[Dshield] CNN?

Johannes Ullrich jullrich at sans.org
Mon Oct 15 19:52:30 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


Sorry to contradict Deb here. But I don't have issues with redirects
like that. They are much more common then you think. For example do you
enter "http://isc.sans.org" or "http://isc.sans.org/index.html" in your
browser? After you log in to DShield/ISC, you are redirected... there
are many situations that may require redirects like this or at least
they will make it much easier to create reasonable URLs and maintain
sanity on the backend.

Phishers use logos... should we get rid of them too and use a text-only web?



Deb Hale wrote:
> I couldn't agree more.  I will not download anything that uses this method.
> I figure that if they have something to hide, I don't need it.
> 
> Deb
> 
> -----Original Message-----
> From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
> On Behalf Of M Cook
> Sent: Monday, October 15, 2007 1:04 PM
> To: General DShield Discussion List
> Subject: [Dshield] CNN?
> 
> Anyone see the mail from CNN about a desktop alerter? It offers a link 
> to download it:
> 
> Download it now! 
> http://downloadpl.cnn.com/cnn/services/alerter/CNNAlerter.exe
> 
> But if you hover over it, the link is actually
> 
> http://www.access.cnn.com/xyyabbxx_xzenozx.html
> 
> Now I realize this is probably innocent, probably just to implement some 
> sort of tracking; but don't these folks realize it is the same strategy 
> used by phishers (list one URL, hide the real one)? Why don't they just 
> say "click here", or make the text match the linked URL. Wouldn't it be 
> better if legitimate businesses were straightforward, so only the shady 
> ones were sneaky? Plus if they want to be really helpful, they'd put it 
> on an HTTPS page, so the certificate could be validated...
> 
> (sorry for the rant)
> _________________________________________
> SANS Network Security 2007 in Las Vegas September 22-30. 39 courses,
> SANS top instructors.  http://www.sans.org/info/9346
> 
> _________________________________________
> SANS Network Security 2007 in Las Vegas September 22-30. 39 courses,
> SANS top instructors.  http://www.sans.org/info/9346
> 


- --
Johannes Ullrich, SANS Institute, (www.sans.org)

SANS Network Security 2007 in Las Vegas September 22-30. 39 courses,
SANS top instructors.  http://www.sans.org/info/9346
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHE8T9PNuXYcm/v/0RA8EtAJ4s9/aToJhlCHMhjr7PPmseBIGQlwCeI1Qi
A6B+zeMPPQ0nHtYRB+NFZNc=
=M38L
-----END PGP SIGNATURE-----


More information about the list mailing list