TinyURL (Was: 8.04?)

[Dotan Cohen]

On 05/04/2008, Bob McConnell <rmcconne at lightlink.com> wrote:
> Both tinyurl and the destination site will have a log of your IP
>  address. The only way to prevent that is to use a blind proxy, like TOR.
>  They may also record the referrer url, but that is not as likely any
>  more since it is too easy to fake. Plus, in Firefox and other browsers
>  you can block the referrer link from being sent to the new server.

That's just the problem: tinyurl logs person ABC's access to site XYZ.
Even if they don't, why should they be able to in the first place?

>  My question with tinyurl is this. I have dnsmasq running on one of my
>  servers as an internal nameserver. It only passes requests for FQDN out
>  to my ISP's DNS. I can blackhole known malicious sites by adding them to
>  the hosts file on my server with a destination address of 127.0.0.1 or
>  just point them at one of my local Apache servers to get a quick 404
>  (Page not found) error. I haven't taken a close look at what tinyurl
>  returns, but can it bypass my blackhole list and send me to a site I
>  already know I don't want?

The link was to firefox . on . nimp . org (don't try that at home,
kids). If your host file directs nimp . org to localhost, then you are
fine.

Dotan Cohen

http://what-is-what.com
http://gibberish.co.il
א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?