December 29th, 2008
FriendFeed, Twitter address URL redirection risks; Facebook, LinkedIn, MySpace lag behind
When I compiled my crowdsourced 2009 predictions earlier this month, several people shared with me the same forethought: URL redirection leveraged by phishers could create a bottoming out of sorts for Twitter. The concern is that masked URLs could lead to stolen data or drive-by-malware, making it too late for the poor user who clicks the link once he or she figure out what happened.
I’m uncertain as to why users are concerned about this threat more in 2009 than they were in 2008, nor am I certain why Twitter is getting singled out. I imagine part of it is because Twitter is starting to go more mainstream and early adopters of social networks tend to be more tech and security savvy than the general user. Regardless, social networks are starting to take this apparent threat more seriously with FriendFeed the furthest ahead, recently introducing a lauded security feature — scrollover for redirected URLs. Now FriendFeed users can preview the URL they are about to click to gauge for themselves any apparent risk.
When I spoke with Twitter co-founder Biz Stone in June he told me, that the social network was concerned about URL redirection and was “looking into other ways to display shared links, for example noting whether a link goes to a picture or a video or some other media element.” A month later, Twitter acquired Summize and turned it into Twitter Search, which now does, in fact, include a URL expansion option in its “search results” page. However, there is nothing yet on the Twitter Web site itself nor is there a way to mandate URL expansion through the many Twitter clients. I briefly caught up with Stone again yesterday, who told me that plans for increased security continues to be a work in progress.
“You can expect us to provide a better experience on the home page as well but I don’t have an exact deploy date for you right now,” he said.
But how much do these security features help with URL redirection anyway?
“The scrollover is only useful for users who are Internet savvy enough to recognize what may be a potentially malicious Web page from the URL itself,” said Adam J. O’Donnell, Ph.D., director of emerging technology for Cloudmark and ZDNet security blogger. ” If you look at it another way, providing scrollover URL reveals hasn’t stopped phishing.”
Web developer and computer programmer Shannon Whitley notes that Twitter pushing out more URL redirection security features might be incredibly complicated from a technology perspective, and somewhat fruitless in the long run.
Next: What about other social networks? –>
Pages: 1 2
Jennifer Leggio, aka "Mediaphyter," writes about the "social business" side of social media - including enterprise, security and reputation issues. See her full profile and disclosure of her industry affiliations.
For daily updates on Jennifer's activities, follow her on Twitter.
Subscribe to Social Business via Email alerts or RSS.
