Tuesday, November 27, 2007

TinyURL could be hazardous to your health

As mentioned in this post by PR aficionado Steve Rubel, the TinyURL service went down briefly, which potentially leaves lots of other services in the lurch.

Personally, I felt no pain because TinyURL was down. That's because I don't use it and I don't think you should either.

Why? Because it allows potential attackers to hide bad URLs. Indulge me for a second, if an attacker wanted to get you to click on a link and browse to a web page with malicious cargo, all they would have to do is send you a spam email with a TinyURL link.

Most people would just click on it and their machine would be compromised. But since you are reading Security Mike's Blog, you aren't most people. Thus, you'll get into the habit of not clicking on any obscured links - like TinyURL provides.

I know the TinyURLs are much prettier. Beauty is only skin deep - remember that.

No comments: