In Drupal, a user can impersonate someone else by using non-Latin characters in their username. For example, a user named "admin" can be impersonated by registering as "admin" with a Cyrillic small character "a".
Fixing this hole will make online communities safer. You'll learn to write Drupal modules, write unit tests, and safely handle Unicode text.
In order to prevent this type of attack, Drupal will need to trim and transliterate (convert to ASCII) each user name, and store this value in the database. Before allowing a new account to be created, the name will be checked to see if a similar user exists.
The deliverable will be a contributed module compatible with Drupal 7.x, including unit tests in the SimpleTest framework. The transliteration module should be used as a dependency.