How do you decide which links to follow

TheL8Elvis · 28th January 2013, 06:34 PM

Once upon a time, in different thread, a poster posted a link and there was some controversy about whether or not to follow the link.

There were some claims made about people not following links they weren't familiar with and that perhaps it wasn't safe to follow some links.

I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ?

Below are some example urls , they don't lead anywhere bad or to anything NSFW...Additionally, I intentionally broke them all by adding a space, so if you want to follow them, you really have to try.

http://www.exploit-db.com/exploits/23077/

67.228.115.45/

tinyurl.com/mo4ff6

1.usa.gov/OYCBM7

forums.randi.org/forumindex.php

http://tiny url.com/create.php?sourc...yURL%21&alias=

Ray Brady · 28th January 2013, 06:37 PM

It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest.

arthwollipot · 28th January 2013, 06:48 PM

I will never follow any link that consists of just an IP address, like your second one. I will require a very good reason to follow a TinyURL or similar url ~~concealer~~ shortener. I prefer links that actually explain what they're linking to, like this link to the Sydney Morning Herald. But if it's clear from the address what site it is linking to, I usually don't have a problem with it.

So out of your list, the only one I would not hesitate to follow is the one to the forum index.

KoihimeNakamura · 28th January 2013, 09:46 PM

I may follow tinyurl from twitter, but I generally avoid IP links unless it's a trusted source. The problem I generally have is that I have two sets of standards. On mobile phones I have a much higher standard because I can't hoverand phone browsers cause random crashes. On a computer? If I have NoScript, I'm a bit more adventurous.

AJM8125 · 28th January 2013, 10:00 PM

Originally Posted by TheL8Elvis

I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ?

Depends on what machine I'm on at the time:

Work - never. Heavily net-nannied.

Home PC - If the link raised suspicion in my mind (which is rare) I might google it or ignore it entirely - depends on my mood.

iPhone - click away.

El Greco · 28th January 2013, 11:56 PM

I rarely care what the link looks like; I only care where it comes from.

Captain_Swoop · 29th January 2013, 02:05 AM

I don't mind as long as there is some description of what the link is for. I won't follow a 'blind' link with no input from the poster saying what it is and why it should be followed.

SatansMaleVoiceChoir · 29th January 2013, 03:41 AM

Pretty much as per the last 3 posts.

malaka · 29th January 2013, 06:23 AM

I like the convention used by many posters at slashdot.org. When posting a link, they follow it immediately with brackets and the domain to which it leads. Such as: Check this out [google.com]

And, on-topic, I won't follow links from my parents.

TheL8Elvis · 29th January 2013, 07:05 AM

Originally Posted by arthwollipot

I will never follow any link that consists of just an IP address, like your second one. I will require a very good reason to follow a TinyURL or similar url ~~concealer~~ shortener. I prefer links that actually explain what they're linking to, like this link to the Sydney Morning Herald. But if it's clear from the address what site it is linking to, I usually don't have a problem with it.

So out of your list, the only one I would not hesitate to follow is the one to the forum index.

On to the heart of the matter - why ?

Do you believe if you can 'see' where it's going it's safer, or what ?

Psi Baba · 29th January 2013, 07:05 AM

My only wish is that people who post links would indicate that the link is directly to a video, or if the link is to a page that has annoying and LOUD audio that starts instantly. A little courtesy would be nice.

And this seems like as good a place as any to make this rant about Youtube. Why do all Youtube videos start with the sound defaulted to maximum no matter what you do to try to prevent that. Always. So irritating. And my PC volume settings are set at a fairly low level overall, yet Youtube videos will wake the dead every time.

[rant over]

TheL8Elvis · 29th January 2013, 07:06 AM

Originally Posted by KoihimeNakamura

I may follow tinyurl from twitter, but I generally avoid IP links unless it's a trusted source. The problem I generally have is that I have two sets of standards. On mobile phones I have a much higher standard because I can't hoverand phone browsers cause random crashes. On a computer? If I have NoScript, I'm a bit more adventurous.

You can see the complete link on iOS if you do a long press. And since the apps a re sandboxed, crashing the browser is not a concern (to me).

Why is an IP address more questionable than a domain name ?

TheL8Elvis · 29th January 2013, 07:08 AM

Originally Posted by Ray Brady

It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest.

Originally Posted by Captain_Swoop

I don't mind as long as there is some description of what the link is for. I won't follow a 'blind' link with no input from the poster saying what it is and why it should be followed.

Is that out of a security concern - or simply you don't want to waste time ?

I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion.

TheL8Elvis · 29th January 2013, 07:09 AM

Originally Posted by malaka

I like the convention used by many posters at slashdot.org. When posting a link, they follow it immediately with brackets and the domain to which it leads. Such as: Check this out [google.com]

And, on-topic, I won't follow links from my parents.

I see a good case for not following links from parents on many fronts

Hellbound · 29th January 2013, 08:19 AM

Originally Posted by TheL8Elvis

I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion.

#1 Clue: Mismatch between a displayed URL and the actual link. For example:

Hey, go see this article at www.nytimes.com!*

It takes additional work to conceal a URL like this, it's not really something that would happen accidentally, and there's no reason to unless you don't want someone to think about what they're linking to. Added to this arethe "semi-legit" names. Such as "mybank.geocities.com" instead of "mybank.com" (yeah, that's obvious, but some are sneakier).

#2 Clue: Certain domains, for example ".gov" and ".edu", are restricted. You can't just go get a URL in those domains unles you are government or education. Therefore, these tend to be safer...I don't have too much of an issue going to these links assuming there are no other warning signs.

#3 Clue: Active content and/or variables where they shouldn't be. For example, your addition to the forumindex.php

.

#4 Clue: Anything claiming to be urgent, official, critical, or personal that only consists of email contact, and often especially if it only includes the parts of my name easily garnered from my email address.

Tips:
Research URLs if you have any doubt. A google search of the url name will often turn up info if it's a malicious or suspicious website.

Keep your browser settings restrictive. If you don't want warnigns for a site you visit often and that is safe, don't reduce your settings globally; add that site to your trusted sites list (or equivalent).

Use a good, up-to-date anti-virus and/or spyware/adware scanner, and a popup blocker. Keep it up to date.

More generally, keep your operating system up to date, whichever OS you're using.

As others have stated, consider the source. How did you get the URL? From a friend you trust? From a friend who takes his computer in for virus cleaning twice a year? From someone you've never interacted with before? And if froma friend, does it sound liek something they'd send, and was it something you expected to get from them ("from" email addresses can be spoofed, and many exploits and viruses can compromise a person's address book). Also, if you know how, you can examine header information on emaisl to see where it was routed. These can be spoofed, but it's less common than spoofing the from address. So an email from "mybank.com" whose first hop was through a Nigerian domain is probably not legit.

That's off-the-top-of-my-head ideas. Hope that helps

roger · 29th January 2013, 08:47 AM

I have an easier heuristic. For domains that I don't recognize, I don't click unless there is about a page/day's worth of discussion, and no one writes "that link horked up my computer".

Hecubas · 29th January 2013, 08:53 AM

Originally Posted by TheL8Elvis

I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion.

Because it's a PITA to clean or rebuilt your system after being hit with malware and skipping a link is easier? Maybe they've been rickrolled too many times?

No browser/OS platform is perfectly safe. There are also things on the Internet that cannot be unseen. That's 2 sane reasons to avoid unfamiliar links.

TheL8Elvis · 29th January 2013, 09:20 AM

Originally Posted by Hecubas

Because it's a PITA to clean or rebuilt your system after being hit with malware and skipping a link is easier? Maybe they've been rickrolled too many times?

restore from backup shouldn't be too much of a PITA

Originally Posted by Hecubas

No browser/OS platform is perfectly safe. There are also things on the Internet that cannot be unseen. That's 2 sane reasons to avoid unfamiliar links.

How do you define familiar links ?

TheL8Elvis · 29th January 2013, 09:27 AM

Originally Posted by Hellbound

#1 Clue: Mismatch between a displayed URL and the actual link. For example:

Hey, go see this article at www.nytimes.com!*

It takes additional work to conceal a URL like this, it's not really something that would happen accidentally, and there's no reason to unless you don't want someone to think about what they're linking to. Added to this arethe "semi-legit" names. Such as "mybank.geocities.com" instead of "mybank.com" (yeah, that's obvious, but some are sneakier).

#2 Clue: Certain domains, for example ".gov" and ".edu", are restricted. You can't just go get a URL in those domains unles you are government or education. Therefore, these tend to be safer...I don't have too much of an issue going to these links assuming there are no other warning signs.

#3 Clue: Active content and/or variables where they shouldn't be. For example, your addition to the forumindex.php

.

#4 Clue: Anything claiming to be urgent, official, critical, or personal that only consists of email contact, and often especially if it only includes the parts of my name easily garnered from my email address.

Tips:
Research URLs if you have any doubt. A google search of the url name will often turn up info if it's a malicious or suspicious website.

Keep your browser settings restrictive. If you don't want warnigns for a site you visit often and that is safe, don't reduce your settings globally; add that site to your trusted sites list (or equivalent).

Use a good, up-to-date anti-virus and/or spyware/adware scanner, and a popup blocker. Keep it up to date.

More generally, keep your operating system up to date, whichever OS you're using.

As others have stated, consider the source. How did you get the URL? From a friend you trust? From a friend who takes his computer in for virus cleaning twice a year? From someone you've never interacted with before? And if froma friend, does it sound liek something they'd send, and was it something you expected to get from them ("from" email addresses can be spoofed, and many exploits and viruses can compromise a person's address book). Also, if you know how, you can examine header information on emaisl to see where it was routed. These can be spoofed, but it's less common than spoofing the from address. So an email from "mybank.com" whose first hop was through a Nigerian domain is probably not legit.

That's off-the-top-of-my-head ideas. Hope that helps

Thanks for your thoughtful response.

Clue #1 is useful unless people link like this.
Clue #2 I completely disagree. (see my 4th link) Can you elaborate how they are safer ?
Clue #3 assumes you know how the specific url should be formed. That can be useful, but many people don't know what should be there and can recognize malicious content. My example was obvious - do you feel confident it would be the same if I tried to obfuscate it ?
Clue #4 can be in the thrown in the general 'spam email' bucket, perhaps

What are your thoughts about url shorteners ? you didn't mention them

TheL8Elvis · 29th January 2013, 09:28 AM

Originally Posted by roger

I have an easier heuristic. For domains that I don't recognize, I don't click unless there is about a page/day's worth of discussion, and no one writes "that link horked up my computer".

I agree, that's a good one for forum or other static type of links. Let the teeming masses vet it for you

carlitos · 29th January 2013, 09:50 AM

Originally Posted by Ray Brady

It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest.

Same here. While on my home computer, I'm more likely to follow a link. On a mobile device, almost never, as I find it inconvenient to leave the forum, even if I know where it goes. Without a description, no chance either way.

Originally Posted by TheL8Elvis

restore from backup shouldn't be too much of a PITA

Just checking - are you serious? I shouldn't worry about dodgy-looking links because I can "restore from backup" if I get a virus?

Hokulele · 29th January 2013, 09:58 AM

For me, it isn't so much about security, but about wasting my time. I almost never follow links on my cellphone (Blackberry), as sites with a lot of images and crap take too long to load. If the poster does not tell me why I should follow the link, I have no interest in wasting my time to find out if it is interesting or not.

On my computer, I am more likely to follow a link if it appears to go someplace I might be interested in. For example, an article posted on the BBC website is more likely to be something I will enjoy than an article on Stormfront. A shortened URL or an IP address only doesn't give me that information, so I will always skip those, unless the poster indicates what is on the other side.

NoahFence · 29th January 2013, 11:15 AM

Originally Posted by TheL8Elvis

Once upon a time, in different thread, a poster posted a link and there was some controversy about whether or not to follow the link.

There were some claims made about people not following links they weren't familiar with and that perhaps it wasn't safe to follow some links.

I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ?

Below are some example urls , they don't lead anywhere bad or to anything NSFW...Additionally, I intentionally broke them all by adding a space, so if you want to follow them, you really have to try.

http://www.exploit-db.com/exploits/23077/

67.228.115.45/

tinyurl.com/mo4ff6

1.usa.gov/OYCBM7

forums.randi.org/forumindex.php

http://tiny url.com/create.php?sourc...yURL%21&alias=

I would only follow the JREF one.

