To DURL Top


People have generally been warned to avoid suspicious links in Email and browsers.

Suppose you could make the link look 'friendly' or 'trustable'. Then many more people would click on the link. For example the following link looks like it is from Yahoo.

From at least January, 2003 through February 20th it would go to Yahoo and then send the browser to another site. The links will look like:
http://rd.yahoo.com/^Random/96691/*http://128.164.156.34

Technically savvy people will see the URL at the right and know there may be a problem. Many others may click on a link that appears to be from Yahoo which could lead to a hostile site.

There is a URL embedded inside the link to Yahoo. Yahoo has provided the means to take the information from the link and send the user's browser there.

This is not good nor thoughtful design as it leads to very easy misuse.



As of 23 February, 2003, Yahoo had finally protected this capability and now it is a protection violation. Information from CERT indicates there are other sites and portals that are still forwarding without the user's ability to control or block the forwarding.

If a portal or site wishes to provide redirects then the list of possible re-directs should be kept on the server and just referred to by Id as in something like:

http://rd.yahoo.com/^Random/96691/*gwuinfosec

And Yahoo then does its own lookup on 'gwuinfosec' to determine the IP address or domain as in either

  • 128.164.156.34

  • seas.gwu.edu/~infosec





© copyright James B. Nickson, 2003
For problems with this site, please Email.