Ubuntu QA:
BlogBrainstormPackage status
Log in
Ubuntu QA
The Ubuntu community has contributed 21986 ideas, 135057 comments, 2615221 votes
Idea sandbox Idea sandbox
Popular ideas Popular ideas
Ideas in development Ideas in development
Implemented ideas Implemented ideas
Idea #5533: Pidgin URL cross checking

Written by neomenlo the 24 Mar 08 at 00:12. Category: Security. Related project: Nothing/Others. Status: New
Rationale
There is a deceptive practice of tricking a user into visiting a site by using instant messaging.

One example would be that the user could get an IM thinking that their friend wants to them to see an image. The message would read "Check out this picture http://photobucket.com/image.jpg", but the link would actually lead to somewhere else. Almost always it will lead to something dangerous or otherwise unwanted like a virus executable or a vulgar website.

This could be very simply and automatically protected through pidgin. A plugin could validate that all links with text that looks like a URL, actually leads to the URL it looks like.

Something that reads "http://google.com" should always lead to "http://google.com" However it is possible that the text may not read as a URL, and it could read like "This Website" and lead to "http://google.com"

So I would like to see a system message, show in the same area that you would normally see "this person has gone away" show a notification that the link is misleadings and an explanation of the risks. This would only show up if the link's text looks like a URL, and the href does not match it.
Tags: (none)

53
votes
up equal down
Solution #1: Auto-generated solution of idea #5533
Written by neomenlo the 24 Mar 08 at 00:12.
Ubuntu Brainstorm was updated in January 2009. Since the idea #5533 was submitted before this update, its rationale and solution are not separated. Please vote accordingly, and if you have the necessary rights, please separate the rationale from the solution. Thanks!

Propose your solution

Attachments
No attachments.


Duplicates


Comments
mikedep333 wrote on the 24 Mar 08 at 01:23
I doubt we will actually have to worry about viruses, but certainly people could be scammed into thinking they're going to check their mail at http://www.gmail.com and instead go to a scammer site at http://gmail.verysecuresite.cn , which would be a scam.

neomenlo wrote on the 24 Mar 08 at 01:32
Yeah, viruses is a bad example. The vulgar, seedy websites are definitely something to worry about though.

Furthermore, this could just be added to pidgin, which would help a lot of poor, vulnerable Windows users.

I made this "New Enhancement" request in Pidgin's trac:
http://developer.pidgin.im/ticket/4683

maix wrote on the 24 Mar 08 at 16:57
(don't want to register there, so I answer here:)

> 2: The url leads to an executable

> I don't think I've ever seen an executable transfered via IM protocol. So, links to executables should also bring up a warning dialog telling the risks.
How do you want to see if it is an executable just with the link, without sending a request there? That's not possible.

neomenlo wrote on the 24 Mar 08 at 19:56
Most executables will end with certain extensions.
Examples:
.exe
.com
.bat
.sh
Obviously that won't weed out all of them, like executable texts, but it's a start.
I think I may have phrased that weirdly on Pidgin's Trac.

3wings wrote on the 23 Apr 08 at 21:55
@neomenlo
I think what maix is trying to say is even the URL is not pointing to an executable, it can point to a normal HTML page that initiates a download when it is accessed.

That's how SourceForge handles downloads, for example.

Monicker wrote on the 3 May 08 at 14:31
A malicious web page does not have to initiate a download to be malicious. There have been several cases where a malicious url was able to change the settings on a person's home router. Other exploits have allowed for the retrieval of password information via browser flaws.

Suspicious urls should be noted when possible, though I think there is still some chance of false positives for legitimage sites.


Post your comment