TheL8Elvis · 29th January 2013, 11:53 AM

Originally Posted by NoahFence

I would only follow the JREF one.

Are there any security related reasons why ?

NoahFence · 29th January 2013, 12:10 PM

Quote:

http://www.exploit-db.com/exploits/23077/

Well, it says the word "exploit" right there, so that would be googled before I go there.

Quote:

67.228.115.45/

Eww...

Quote:

tinyurl.com/mo4ff6

Honestly, this one is just because tinyurl's give me the heebee-jeebies.

Quote:

1.usa.gov/OYCBM7

Ditto URL's that start with a number. "332_TaxHelper.Duh!"

Quote:

forums.randi.org/forumindex.php

I blindly trust everything that I find on Randi.org. Coming from you, I'd trust it, from others, it's probably just harmless self-promotion (9/11 subforum experience)

Quote:

http://tiny url.com/create.php?sourc...yURL%21&alias

Again, heebee-jeebies

TheL8Elvis · 29th January 2013, 12:41 PM

Originally Posted by carlitos

Same here. While on my home computer, I'm more likely to follow a link. On a mobile device, almost never, as I find it inconvenient to leave the forum, even if I know where it goes. Without a description, no chance either way.

So if it has a description, you're good ?

This link if full of things carlitos loves to read about: http://www.mangle.ca/randomweb/

Originally Posted by carlitos

Just checking - are you serious? I shouldn't worry about dodgy-looking links because I can "restore from backup" if I get a virus?

Well, mostly serious. Really I am trying learn about how many of you determine what a dodgy-looking link is, and if not following dodgy-looking links is in reality any safer than just clicking on any old link.

TheL8Elvis · 29th January 2013, 12:43 PM

Originally Posted by NoahFence

Well, it says the word "exploit" right there, so that would be googled before I go there.

Eww...

Honestly, this one is just because tinyurl's give me the heebee-jeebies.

Ditto URL's that start with a number. "332_TaxHelper.Duh!"

I blindly trust everything that I find on Randi.org. Coming from you, I'd trust it, from others, it's probably just harmless self-promotion (9/11 subforum experience)

Again, heebee-jeebies

So do you consider your methodology any more than 'woo' ?

Is it perhaps akin to the rock that keeps away tigers - if I haven't yet clicked on a link that hosed my computer, my system must work ?

NoahFence · 29th January 2013, 01:04 PM

Originally Posted by TheL8Elvis

So do you consider your methodology any more than 'woo' ?

Is it perhaps akin to the rock that keeps away tigers - if I haven't yet clicked on a link that hosed my computer, my system must work ?

woo? No. Educated guesses based on experience.

TheL8Elvis · 29th January 2013, 01:08 PM

Originally Posted by NoahFence

woo? No. Educated guesses based on experience.

I'm not trying to pick on you .. just trying to get to my point ...

How do you (or anyone) know your educated guesses are working ?

Do you have evidence there is something inherently more dangerous about following an IP address as opposed to a blogspot post, for example ?

NoahFence · 29th January 2013, 01:43 PM

Originally Posted by TheL8Elvis

I'm not trying to pick on you .. just trying to get to my point ...

How do you (or anyone) know your educated guesses are working ?

I never get malware or ~~virusis viruii virusez~~ my computer never gets sick.

Quote:

Do you have evidence there is something inherently more dangerous about following an IP address as opposed to a blogspot post, for example ?

Nothing empirical, no.

TheL8Elvis · 29th January 2013, 02:20 PM

Originally Posted by NoahFence

I never get malware or ~~virusis viruii virusez~~ my computer never gets sick.

Nothing empirical, no.

I generally click on any link, and I don't get malware or viruses either.

How do do you know your educated guesses aren't just the same as the famous tiger keeping away rock - ie correlation is not causation.

KoihimeNakamura · 29th January 2013, 02:21 PM

I am very suspicious of IP addresses if I didn't ask for it. As for apps being sandboxed, that does not mean I want to let it crash.

Paul C. Anagnostopoulos · 29th January 2013, 04:02 PM

NoScript.

