In an effort to curb the abuse that stems from nefarious use of URL shortening services, one of the most popular vendors of such services is teaming up with three security companies to help protect their users. Bit.ly, which sees the most use from social platforms like Twitter, is set to roll out some new protections by the end of the year.
Bit.ly gets layered security for users (IMG:J.Anderson)
Bit.ly has teamed up with VeriSign, Websense, and Sophos to offer a layered defense that will help extend the Malware and Spam protection they already offer the users of their services.
In their announcement on the protections, Bit.ly said that Websense will offer the use of their Threatseeker Cloud service to bolster their existing anti-Spam protections, and at the same time Threatseeker will be used to detect URL’s that are malicious or pure Spam.
VeriSign will offer their iDefense system to detect Malware, and the service’s blacklist will use IP reputation for the detection of exploits, malicious code, and other nefarious sites. Adding to the iDefense measure is Sophos’ offerings that will layer their own behavioral protections to flag Malware and Spam.
One of the interesting things about this layered approach is how it will be used. Bit.ly will scan existing links, instead of new ones. Which is actually a great way to go about things, and more than one expert agrees on this.
“I like bit.ly's approach of checking existing links in case they get compromised, rather than only scanning new links as they are added. This will make it harder for bad guys to game the system. This solution is a lot better than the anti-phishing built into browsers and some search engines, since those rely only on databases of previously-discovered known bad sites,” commented Rich Mogull, of Securosis.
The risks associated with the use of shortened URLs are well established. They have been used in attacks on Facebook, Twitter, and several other social networking sites to spread Malware or just to Spam people at random. Many security experts have warned against trusting these links when they appear from random people, or seemingly random and spammy messages from “friends” in your social network circle.
However, it is nice to see the lengths Bit.ly will go to in order to protect their brand and their users from harm. There are some existing tricks, like adding a plus (+) to the end of a Bit.ly URL to see the source, that help protect users, but the upcoming layered defenses are going to be worth their weight in gold more than likely.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story