Now here's a useful link (thanks to Mikko Hypponen for the tweet that brought it to my attention). I've made the point several times here about being cautious about URLs shortened by bit.ly, tinyurl and the many others. Which is why when I flag our blogs and papers on twitter, I normally use tinyURL or
I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you
We’ve been having some discussion internally about shortened URLs, with specific reference to pointing to web resources on Twitter, where you can’t actually avoid using shortened URLs, because an uncompressed URL is automatically shortened using bit.ly. You may remember that I discussed these issues before here, The main problem, of course, is that it’s all too
The Research team in San Diego has several Twitter accounts that we use, both to follow other people and to keep people who follow us informed about hopefully useful stuff like blogs and new papers. http://twitter.com/esetresearch is the official team Twitter account, but we also post stuff to http://twitter.com/ESETLLC and http://twitter.com/ESETblog, which have more followers at
I’m still getting the occasional request to follow on my most obscure Twitter account, which is protected (meaning that I have to approve requests to follow me on there). Sorry, but if I don’t know who you are, you won’t get approved on that one. Even if I do know who you are, you won’t
Further to our previous blog about the use of TinyURL to obscure malicious links, a family member drew my attention to a problem she was having with the TinyURL site. Every time she tried to access a TinyURL link, she got a page advertising security products. (She was using their free firewall.) It turned out, though, that this
The Register today ran a story about the phishing attack spread by the Google Talk instant messaging system, which uses TinyURL to conceal the real name of the link. John Leyden’s story (quoting Graham Cluley at some length) makes several good points about reducing your exposure to the threat, and Graham’s blog makes some more.