Text only | Text with Images

IDNetters Forums

Technical News & Discussion => Windows News & Discussion => Topic started by: DorsetBoy on Dec 01, 2010, 08:15:24

Title: A warning on shortened URL's
Post by: DorsetBoy on Dec 01, 2010, 08:15:24
Several sites/forums I use are now banning the use/posting of shortened or masked URL's as they are now a much used source of malicious redirects to infected pages and worms.

This is a masked URL, how do you know it is safe to click? (http://security.thejoshmeister.com/2009/04/how-to-preview-shortened-urls-tinyurl.html) ( this one is safe)

On Facebook, Twitter and many forums you also see shortened URL's created using tinyurl  ( and others ) and it is habit to just click the link but do you know where you are being directed to?


http://security.thejoshmeister.com/2009/04/how-to-preview-shortened-urls-tinyurl.html   joshmeister gives some help on how to check the link before you jump in, it may well save your system from attack.
Title: Re: A warning on shortened URL's
Post by: zappaDPJ on Dec 01, 2010, 08:21:35
By coincidence I never do that because I'm too lazy but I actually made the effort and did it today with my forum upgrade announcement ;D




And now all your passwords are mine :muahaha:

More seriously that's very good advice :)
Title: Re: A warning on shortened URL's
Post by: D-Dan on Dec 01, 2010, 09:43:19
I have the Greasemonkey script installed (I chose the script so that I could examine the source to make sure it wasn't doing anything untoward), which will show the expanded URL in a tooltip type popup when you mouseover. Very useful :)

Steve
Title: Re: A warning on shortened URL's
Post by: Rik on Dec 01, 2010, 09:50:52
I've always felt wary of 'obscured URLs'. I like to know where I'm being taken so I can decide if I want to go there.
Title: Re: A warning on shortened URL's
Post by: Technical Ben on Dec 01, 2010, 09:53:31
I don't mind for forum links, as I always look at the info bar at the bottom of the browser. But I understand for tinyurls. Perhaps Tiny url companies could use a redirect page with a "yes/no" button. Then as long as the link is "www.tinyurlwetrust.com" and not some other site, you know you can trust them?
Title: Re: A warning on shortened URL's
Post by: Rik on Dec 01, 2010, 09:57:46
Good idea, Ben. Quick, patent it. ;)
Title: Re: A warning on shortened URL's
Post by: Tacitus on Dec 02, 2010, 09:37:48
I've got GreaseMonkey installed but I can't find the script you refer to despite trawling their script site....   Most of the expander scripts (eg Xpndit!) decode to a separate window rather than as a mouseover.
Title: Re: A warning on shortened URL's
Post by: D-Dan on Dec 02, 2010, 09:43:00
It's here:

http://userscripts.org/scripts/show/32115

Steve
Title: Re: A warning on shortened URL's
Post by: Technical Ben on Dec 02, 2010, 10:07:26
Quote from: Rik on Dec 01, 2010, 09:57:46
Good idea, Ben. Quick, patent it. ;)
Well Open DNS and Firefox/IE do similar already with attack sites saying "do you wish to continue, may contain a virus". So why not Tinyurl as well? "Do you wish to continue to www.ebay.com"
Title: Re: A warning on shortened URL's
Post by: Tacitus on Dec 02, 2010, 10:10:33
Quote from: D-Dan on Dec 02, 2010, 09:43:00
It's here:
http://userscripts.org/scripts/show/32115
Steve

Thanks Steve  :)

Text only | Text with Images