I suppose: other users, if you store the first user's text and transmit it to another one.

Well then it’s a failure of UI design if you think this can cause confusion. In any UGC design it should be extremely clear which text is generated by another user and which belongs to the site itself.

▲

netsharc 5 hours ago | parent | next [-]

What if a user with the name kссqzу (k[Cyrillic c][Cyrillic c]qz[Cyrillic y]) pretends to be you, sends your friend a PM and extracts a secret out of them?

	▲	kccqzy 4 hours ago \| parent [-]
		Now you are just making up implausible scenarios that don’t help. A chat app or any app with a PM feature either has a globally unique user name feature or has an internal identifier for the user so the user-chosen name doesn’t have to be unique. In the former case, any user will be able to see two seemingly identical user names in their chat list, but one with no chat history. In the latter case, well humans are known to have duplicate names too, so Cyrillic characters don’t even come into the picture.

▲

zahlman 7 hours ago | parent | prev [-]

No, no. The problem is, say you operate a forum; a malicious user makes a post that uses a Unicode confusion attack on a URL to direct other forum members to an attack site (e.g. a phishing site).