Bugtraq mailing list archives
Re: Filters on url shortening services
From: Andrew Hodgson <andrew () hodgsonfamily org>
Date: Mon, 07 Oct 2002 20:47:13 +0100
On Mon, 07 Oct 2002 21:38:51 +0200, you wrote:
Andrew Hodgson <andrew () hodgsonfamily org> writes:The second is that anyone can create any url, and the user knows very little about what they are clicking on.And this differs in what way from the current state of affairs on the rest of the net?
If the URL was not shortened and the user knew the formats of the current vulnerabilities then they would probably think twice before launching the URL. Furthermore, if I was given a strange looking url I may think twice before launching it. However, with these services it is possible to just click on an unsuspecting url (and the user has probably received a few other URLS with the shortening service already), and thus they may be less suspicious of that the URL actually does.
Anybody is free to start his own shortcut service. Certainly, you don't want to take aways this freedom!
No, I am just advocating the idea of adding filters to the service to stop people from creating malicious URLs with the shortening service. Andrew. -- Andrew Hodgson, Bromyard, Herefordshire, UK. Email: Andrew () hodgsonfamily org
Current thread:
- Filters on url shortening services Andrew Hodgson (Oct 07)
- Re: Filters on url shortening services Florian Weimer (Oct 07)
- Re: Filters on url shortening services Andrew Hodgson (Oct 07)
- Re: Filters on url shortening services Florian Weimer (Oct 07)