[Ipg-smz] The use of URL Shorteners violates security principles
Dana Blankenhorn
danablankenhorn at gmail.com
Mon Oct 8 16:09:37 UTC 2018
Great story for someone on the list who does security stories. <ahem>
On Mon, Oct 8, 2018 at 12:05 PM Tom Henderson <thenderson at extremelabs.com>
wrote:
> Fellow Guilders,
>
> I can give you a long list of ow.ly shortened URLs that will give you a
> malware dose the size of Cincinnati.
>
> ONE SINGLE MISTYPED character will send a user into plain hell.
>
> bit.ly, direc.it, and many other URL shorteners are similarly infected.
>
> May I strongly suggest not using them, please. Yes, your URL is probably
> fine, but a single mistyped character can be explosive.
>
> THESE ORGANIZATIONS DO NOT SCAN TARGETS FOR MALWARE or URL target
> integrity.
>
> Please please please reconsider their use and use the long URL. I have
> been using a highly-sandboxed instance to extract the URL and re-post
> them on places like twitter, but this is getting old.
>
> I can't give you the ones with malware, because you'll get infected or
> your own anti-malware software will trigger (hopefully).
>
> I'm not kidding, please reconsider using them and the
> don't-give-a-hootsuite-type apps that generate them.
>
> These organizations do not respond to URL takedown requests.
>
> Thanks,
>
> Tom
>
>
> --
> Tom Henderson
> ExtremeLabs, Inc.
> +1 317 250 4646 <+1%20317-250-4646>
> Twitter: @extremelabs
> Skype: extremelabsinc
>
>
> --
> Ipg-smz mailing list
> Ipg-smz at netpress.org
> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
>
--
Dana Blankenhorn
http://www.danablankenhorn.com
http://investorplace.com/author/danablankenhorn/#.WJzBOzsrLIV
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://netpress.org/pipermail/ipg-smz_netpress.org/attachments/20181008/06166bb7/attachment.html>
More information about the Ipg-smz
mailing list