<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>I do them. Unless you want to go far, far into the weeds, this is
not a fun story to research. Trust me on this. I use VMs to test
some of them..... and have had to crater the instances on numerous
occasions. This is a grad student thesis.<br>
</p>
<p>Tom</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 10/08/2018 12:09 PM, Dana
Blankenhorn wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAGAFpRe1=GcqXUQz1Gg-z=KXkVXX00712Ne54VAhQv+nEYWuLg@mail.gmail.com">
<div dir="ltr">Great story for someone on the list who does
security stories. <ahem></div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Mon, Oct 8, 2018 at 12:05 PM Tom Henderson
<<a href="mailto:thenderson@extremelabs.com"
moz-do-not-send="true">thenderson@extremelabs.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote">Fellow Guilders,<br>
<br>
I can give you a long list of <a href="http://ow.ly"
rel="noreferrer" target="_blank" moz-do-not-send="true">ow.ly</a>
shortened URLs that will give you a <br>
malware dose the size of Cincinnati.<br>
<br>
ONE SINGLE MISTYPED character will send a user into plain
hell.<br>
<br>
<a href="http://bit.ly" rel="noreferrer" target="_blank"
moz-do-not-send="true">bit.ly</a>, <a
href="http://direc.it" rel="noreferrer" target="_blank"
moz-do-not-send="true">direc.it</a>, and many other URL
shorteners are similarly infected.<br>
<br>
May I strongly suggest not using them, please. Yes, your URL
is probably <br>
fine, but a single mistyped character can be explosive.<br>
<br>
THESE ORGANIZATIONS DO NOT SCAN TARGETS FOR MALWARE or URL
target <br>
integrity.<br>
<br>
Please please please reconsider their use and use the long
URL. I have <br>
been using a highly-sandboxed instance to extract the URL and
re-post <br>
them on places like twitter, but this is getting old.<br>
<br>
I can't give you the ones with malware, because you'll get
infected or <br>
your own anti-malware software will trigger (hopefully).<br>
<br>
I'm not kidding, please reconsider using them and the <br>
don't-give-a-hootsuite-type apps that generate them.<br>
<br>
These organizations do not respond to URL takedown requests.<br>
<br>
Thanks,<br>
<br>
Tom<br>
<br>
<br>
-- <br>
Tom Henderson<br>
ExtremeLabs, Inc.<br>
<a href="tel:+1%20317-250-4646" value="+13172504646"
target="_blank" moz-do-not-send="true">+1 317 250 4646</a><br>
Twitter: @extremelabs<br>
Skype: extremelabsinc<br>
<br>
<br>
-- <br>
Ipg-smz mailing list<br>
<a href="mailto:Ipg-smz@netpress.org" target="_blank"
moz-do-not-send="true">Ipg-smz@netpress.org</a><br>
<a
href="http://netpress.org/mailman/listinfo/ipg-smz_netpress.org"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://netpress.org/mailman/listinfo/ipg-smz_netpress.org</a><br>
</blockquote>
</div>
-- <br>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">Dana Blankenhorn
<div><a href="http://www.danablankenhorn.com"
moz-do-not-send="true">http://www.danablankenhorn.com</a></div>
<div><a
href="http://investorplace.com/author/danablankenhorn/#.WJzBOzsrLIV"
moz-do-not-send="true">http://investorplace.com/author/danablankenhorn/#.WJzBOzsrLIV</a><br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Tom Henderson
ExtremeLabs, Inc.
+1 317 250 4646
Twitter: @extremelabs
Skype: extremelabsinc</pre>
</body>
</html>