Amsterdam · Tokyo · Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and Addison-Wesley was aware of a trademark claim, the designations have been printed in initial capital letters. However, not all words in initial capital letters are trademark designations. The authors and publisher have taken care in preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The Unicode Character Database and other files are provided as-is by Unicode®, Inc. No claims are made as to fitness for any particular purpose. No warranties of any kind are expressed or implied. The recipient agrees to determine applicability of information provided. If these files have been purchased on computer-readable media, the sole remedy for any claim will be exchange of defective media within ninety days of receipt. Dai Kan-Wa Jiten used as the source of reference Kanji codes was written by Tetsuji Morohashi and published by Taishukan Shoten. ISBN 0-201-61633-5 Copyright © 1991-2000 by Unicode, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or other- wise, without the prior written permission of the publisher or Unicode, Inc.
    [Show full text]
  • Pdflib Tutorial 9.0.1
    ABC PDFlib, PDFlib+PDI, PPS A library for generating PDF on the fly PDFlib 9.0.1 Tutorial For use with C, C++, Cobol, COM, Java, .NET, Objective-C, Perl, PHP, Python, REALbasic/Xojo, RPG, Ruby Copyright © 1997–2013 PDFlib GmbH and Thomas Merz. All rights reserved. PDFlib users are granted permission to reproduce printed or digital copies of this manual for internal use. PDFlib GmbH Franziska-Bilek-Weg 9, 80339 München, Germany www.pdflib.com phone +49 • 89 • 452 33 84-0 fax +49 • 89 • 452 33 84-99 If you have questions check the PDFlib mailing list and archive at tech.groups.yahoo.com/group/pdflib Licensing contact: [email protected] Support for commercial PDFlib licensees: [email protected] (please include your license number) This publication and the information herein is furnished as is, is subject to change without notice, and should not be construed as a commitment by PDFlib GmbH. PDFlib GmbH assumes no responsibility or lia- bility for any errors or inaccuracies, makes no warranty of any kind (express, implied or statutory) with re- spect to this publication, and expressly disclaims any and all warranties of merchantability, fitness for par- ticular purposes and noninfringement of third party rights. PDFlib and the PDFlib logo are registered trademarks of PDFlib GmbH. PDFlib licensees are granted the right to use the PDFlib name and logo in their product documentation. However, this is not required. Adobe, Acrobat, PostScript, and XMP are trademarks of Adobe Systems Inc. AIX, IBM, OS/390, WebSphere, iSeries, and zSeries are trademarks of International Business Machines Corporation.
    [Show full text]