Results 1 to 7 of 7
  1. #1
    Lounger
    Join Date
    Feb 2010
    Location
    Essex, UK
    Posts
    48
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Here's a question. It's not really just IE< but this seemed the most sensible thread to put it in without cross posting. So:

    "Are tiny URLs like bit.ly safe?"

    We are always on the lookout for phishing messages, and we are always told to hover over the link to see where it is sending you, and to only trust websites that we know. But what if that website contained a URL of the bit.ly type? I have no way of knowing where it is going, do I? I can't prove before I click on it what it is supposed to do. So, are they safe - or are they a potential security hole that I should avoid like the plague?

    Cheers from damp & soggy England.
    Stuart

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by Stuart Reynolds View Post
    So, are they safe - or are they a potential security hole that I should avoid like the plague?
    URL shortening services are subject to potential abuse; I think there have been cases of use to drive malware downloads.

    The company behind bit.ly offers add-ons for Firefox and Chrome that expand the links so you can see the destination (see bit.ly Tools), but if there is one for IE (or Outlook, etc.), you'd have to find it somewhere else.

  3. #3
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,462
    Thanks
    16
    Thanked 216 Times in 183 Posts
    O wad some Power the giftie gie us, to see oursels as ithers see us!

  4. #4
    Lounger
    Join Date
    Feb 2010
    Location
    Essex, UK
    Posts
    48
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Very interesting, thank you.

    Although I have to say, that I'm distinctly unimpressed by the bit.ly extension for Chrome. It doesn't appear to do anything except prompt me to get an account. I don't WANT an account - what I want to be able to do is to expand the link before I click on it.

    As to the option of adding + or - to the end of the URL, couldn't the folk who design these things have come up with a common standard, at the very least!

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Other people have been working on this problem...

    Chrome extension to get original of a shortened URL @ Devils' Workshop (Chrome)

    LongURL | Tools (Firefox extension and/or web API)

    Check URL tool from Sucuri (web service)

    Now... where is that add-on for IE that must exist somewhere?

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    UK
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jscher2000 View Post
    Other people have been working on this problem...

    Chrome extension to get original of a shortened URL @ Devils' Workshop (Chrome)

    LongURL | Tools (Firefox extension and/or web API)

    Check URL tool from Sucuri (web service)

    Now... where is that add-on for IE that must exist somewhere?
    When using these type of services, presumably you reveal data about your machine, email account etc. Do you then run the risk of putting the email address that originally received the shortened URL on to a spammer's "suckers list"?

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by David Faulder View Post
    When using these type of services, presumably you reveal data about your machine, email account etc. Do you then run the risk of putting the email address that originally received the shortened URL on to a spammer's "suckers list"?
    If you install a browser add-on, it has the ability to read all the same web pages you do. You should only use software and web sites you trust.

    Historically, most shortened URLs have not been "personalized," i.e., the full URL doesn't contain identifying information such as email address or subscriber number. That could change in the future, but you won't know unless you decode them. Assuming they are not personalized, copying and pasting the shortened URL into a web site for research should not reveal anything other than the usual information collected by web sites (such as your IP address and browser configuration).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •