For anyone with minimalist
tastes or an inability to use copy-paste keyboard shortcuts, URL
shorteners may seem like a perfectly helpful convenience. Unfortunately,
the same tools that turn long web addresses into a few characters also
offer the same conveniences to hackers—including any of them motivated
enough to try millions of shortened URLs until they hit on the one you
thought was private.
That’s the lesson for companies including Google, Microsoft, and Bit.ly in a paper published today by researchers at Cornell Tech. The researchers’ work demonstrates the unexpected privacy-invasive potential of “brute-forcing” shortened URLs:
That’s the lesson for companies including Google, Microsoft, and Bit.ly in a paper published today by researchers at Cornell Tech. The researchers’ work demonstrates the unexpected privacy-invasive potential of “brute-forcing” shortened URLs:
No comments:
Post a Comment