Category: Security

Security and shortened links

Traditionally, link addresses to webpages include a path to a file’s location.  For example, in the address www.yourdomain.com/images/family/dog1.jpg indicates that at yourdomain.com, the picture dog1.jpg lives in the “family” folder inside the “images” folder.  As you can imagine, some of these addresses can get quite long.  The links can get even more complicated if the site is built using the PHP programming language.  This can pose a problem if you would like to share a link using software with a character limit, such as Twitter.  Enter the URL shortening services.  By registering your link with a company such as bit.ly or TinyURL, you can get a much shorter link address that will forward to your intended page.

As with many great ideas, some nefarious people have found a way to exploit this service.  They use shortened URLs to mask links to malicious sites.  So, how can you know if that shortened link someone posted or sent you is legitimate before you click it?  Thankfully, there are a few ways to check.

  • bit.ly – If your link has this text in the address, copy the link and paste it into your browser.  Add a + to the end of the link and enter.  This will bring you to a special bit.ly page that will give you details about the link, including the fully expanded URL.
  • TinyURL – Copy and paste a TinyURL link into a browser address bar.  Add the word preview before the address.  For example, tinyurl.com/3k2k91 becomes preview.tinyurl.com/3k2k91.  Following the preview link will bring you to a preview of the page with the fully expanded link without exposing you to malware.
  • If you use the Mozilla Firefox browser, there is an add-on called bit.ly preview that will display information on the link while you hover over it with your mouse.
  • Google Chrome users can also download a similar extension.
  • If you have several links to check, or do not want to use the above options, you can paste shortened URLs into LongURL, ExpandMyURL or Long URL Please.

For more information on how to preview shortened URLs, please visit Joshua Long’s comprehensive guide.  Though people you trust would not willingly send you a malicious link, it’s always a good idea to vet any links before clicking on them.

The lowdown on anti-malware programs

Welcome to Tech Tips!  To learn more about us, please click the “About” tab at the top of the page.

Today’s inaugural post [Warning: this information is outdated! -ed.] concerns anti-virus and anti-malware software.  In today’s world, it seems like our computers are under constant attack.  Fortunately, there are several excellent tools to help us combat nasties that are trying to invade our computers.  The even better news is that many of these tools are free!  Here is the rundown on some of my current favorites:

  1. Microsoft Security Essentials This is a free download from Microsoft designed to work with Windows XP, Vista, and 7.  It is an all-in-one solution including both anti-virus and anti-malware definitions.  A user can set the software to update and run completely automatically, or be prompted to gather updates and run scans (if desired).  I have been using it with Windows 7 for over 8 months without any sort of infection.  To make sure it was really doing its job, I ran another tool once per week to see if MSE had missed anything.  It hadn’t.
  2. Malwarebytes Anti-Malware I use the free version of this product to double-check virus scans by other software.  If a computer is acting suspicious, but the resident anti-virus software didn’t detect anything, I run this program.  Though it is not a good idea to install more than one anti-virus program on a single computer, the free version does not seem to conflict with MSE or Symantec products.  You will need to purchase the full version in order to get realtime protection, automatic updates, and automatic scanning.  (Windows 2000/XP/Vista/7)
  3. AVG Another anti-virus program.  Like Malwarebytes, the free version is limited and scans/updates need to be initiated manually.

A good rule of thumb is to run the deepest scan possible the first time a program is used.  This will probably take awhile, so you may want to do it overnight.  From then on, the shorter scans should suffice, unless an infection is suspected.  If your software finds threats on your computer, make sure to take a look at each one to make sure it wasn’t a false positive.  For instance, some cookies placed on your computer by website may show up as threats, but you may need that cookie to make your online experience more convenient.  For example, online banking can generate cookies that, if removed, require re-registration of your computer.