Skip redundant pieces

Become a fan of Be SeKUre on Facebook facebook.com/BeSeKUre
Follow us on Twitter! beseKUre
Send this page to a friend!
Enter recipient's e-mail:

The Breach Blog
F-Secure: News from the Lab
Podcasts
PaulDotCom Security Weekly
Security Now!
Security Bites

User login

HomeFirefox Add-ons: Long URL Please

Reply to comment

Firefox Add-ons: Long URL Please

Wed, 10/14/2009 - 19:35 — Julie Fugett

As part of our celebration of Cybersecurity Awareness Month, we'll be posting quick writeups on our favorite Firefox add-ons that enhance the security and privacy of your web browsing experience. We don't necessarily recommend you install every single add-on we show here; just that you evaluate them to see if they meet your needs. Questions? Leave them in the comments!

Today's add-on is Long URL Please. You've probably encountered URLs from URL shortening services like TinyURL, bit.ly, and others. Given a bit of time and a little imagination, most of us can think of ways for URL shortening services to be used for evil. Most of us would just use them for fun--to Rick-roll our friends. Unfortunately, others use them to spread malware, most famously the Koobface worm.

From the Security Fix blog entry entitled "Spammers, Virus Writers Abusing URL Shortening Services:"

"...the latest to abuse these services is the Koobface worm, which targets users of social networking sites like Facebook (Koobface is an anagram of Facebook) and Myspace. It's now also spreading via microblogging service Twitter. Koobface arrives as a message that urges users to click on a link to a video, which invariably leads to a site that prompts the visitor to install a missing video plug-in. The fake plug-in turns the user's system into a bot that can be used for a variety of criminal purposes, from spamming to attacking other computers and spreading the worm."

So what can you do about it? Step one is common sense--be careful about clicking on links, whether they're from someone you trust or not. Step two is to install the Long URL Please add-on for Firefox. Long URL Please takes those shortened URLs and shows you where they really go--right in your browser window!

Here's a screencap of the Be SeKUre Twitter feed in a browser without Long URL Please:

Click to enlarge:

Be SeKUre Twitter feed

Looking at that, there's no way of having any idea where those links lead--they could go to Facebook, another blog, or even a malicious website! Now let's have a look at the same Twitter feed with Long URL Please installed:

Click to enlarge:
Be SeKUre Twitter feed

While we can't see the entire URL, we CAN see that some links go to Facebook, while another goes to an article on USA Today. Rather than clicking links blindly, this allows you to make a more conscious decision. In concert with good common sense, a bit of know-how, and a couple of other add-ons, Long URL Please can go a long way towards keeping you safe while you surf the web. The good news is Long URL Please works on many different URL shortening services (as of this writing, they support 73 different services!) and it translates URLs on every website you visit--not just Twitter.

You can read more about Long URL Please on their website and then download it from the official Mozilla.org repository of Firefox add-ons.

Reply

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options