~~ Paul

TheL8Elvis · 29th January 2013, 04:04 PM

Originally Posted by KoihimeNakamura

I am very suspicious of IP addresses if I didn't ask for it. As for apps being sandboxed, that does not mean I want to let it crash.

I don't think I have find any links that I could identify from the url that would crash my browser.

I understand there is usually some context around the url/ip - but I think we can probably all agree that unsolicited links in email are generally bad to follow. We can probably even empirically prove that they are more likely to try to do something bad empirically.

If an IP address was returned in a search result, would that make it less suspicious ?

TheL8Elvis · 29th January 2013, 04:07 PM

Originally Posted by Paul C. Anagnostopoulos

NoScript.

~~ Paul

Might as well use lynx.

NoahFence · 29th January 2013, 04:29 PM

Originally Posted by TheL8Elvis

I generally click on any link, and I don't get malware or viruses either.

How do do you know your educated guesses aren't just the same as the famous tiger keeping away rock - ie correlation is not causation.

He's not a very famous tiger...I've never heard that analogy before.

Anyway, you wanted to know the reasons why, and "Educated hunch" is as good a reason as any. I'm not current in my certs, but there was a day that I had a few. A+ NET+ and MCSE. I'd be hard pressed to map a network drive at this point but back when I could, this common sense approach was how I determined what to click and what not to click. I use that same approach today and it doesn't fail me.

YMMV.

arthwollipot · 29th January 2013, 04:36 PM

Originally Posted by TheL8Elvis

Why is an IP address more questionable than a domain name ?

IP addresses are used by people who don't want or can't get a domain name, because what they are doing is illegal or questionable. Anonymous hackers, software pirates and child pornographers use IP addresses rather than domain names, because that way they can change them randomly in order to avoid getting caught.

Originally Posted by TheL8Elvis

On to the heart of the matter - why ?

Do you believe if you can 'see' where it's going it's safer, or what ?

Url shorteners, are used by people who don't want you to know what you're going to. Here's a harmless example:

http://tinyurl.com/2fcpre6

Now, the only way you can find out what that links to is by clicking on it. If I wanted to send you to a site that would automatically download something to your computer without your knowledge, this would be a good way of doing it. It's a way of tricking you into visiting what I want you to visit.

Anyway, most sites now provide their own shortened links that make TinyURL and bit.ly redundant, and what was once the primary reason for shortening urls - Twitter - now shortens links automatically.

And yes, even when a link is attached to text - which incidentally is by far the best way of providing a link, for several important but technical reasons - I always hover over the text to check the address in the status bar before clicking it.

NoahFence · 29th January 2013, 05:11 PM

Originally Posted by arthwollipot

Url shorteners, are used by people who don't want you to know what you're going to. Here's a harmless example:

http://tinyurl.com/2fcpre6

You said "harmless"?!?

OnlyTellsTruths · 29th January 2013, 05:20 PM

Originally Posted by arthwollipot

And yes, even when a link is attached to text - which incidentally is by far the best way of providing a link, for several important but technical reasons - I always hover over the text to check the address in the status bar before clicking it.

I know that on another forum I go to it is possible to change that too.

IOW, a poster can change what it says when you hover over the url to whatever they want to.

I'm pretty sure that is because that forum allows full html code in posts. The JREF does not allow any html code, only BB code. So it is not possible to do that here.

Just be aware that "hovering over it" is not a sure way to know what the link really goes to on all forums or websites.

arthwollipot · 29th January 2013, 05:35 PM

Originally Posted by OnlyTellsTruths

I know that on another forum I go to it is possible to change that too.

IOW, a poster can change what it says when you hover over the url to whatever they want to.

I'm pretty sure that is because that forum allows full html code in posts. The JREF does not allow any html code, only BB code. So it is not possible to do that here.

Just be aware that "hovering over it" is not a sure way to know what the link really goes to on all forums or websites.

No, of course not. You can do all sorts of things after someone has clicked, for example - redirects and stuff. And I'm not talking about popups and tooltips. You can see the actual url of a link you're hovering over in the status bar. Normal html doesn't let you change that. Combined with a reasonable amount of common sense, it's a reasonable rule of thumb.

Bottom line - anything you do on the internet can potentially be risky. It all depends how much effort someone wants to expend on it.

28th January 2013, 06:34 PM	#1
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	How do you decide which links to follow Once upon a time, in different thread, a poster posted a link and there was some controversy about whether or not to follow the link. There were some claims made about people not following links they weren't familiar with and that perhaps it wasn't safe to follow some links. I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ? Below are some example urls , they don't lead anywhere bad or to anything NSFW...Additionally, I intentionally broke them all by adding a space, so if you want to follow them, you really have to try. http://www.exploit-db.com/exploits/23077/ 67.228.115.45/ tinyurl.com/mo4ff6 1.usa.gov/OYCBM7 forums.randi.org/forumindex.php http://tiny url.com/create.php?sourc...yURL%21&alias=
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

28th January 2013, 11:56 PM	#6
El Greco Summer worshipper Join Date: Nov 2003 Location: Παρά θιν'αλός Posts: 14,257	I rarely care what the link looks like; I only care where it comes from.
	__________________ "Robbing a bank is no crime compared to owning one" - Bertolt Brecht "Let it go and come to bed already, El Greco" - MoeFaux

29th January 2013, 03:41 AM	#8
SatansMaleVoiceChoir Graduate Poster Join Date: Apr 2007 Posts: 1,300	Pretty much as per the last 3 posts.
	__________________ The aim of argument, or of discussion, should not be victory, but progress. - Joseph Joubert Do not believe hastily. - Ovid There is no worse lie than a truth misunderstood by those who hear it. - William James

29th January 2013, 07:05 AM	#10
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by arthwollipot I will never follow any link that consists of just an IP address, like your second one. I will require a very good reason to follow a TinyURL or similar url ~~concealer~~ shortener. I prefer links that actually explain what they're linking to, like this link to the Sydney Morning Herald. But if it's clear from the address what site it is linking to, I usually don't have a problem with it. So out of your list, the only one I would not hesitate to follow is the one to the forum index. On to the heart of the matter - why ? Do you believe if you can 'see' where it's going it's safer, or what ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 07:05 AM	#11
Psi Baba Homo Skepticalis Join Date: Aug 2001 Location: Occupying my barstool Posts: 3,177	My only wish is that people who post links would indicate that the link is directly to a video, or if the link is to a page that has annoying and LOUD audio that starts instantly. A little courtesy would be nice. And this seems like as good a place as any to make this rant about Youtube. Why do all Youtube videos start with the sound defaulted to maximum no matter what you do to try to prevent that. Always. So irritating. And my PC volume settings are set at a fairly low level overall, yet Youtube videos will wake the dead every time. [rant over]
	__________________ Save Caribbean Rum! (seriously)

28th January 2013, 06:37 PM	#2
Ray Brady Muse Join Date: Jan 2011 Posts: 579	It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest.
Ray Brady Muse Join Date: Jan 2011 Posts: 579

28th January 2013, 06:48 PM	#3
arthwollipot Observer of Phenomena Join Date: Feb 2005 Location: The other side of your screen Posts: 42,956	I will never follow any link that consists of just an IP address, like your second one. I will require a very good reason to follow a TinyURL or similar url ~~concealer~~ shortener. I prefer links that actually explain what they're linking to, like this link to the Sydney Morning Herald. But if it's clear from the address what site it is linking to, I usually don't have a problem with it. So out of your list, the only one I would not hesitate to follow is the one to the forum index.
	__________________ Jadey (in RvB game thread): I just want to take a moment to commend Arth on his role as Parasitic Alien Tumor. I think he really connected with the character and there were times when I forgot that he was just acting. That's the kind of talent that you can't teach.

28th January 2013, 09:46 PM	#4
KoihimeNakamura Creativity Murderer Join Date: Feb 2007 Location: Graham, WA Posts: 6,846	I may follow tinyurl from twitter, but I generally avoid IP links unless it's a trusted source. The problem I generally have is that I have two sets of standards. On mobile phones I have a much higher standard because I can't hoverand phone browsers cause random crashes. On a computer? If I have NoScript, I'm a bit more adventurous.
	__________________ Don't mind me.

28th January 2013, 10:00 PM	#5
AJM8125 NWO Black Ops Tagger Join Date: Aug 2008 Location: **** Creek, California Posts: 15,250	Originally Posted by TheL8Elvis I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ? Depends on what machine I'm on at the time: Work - never. Heavily net-nannied. Home PC - If the link raised suspicion in my mind (which is rare) I might google it or ignore it entirely - depends on my mood. iPhone - click away.

29th January 2013, 02:05 AM	#7
Captain_Swoop Illuminator Join Date: Jun 2010 Location: North Yorkshire Posts: 3,906	I don't mind as long as there is some description of what the link is for. I won't follow a 'blind' link with no input from the poster saying what it is and why it should be followed.

29th January 2013, 06:23 AM	#9
malaka Graduate Poster Join Date: May 2002 Location: columbus Posts: 1,161	I like the convention used by many posters at slashdot.org. When posting a link, they follow it immediately with brackets and the domain to which it leads. Such as: Check this out [google.com] And, on-topic, I won't follow links from my parents.

29th January 2013, 07:06 AM	#12
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by KoihimeNakamura I may follow tinyurl from twitter, but I generally avoid IP links unless it's a trusted source. The problem I generally have is that I have two sets of standards. On mobile phones I have a much higher standard because I can't hoverand phone browsers cause random crashes. On a computer? If I have NoScript, I'm a bit more adventurous. You can see the complete link on iOS if you do a long press. And since the apps a re sandboxed, crashing the browser is not a concern (to me). Why is an IP address more questionable than a domain name ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 07:08 AM	#13
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by Ray Brady It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest. Originally Posted by Captain_Swoop I don't mind as long as there is some description of what the link is for. I won't follow a 'blind' link with no input from the poster saying what it is and why it should be followed. Is that out of a security concern - or simply you don't want to waste time ? I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion.
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 07:09 AM	#14
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by malaka I like the convention used by many posters at slashdot.org. When posting a link, they follow it immediately with brackets and the domain to which it leads. Such as: Check this out [google.com] And, on-topic, I won't follow links from my parents. I see a good case for not following links from parents on many fronts
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 08:19 AM	#15
Hellbound Abiogenic Spongiform Join Date: Sep 2002 Location: In a handbasket Posts: 8,911	Originally Posted by TheL8Elvis I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion. #1 Clue: Mismatch between a displayed URL and the actual link. For example: Hey, go see this article at www.nytimes.com!* It takes additional work to conceal a URL like this, it's not really something that would happen accidentally, and there's no reason to unless you don't want someone to think about what they're linking to. Added to this arethe "semi-legit" names. Such as "mybank.geocities.com" instead of "mybank.com" (yeah, that's obvious, but some are sneakier). #2 Clue: Certain domains, for example ".gov" and ".edu", are restricted. You can't just go get a URL in those domains unles you are government or education. Therefore, these tend to be safer...I don't have too much of an issue going to these links assuming there are no other warning signs. #3 Clue: Active content and/or variables where they shouldn't be. For example, your addition to the forumindex.php . #4 Clue: Anything claiming to be urgent, official, critical, or personal that only consists of email contact, and often especially if it only includes the parts of my name easily garnered from my email address. Tips: Research URLs if you have any doubt. A google search of the url name will often turn up info if it's a malicious or suspicious website. Keep your browser settings restrictive. If you don't want warnigns for a site you visit often and that is safe, don't reduce your settings globally; add that site to your trusted sites list (or equivalent). Use a good, up-to-date anti-virus and/or spyware/adware scanner, and a popup blocker. Keep it up to date. More generally, keep your operating system up to date, whichever OS you're using. As others have stated, consider the source. How did you get the URL? From a friend you trust? From a friend who takes his computer in for virus cleaning twice a year? From someone you've never interacted with before? And if froma friend, does it sound liek something they'd send, and was it something you expected to get from them ("from" email addresses can be spoofed, and many exploits and viruses can compromise a person's address book). Also, if you know how, you can examine header information on emaisl to see where it was routed. These can be spoofed, but it's less common than spoofing the from address. So an email from "mybank.com" whose first hop was through a Nigerian domain is probably not legit. That's off-the-top-of-my-head ideas. Hope that helps
	Last edited by Hellbound; 29th January 2013 at 08:21 AM.

