Go Back   vb.org Archive > Community Central > vBulletin.org Site Feedback
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 11-10-2009, 02:16 AM
BSMedia BSMedia is offline
 
Join Date: Feb 2009
Posts: 454
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Suggestion: Block links from shortening services

I suggest prohibiting the use of URL shortening services at vB.org.

URL's that are passed thru these shortening services can contain links to malicious content, spyware, warez and other garbage sites and server no other purpose other than to mask or conceal a links true identity. The propensity of doing bad, far out weighs any positives for using such a service

Not to mention the potential for "marketing gurus" to slide their affiliate links in.
Reply With Quote
  #2  
Old 11-10-2009, 03:53 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Personally i tend to agree with your suggestion. We had this discussion within staff some time ago and the result was that it was also used a lot for legit reasons by members and we would be limiting them too much if we would block these.
Reply With Quote
  #3  
Old 11-10-2009, 09:16 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Standard links can be used for exactly the same malicious purpose. Its not something unique to short links.
Reply With Quote
  #4  
Old 11-10-2009, 11:48 AM
DeanLag DeanLag is offline
 
Join Date: Jul 2009
Posts: 185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

But the chances is that shortened URLs containing malicious content are high compared to a standard URL.
Prevention is better than cure.

I personally blacklisted the shortened URLs on my board for the same reason as OP mentionned; even if it never happened before.
Good suggestion OP!
Reply With Quote
  #5  
Old 11-10-2009, 12:50 PM
BSMedia BSMedia is offline
 
Join Date: Feb 2009
Posts: 454
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M View Post
Standard links can be used for exactly the same malicious purpose. Its not something unique to short links.


i agree, but then the domain and site thats being linked to isn't masked and we can see where the link goes hence increasing our security and reducing the chance of being taken to a spyware inflicting site

EX: http://thisisabadsite.com/thatinstall/spyware.exe can be made to bit.ly/47cGv and no one will have a clue until people click and are infected

What is one good need for masking URL's on a site like vB.org however. There is no character limitation imposed on the length of posts, so there really isn't a need to hide the actual URL unless it was up to no good.
Reply With Quote
  #6  
Old 11-10-2009, 02:16 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

On what proof do you base the statement that a short url is any more likely to point to malicious code.

I could just as easily post a link like http://mysite/alink and redirect that to malicious code.

If you dont want to follow such links then fine, thats your choice, I dont see why that should mean we block them.
Reply With Quote
  #7  
Old 11-10-2009, 02:24 PM
BSMedia BSMedia is offline
 
Join Date: Feb 2009
Posts: 454
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

okay.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:49 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08882 seconds
  • Memory Usage 2,216KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete