Study: shorten links services the user has been subjected to violation of privacy and malware




Issued security researchers from Cornell University technical Cornell Tech research paper for shortening links services through which study the potential of these services are security problems, and come up with a list of points their own weaknesses, which may lead to a violation of user privacy or even to exposure to malicious attacks.

And it turns a lot of users to shorten the links in order to share it via social networks or chat applications, as are many of the companies on Google and Microsoft-style offering shorten links service cloud their own storage services so I have a user with the participation of private associations Bmelvath with others.

The study found that Microsoft Corp. relies on shortened links location to generate short links for files of users on the cloud onedrive OneDrive storage service, and these links have the structure can be expected, which in turn will facilitate the process of consideration of the one of the file link, and then explore other files that have been shared by the same user.

The researchers were able to depending on this trick to find the files that contain sensitive information, and some of these files are open for writing allowing field supposed attacker viruses, malware injection within these files easily.

The researchers said they are looking into the short to links to the Google Maps service has been able to determine the geographical locations of the final users and their destinations.

Google has to respond quickly upon receipt of the warning from researchers about the weaknesses of the service for shortening links, and the added security precautions prevented from which any potential hackers or malicious software to scan the short Anoan search for loopholes. As Microsoft has disabled the shortened links the property in onedrive informing the service gap.

The study noted some of the solutions that can be for companies that provide services to shorten links followed to make their services more secure. The proposed solutions do companies build shorten their own links service and not rely on public services such as, and the use of the means of protection like CAPTCHA to prevent malware from making repeated surveys on the links, and developing interfaces powerful software do not facilitate detect all the files process through one link.


In: A Technology & Gadgets Asked By: [21487 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »