A non-design, technical question! Neat. The rule from the experts in
security is simple and straightforward:
DO NOT USE TINY URLs. They are dangerous, for who knows what evil lies
behind the mask.
Possible exception. There are "expander" plugins for the popular browsers:
Explorer, safari, Firefox, Chrome, that can expand the URL and tell you what
the full name says. But you have to remember to use it, and then you still
have to be expert at decoding the full URL because malicious folks are
clever at inventing legitimate looking names (by exploiting the fact that
most people do not understand the syntax of URLs and the distinctions of the
meanings of ".", "/" and "-" ("-" has no meaning!), the importance of
knowing the domain name (edu, au, com, ...) and the meaning of escape
symbols such as "%".
To make matters worse, some legitimate companies put their special services
under URLs that look fictitious, and despite years of effort trying to
educate companies not to do this, they still do it.
Tiny URLs are a brilliant design solution, but unfortunately, the prevalence
of bad guys has destroyed their virtue.
For more information, simply search for "tinyurl security concerns"
Don Norman
On Sat, Jan 23, 2010 at 2:06 PM, Terence Love <[log in to unmask]> wrote:
> Hi GK,
>
> You suggested looking at http://tinyurl.com/ybneseb
>
> Do you know a way to know in advance whether a tinyurl link is safe, where
> it goes to, or whether it points to a site that presents security issues
> e.g. has a drive-by Trojan or similar?
>
> They seem to present a security issue.
>
> Terry
>
>
