iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Resizing Shortened URLs So You Know What You’re Clicking
Search:
[ insider_reports_insider ]

Resizing Shortened URLs So You Know What You’re Clicking



SecurityProNews
Staff Writer
2009-02-19

SecurityProNews: Insider Reports Insider Reports RSS Feed


Tools for shortening URLs have become very popular in the age of microblogging, but shortening a URL to incomprehensible code makes it impossible to know what you're clicking on.

Resizing URLs
Resizing URLs
The now quintessential microblogging service is Twitter, which limits messages sent to a group of followers to 140 characters. This makes it difficult to post URLs with long set of parameters that follow. The necessity to shorten those URLs gave rise to services like tinyurl, is.gd, ping.fm, bit.ly, tweetburner and others.

The consequence then became users were clueless about what they were clicking. That wouldn't be a huge deal so long as the link comes from a trusted source-someone a person knows whom they follow, or a friend on a social network. But recently social network accounts-not so much the networks themselves, except in one very embarrassing breach-have themselves become targets because of users' lack of good security practices.

As is known throughout the hacker community, a simple dictionary attack has a great track record of cracking a large percentage of user passwords. Because it's so easy, crooks have been hijacking social network accounts and spamming those persons' friends, sometimes with malicious intent.

That makes a shortened URL a hacker's best friend. The recipient trusts the sender and thinks they are being directed to (for example) a CNN news page, but instead find they have been "Rickrolled," as it is called now, to a dangerous malware-infested website.

Luckily, there are smart people out there to help. One free tool recently developed is LongURL. At the website, a user can double check a shortened URL by pasting it into the tool bar. LongURL will return what address the link resolves to so the user can judge whether or not to click on it. There's also a Firefox extension that works by mouseover while actually on Twitter and the like, which makes it pretty convenient.

The next thing to do is consider one's social networking password and make sure the account is not easily hijacked.


About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds