Reminder: tinyurl, links, and other general security measures
ChrisH821
Posts: 6,574 ✭✭✭✭✭
(Edited title)
Just a reminder here, the tinyurl site is a url masking service. Its legitimate use is to make very large URLs into small ones, but as such, any URL can be hidden in a tinyurl link. This can be used for nefarious purposes, for instance sending you to a fake login to steal credentials.
Please bear this in mind.
I've noticed a few new members posting images hosted at very strange looking URLs, like ibb.co/..... I'm not saying that none can be trusted, but I am not going to those links to find out. This forum hosts images so there is no reason people need to link to an external site to show images.
Collector, occasional seller
13
Comments
tinyurl is also used to shorten a URL, for other forums with software that does not allow long URLs.
ibb.co is not from tinyurl.
Several domains have alternative, shorter domain names.
Example:
https://t.co/jBtRlDLwUm
this is short for:
https:// twitter.com /ZeeMatic1/status/1488266445871980546
from this thread:
https://forums.collectors.com/discussion/1070517/does-anybody-knows-anything-about-these-coins-each-coin-represents-a-state
If you have a good browser, like Google Chrome, you don't have to worry so much about clicking on a URL.
Because this forum currently has a "waiting period" before a person with a new account can post photos,
a workaround is to post the photo to a free photo hosting site (like imgur), and post the photo URL.
This seems fine to me.
gripe to the mods then not to the board
1997-present
This doesn’t look like a gripe at all to me… it’s a friendly and well-founded reminder to be vigilant.
Agree. I took it to be a public service message to help fellow forum members to be safe.
Worry is the interest you pay on a debt you may not owe.
"Paper money eventually returns to its intrinsic value---zero."----Voltaire
"Everything you say should be true, but not everything true should be said."----Voltaire
Not a gripe, not sure what issue you take with this post. It's not like I'm saying not to deal with sellers who don't accept PayPal.
Collector, occasional seller
I know ibb.co isn't tinyurl, it was an example of an "unusual" link that's been used a lot lately, particularly by new members.
The waiting period is relatively new, and I'm sure it's there for good reason, a few extra days wait isn't going to hurt anyone.
When I ask google "What is ibb.co?" I get the following answer, bold added by me:
"ibb.co isn't malicious itself, and not all files are malicious, but it's a common website used to share malicious files as they often go unchecked."
Collector, occasional seller
I cannot believe I am having to defend and justify a post about common internet security precautions.
Collector, occasional seller
New to the internet? You could say "Chocolate chip cookies are good" and start an argument.
Good point. I do love me some chocolate chip cookies.
Collector, occasional seller
Me either - I do Tech Support for 27 school districts - all URL shorteners are blocked by their web filters.
1) - You don't truly know where you're going
2) - Most Internet Filters can't filter the true destination - so they are blocked.
It's common sense in the IT world, but I guess not so much in the coin world. They probably also scan QR codes on fliers on telephone poles 8-)
There are legit reasons to use a shortener, but if you think you need to click one, at least run it through an expander so you can see the true destination before you decide to visit it.
One such expander: https://urlex.org/
You paste your tinyurl or bit.ly or google shortened URL into the box, it shows you where it's really sending you.
"You Suck Award" - February, 2015
Discoverer of 1919 Mercury Dime DDO - FS-101
Also ... remember you can't trust the apparent landing page.
ANY URL can send you to a site that does something and then redirects you nearly invisibly. The site you finally end up on might be something reputable, but the intermediate site (MIM or Man In the Middle) is not.
And the name shown on the page doesn't have to be the site you get directed to... Trivial example
https://pcgs.com
At least the intercept page here on the site will tell you that you are leaving the board AND shows the real URL.
But the sad truth is you cannot trust ANYTHING you don't type yourself.
ANA 50 year/Life Member (now "Emeritus")
My celiac dog is so offended by this crass and insensitive comment promoting chocolate chip cookies that… I can’t even!
The reason I criticized your post was because your post looked like you were offering ibb.co as an example
of a malicious tinyurl usage. I was trying to help you. Sorry if I made you feel defensive.
I was also trying to explain one of the reasons why people post external links (for photos).
I was also disappointed in the thread I linked, where people were afraid to click on the t.co link that had photos.
It's fine with me if people don't want to click on an external URL, because they want to be extra cautious and don't understand how to be safe.
However, your post felt to me like declaring an emergency that doesn't exist, to some extent.
I have not seen any malicious URLs being linked in forum posts here, except possibly some late night spam posts before they got reported and removed.
Have you seen any malicious URLs posted here?
Please provide an example if you have.
Then I will have a better understanding of what you are warning us about.
My advice for forum safety would be something like:
Be more careful when a new member (say, points < 10) posts an external URL.
However, they may simply be doing it to post photos for their question.
Often a question causes a person to be a new user here.
No worries, I guess I took it the wrong way but I see your point. My ibb example was unrelated to tinyurl, just something that is popping up here a lot recently that has not been in the past. My quick G search leads me to believe that it is also not a reputable host. My concern is that I am seeing more of these, and in one particular thread a member said something about a login being required which was very concerning.
I have no specific malicious examples because I don't click on tinyurl, bit.ly, or ibb.co links, I can only offer what my curious searches on google have shown about those two hosts.
Collector, occasional seller
Correct me if I'm wrong, but I believe a new member can immediately post photos by using copy/paste to the post rather than the icon.
Jim
When a man who is honestly mistaken hears the truth, he will either quit being mistaken or cease to be honest....Abraham Lincoln
Patriotism is supporting your country all the time, and your government when it deserves it.....Mark Twain
No you couldn't! You are wrong! Everyone likes chocolate chip cookies.
Crispy or chewy?
Keeper of the VAM Catalog • Professional Coin Imaging • Prime Number Set • World Coins in Early America • British Trade Dollars • Variety Attribution
A new member can display photos, if they are hosted on some other site.
A new member can't immediately store/host photos on this site, though.
I prefer crunchy or chewy to crispy which implies a burnt cookie.
Worry is the interest you pay on a debt you may not owe.
"Paper money eventually returns to its intrinsic value---zero."----Voltaire
"Everything you say should be true, but not everything true should be said."----Voltaire
Some good information in this thread....Many are not aware of the potential dangers in clicking on url's.... Cheers, RickO
Good point. And remember, if the cookie dough recipe calls for adding an egg, you are supposed to remove the egg from its shell...