Welcome to WebmasterWorld Guest from 50.19.135.67

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

URI Shortener Makes Partnerships To Protect Users From Malicious Links

     

engine

3:43 pm on Dec 1, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



URI Shortener Makes Partnerships To Protect Users From Malicious Links [wired.com]
Bit.ly, the service Twitter uses to shorten URLs to keep them under the service’s 140-character limit, announced partnerships on Monday with Verisign, Websense and Sophos that are designed to keep spam and malicious software off of the network.

The partnerships should help solve a major problem with the service: that you don’t know where your browser will take you after you click on a shortened link, which makes Twitter the perfect potential hideaway for spammers, scammers, phishers and the like.

Bit.ly’s new partnerships aim to solve that problem in three ways.

Verisign’s iDefense service will screen IP addresses, domains and URLs based on its reputation database, to find those that “host exploits, malicious code, command and control servers, drop sites and other nefarious activity,” according to Bit.ly general manager Andrew Cohen.

WebSense’s ThreatSeeker Cloud will analyze the content on pages linked to through Bit.ly in real-time to identify and block “spammy URLs, malicious content and phishing sites.”

Meanwhile, Sophos rounds out the equation by analyzing the behavior of potential spammers to “go[] beyond blacklists, to proactively detect spam and malware.”

httpwebwitch

3:52 pm on Dec 1, 2009 (gmt 0)

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member



yay!

The invisibility of the destination URL is what I hate most about URL shorteners. Glad to see that Twitter is doing something constructive regarding it.

IMHO the only real solution to all those problems is not to use shorteners at all. But alas, with length limits on tweets they are a dastardly necessity. Hmm, or we could all just stop using Twitter... hahahaha LOL

incrediBILL

4:36 pm on Dec 1, 2009 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Meanwhile, simple software like Power Twitter already exists that extracts the page title of the destination and exposes the full path in your browser. Additionally, Twitter itself could easily deploy this very same feature to any Ajax capable browser.

Big whoop.

mack

5:16 pm on Dec 1, 2009 (gmt 0)

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Or Twitter could reduce the url to some form of anchor text "Link" allowing the user to mouseover and view url.

Mack.

g1smd

10:20 pm on Dec 1, 2009 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Not doable when the user receives the message as an SMS; 140 is all there is. The user will select the short URL and that will in turn open their phone browswer to look at the web. There's no easy way to protect those users, unless their phone browser could display an interstitial page warning what the true URL really is and force the user to select proceed or cancel.

graeme_p

6:21 am on Dec 2, 2009 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



There is also a Firefox add-on that does this: I do not use it because it is not compatible with Tree style tabs.

Also, I only even see these on Twitter, and anyone who sends me to a malicious site is going to be rapidly "unfollowed".

incrediBILL

6:26 am on Dec 2, 2009 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Not doable when the user receives the message as an SMS; 140 is all there is.

The software that receives the message can query the URL and display the expanded version.

There is always software between the USER and the SMS so there is no excuse for not automatically expanding the URL in the device receiving the SMS to expose it's content.

Additionally, a simple setting PER USER could also require all tiny url's to go to the PREVIEW mode of the TINY URL service by default, lots of options.

Trav

6:43 pm on Dec 4, 2009 (gmt 0)

5+ Year Member



Super glad to see this getting underway. I've been waiting for some huge malware issue to prompt this action, but I'm glad it didn't quite take that extreme of a problem.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month