Two web security researchers recently published a study exposing the privacy problems related to using URL shorteners. Microsoft and Google already offer URL shortening services in many of their cloud services. The image above shows Google addresses found through short URLs associated with a single user in Austin, Texas.
When users share data protected by credentials inside the web address linked with their content, these services could allow an attacker to access their data simply by searching the address space for a URL-shortening service in search of content. This is all due to the predictability of these URLs because of how short these addresses are.
An example of a URL shortening services is Microsoft’s, 1drv.ms, in it’s OneDrive cloud storage services. Another is, binged.it, for Bing Maps domains of the, bit.ly, URL shortening service. Although Microsoft has discontinued their OneDrive embed shortener, some URLs that exist are still accessible.
Vitaly Shmatikov from Cornell Tech and visiting researcher Martin Georgiev conducted an 18-month study with a scope on OneDrive and Google Maps. One of their conclusions was Microsoft and OneDrive shortened URLs were just all around too accessible.
Despite the exploitive information provided by these researchers Microsoft won’t acknowledge short URLs as a security hole and stated that the changes made to the OneDrive were not correlated to the exploit. A PDF of Shmatikov’s and Georgiev’s study can be found here.
Source: ArsTechnica
Your blog post was fantastic, thanks for the great content!
For the reason that the admin of this site is working, no uncertainty very quickly it will be renowned, due to its quality contents.
Great information shared.. really enjoyed reading this post thank you author for sharing this post .. appreciated
Let me know what type of content you’d like to see more of in the future!
Pretty! This has been a really wonderful post. Many thanks for providing these details.
Welcome to https://Accsmarket.net, your premier destination for purchasing a wide variety of accounts tailored to suit your digital requirements. Whether you’re searching for social media, gaming, or streaming accounts, we offer a diverse selection to cater to every aspect of your online presence. With a focus on quality and security, https://Accsmarket.net ensures a seamless and trustworthy experience for all your account needs.
Click here:Click now : https://Accsmarket.net
very informative articles or reviews at this time.