Twitter Tries to Tame Tainted Links
Faced with a recent surge in the number of malicious software programs using its micro-blogging service to spread, Twitter is making an effort to block users from posting links to known malicious Web sites.
The initiative, first noted in a blog posting by Finnish anti-virus maker F-Secure Corp., involves the use of Google's Safe Browsing program, which the search giant uses to prevent Internet users from visiting Web sites that Google's bots have flagged for installing malicious software.
"Our Safety and Security team has been using the Safebrowsing API for many months," Twitter co-founder Biz Stone wrote in a reply to an inquiry by Security Fix.
Web sites flagged in Google searches by the Safe Browsing bots are generally accompanied by a warning under the search result listing that reads: "This Site May Harm Your Computer." If you ignore that warning and click the link anyway, Google will try to prevent you from visiting the site.
If you try to Tweet a link to a site flagged by Google's Safe Browsing program, Twitter blocks the attempt, briefly displaying a message that reads: "Oops! Your tweet contained a URL to a known malware site!"
As others have noted, however, this approach is far from perfect. For one thing, Google's program indexes only a fraction of the malicious sites out there. What's more, Twitter's URL filtering treats the same malicious URL differently, depending on how it is tweeted.
For example, Twitter will allow me to tweet a link to y18032009.com, a site that has been identified by Google's Safe Browsing program as malicious. (Don't visit the site, but you can read Google's writeup on it here.) If, however, I add a "www." to the front of that Web address, Twitter's malware warning blocks my Tweet.
Unfortunately, Twitter fails to block that same URL if I run it through any one of the popular URL-shortening services out there. Hopefully, Twitter will work this out going forward, since a majority of the malware threats spreading via Twitter appear to have been disseminated via shortened URLs.
Alert readers may have noticed from the above image that my Twitter name is "briankrebs". Please feel free to follow me on Twitter!
August 4, 2009; 4:32 PM ET
Categories: From the Bunker , Safety Tips | Tags: google, twitter, url shorteners
Save & Share: Previous: Security Updates for iPhone, Adobe Reader
Next: Researchers: XML Security Flaws are Pervasive
Posted by: jbk123 | August 4, 2009 9:42 PM | Report abuse
Posted by: Bitter_Bill | August 5, 2009 8:49 AM | Report abuse
Posted by: WashingtonDame | August 5, 2009 11:04 AM | Report abuse
Posted by: mhenriday | August 5, 2009 11:43 AM | Report abuse
Posted by: gabby_31 | August 5, 2009 2:05 PM | Report abuse
Posted by: JimGoldbloom1 | August 5, 2009 2:10 PM | Report abuse
The comments to this entry are closed.