Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemuddy

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Viruses and links

McGrath of Harlow 18 Nov 08 - 03:53 PM
Bill D 18 Nov 08 - 04:23 PM
McGrath of Harlow 18 Nov 08 - 08:22 PM
Bill D 18 Nov 08 - 08:28 PM
Nigel Parsons 19 Nov 08 - 12:07 PM
JohnInKansas 19 Nov 08 - 09:38 PM
McGrath of Harlow 20 Nov 08 - 02:18 PM
JohnInKansas 20 Nov 08 - 03:58 PM
Cluin 20 Nov 08 - 04:09 PM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:





Subject: Tech: Viruses and links
From: McGrath of Harlow
Date: 18 Nov 08 - 03:53 PM

In a current thread I mentioned a song, and put up a link to the text in the Digital Tradition.

Later in the thread someone explained they hadn't opened the link - "I never open links unless a friend has notified me in advance that one has been sent or created, one can never be sure if it contains a virus.

Anyway this set me thinking whether there in fact there could be any possibility of that happening, with someone maliciously inserting an innocent looking, but in fact virulent, link in a post.

Any knowledgeable soul who can enlighten me?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: Bill D
Date: 18 Nov 08 - 04:23 PM

well...not a "virus" exactly....those need to be included in something that would most likely be noticed in a regular thread....things with .exe stuff included in downloads.

There are, though, naughty sites with hidden stuff to set tracking cookies or maybe Trojans which try to use your machine to do some of their work...

Regular anti-spyware programs can usually deal with those.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: McGrath of Harlow
Date: 18 Nov 08 - 08:22 PM

So in principle an innocuous looking link in a post could give you a Trojan.

Moral being always have your anti-spyware stuff set up.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: Bill D
Date: 18 Nov 08 - 08:28 PM

yes...it is not common, unless you frequent the 'wrong sort' of sites, but there are many tricks they use.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: Nigel Parsons
Date: 19 Nov 08 - 12:07 PM

Of course, 'hovering' your cursor over the link will usually show the address it leads to in your browser. For example, hovering over the link below for 'Forum Home' will show you the address "http://www.mudcat.org/threads.cfm" so that you can see it's just re-directing you within Mudcat.

Cheers
Nigel


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: JohnInKansas
Date: 19 Nov 08 - 09:38 PM

But hovering over one of the Google ad links probably won't show you the target, since it's usually about 450 or more characters in the URL and your status bar buffer ain't that big. If you get a blank, it's probably because the buffer overran and the URL just doesn't display. (You can right-click and "Copy Shortcut" and paste it in notepad if you're curious about what it really looks like.)

And if it does show a target, the target it shows there is to a Google server that isn't the target - the Google server just logs the "hit" (to send Max the cut and to bill the real target) and then does an instant redirect that takes you to whoever pays for the ad hit.

So far as I've been able to decipher, the actual target is just a very long number in a Google list, and there's no clue in the "URL" about where it's going to end up.

Google can pretty much be trusted, since they don't get paid if they don't get you to the real sponsor for the ad; but others could use the same, or very similar, redirect methods if they can induce you to click on an innocent looking link - if they can get the link onto a page that you visit.

You also don't generally get a target you can read on sites that use j-script links. Usually the java links are "local links" within the site, but they can take you elsewhere.

Since you can view the source code for any web page, Ctl-A, Ctl-C gets an almost identical page that can be posted anywhere - as on a malware server. (You might have to create a style sheet or two to make it look really authentic.) If they can get you redirected to their phony copy of a legitimate page, they have a very good chance to trick you into letting them put almost anything on your machine(s) or to get lots of information from you.

Bank, broker, and credit card home pages are favorite kinds for this phony page trickery, and of course they know what bank they "replicated" so if you take the bait and "log in" they've got all they need. Even if only a tiny fraction of people they get redirected to a phony page actually have an account with the place they've simulated, the few who do - and the fewer who log in - can make for pretty lucrative scamming.

Most commonly, this kind of faking appears as links in email, since it costs virtually nothing to send email to lots of people with a good chance that some of them will click the link to your phony page. Invading a legitimate site to place phony links on it - without detection - is a little more work.

MySpace, and other "social networking" sites, where "friends" can paste cutesy pictures and comments with links (to their own page or elsewhere) have a real problem with links to malware. Much of the stuff that's "pasted" is via links to sites that may or may not be legitimate. Sending a comment to someone's personal page is about as easy as sending an email, and an image can contain embedded malware or can link to a malicious site. Many users at such sites (esp in the "personal looking for friends" sections) are so "clueless" they allow the junk "from a friend" they never heard of to be posted on their page and thereby made accessible to innocent real friends.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: McGrath of Harlow
Date: 20 Nov 08 - 02:18 PM

I think you are talking about links with rather long addresses there, John. Probably a good idea to avoid clicking on any that look like that.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: JohnInKansas
Date: 20 Nov 08 - 03:58 PM

McG -

Just noting that there are cases where the target doesn't show when you hover over it. The Google ads do have long URLs, but other cases - some of which are legitimate and probably as "safe" as the Google Ads - may also fail to give you the reading, even if they're short ones.

It's a good idea to look, if there's any question about a link. It's just not a fail-proof method. You need to keep the other defenses warm and working, even if you do (as you should) look for the identity for any link that could be faked*.

* "Any link that could be faked" pretty much includes all of them; but you don't want to be paranoid about it.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Viruses and links
From: Cluin
Date: 20 Nov 08 - 04:09 PM

Sounds like that horse has already left the barn, John.


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 15 July 6:57 PM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.