Find a Question:
Study: shorten links services the user has been subjected to violation of privacy and malware
Issued security researchers from Cornell University technical Cornell Tech research paper for shortening links services through which study the potential of these services are security problems, and come up with a list of points their own weaknesses, which may lead to a violation of user privacy or even to exposure to malicious attacks.
And it turns a lot of users to shorten the links in order to share it via social networks or chat applications, as are many of the companies on Google and Microsoft-style offering shorten links service cloud their own storage services so I have a user with the participation of private associations Bmelvath with others.
The study found that Microsoft Corp. relies on shortened links location Bit.ly to generate short links for files of users on the cloud onedrive OneDrive storage service, and these links have the structure can be expected, which in turn will facilitate the process of consideration of the one of the file link, and then explore other files that have been shared by the same user.
The researchers were able to depending on this trick to find the files that contain sensitive information, and some of these files are open for writing allowing field supposed attacker viruses, malware injection within these files easily.
The researchers said they are looking into the short to links to the Google Maps service has been able to determine the geographical locations of the final users and their destinations.
Google has to respond quickly upon receipt of the warning from researchers about the weaknesses of the service for shortening links, and the added security precautions prevented from which any potential hackers or malicious software to scan the short Anoan search for loopholes. As Microsoft has disabled the shortened links the property in onedrive informing the service gap.
The study noted some of the solutions that can be for companies that provide services to shorten links followed to make their services more secure. The proposed solutions do companies build shorten their own links service and not rely on public services such as Bit.ly, and the use of the means of protection like CAPTCHA to prevent malware from making repeated surveys on the links, and developing interfaces powerful software do not facilitate detect all the files process through one link.Viewing:-198
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!