29th January 2013, 08:47 AM	#16
roger Penultimate Amazing Join Date: May 2002 Location: Mountain View, CA Posts: 11,021	I have an easier heuristic. For domains that I don't recognize, I don't click unless there is about a page/day's worth of discussion, and no one writes "that link horked up my computer".
	__________________ May your trails be crooked, winding, lonesome, dangerous, leading to the most amazing view. May your mountains rise into and above the clouds. - Edward Abbey Climb the mountains and get their good tidings. Nature's peace will flow into you as sunshine flows into trees. The winds will blow their own freshness into you, and the storms their energy, while cares will drop off like autumn leaves. - John Muir

29th January 2013, 08:53 AM	#17
Hecubas Thinker Join Date: Apr 2008 Posts: 207	Originally Posted by TheL8Elvis I am more interested in the idea of why people won't follow links that they perceive to be a security issue, and how they arrive at that conclusion. Because it's a PITA to clean or rebuilt your system after being hit with malware and skipping a link is easier? Maybe they've been rickrolled too many times? No browser/OS platform is perfectly safe. There are also things on the Internet that cannot be unseen. That's 2 sane reasons to avoid unfamiliar links.
Hecubas Thinker Join Date: Apr 2008 Posts: 207

29th January 2013, 09:20 AM	#18
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by Hecubas Because it's a PITA to clean or rebuilt your system after being hit with malware and skipping a link is easier? Maybe they've been rickrolled too many times? restore from backup shouldn't be too much of a PITA Originally Posted by Hecubas No browser/OS platform is perfectly safe. There are also things on the Internet that cannot be unseen. That's 2 sane reasons to avoid unfamiliar links. How do you define familiar links ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 09:27 AM	#19
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by Hellbound #1 Clue: Mismatch between a displayed URL and the actual link. For example: Hey, go see this article at www.nytimes.com!* It takes additional work to conceal a URL like this, it's not really something that would happen accidentally, and there's no reason to unless you don't want someone to think about what they're linking to. Added to this arethe "semi-legit" names. Such as "mybank.geocities.com" instead of "mybank.com" (yeah, that's obvious, but some are sneakier). #2 Clue: Certain domains, for example ".gov" and ".edu", are restricted. You can't just go get a URL in those domains unles you are government or education. Therefore, these tend to be safer...I don't have too much of an issue going to these links assuming there are no other warning signs. #3 Clue: Active content and/or variables where they shouldn't be. For example, your addition to the forumindex.php . #4 Clue: Anything claiming to be urgent, official, critical, or personal that only consists of email contact, and often especially if it only includes the parts of my name easily garnered from my email address. Tips: Research URLs if you have any doubt. A google search of the url name will often turn up info if it's a malicious or suspicious website. Keep your browser settings restrictive. If you don't want warnigns for a site you visit often and that is safe, don't reduce your settings globally; add that site to your trusted sites list (or equivalent). Use a good, up-to-date anti-virus and/or spyware/adware scanner, and a popup blocker. Keep it up to date. More generally, keep your operating system up to date, whichever OS you're using. As others have stated, consider the source. How did you get the URL? From a friend you trust? From a friend who takes his computer in for virus cleaning twice a year? From someone you've never interacted with before? And if froma friend, does it sound liek something they'd send, and was it something you expected to get from them ("from" email addresses can be spoofed, and many exploits and viruses can compromise a person's address book). Also, if you know how, you can examine header information on emaisl to see where it was routed. These can be spoofed, but it's less common than spoofing the from address. So an email from "mybank.com" whose first hop was through a Nigerian domain is probably not legit. That's off-the-top-of-my-head ideas. Hope that helps Thanks for your thoughtful response. Clue #1 is useful unless people link like this. Clue #2 I completely disagree. (see my 4th link) Can you elaborate how they are safer ? Clue #3 assumes you know how the specific url should be formed. That can be useful, but many people don't know what should be there and can recognize malicious content. My example was obvious - do you feel confident it would be the same if I tried to obfuscate it ? Clue #4 can be in the thrown in the general 'spam email' bucket, perhaps What are your thoughts about url shorteners ? you didn't mention them
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 09:28 AM	#20
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by roger I have an easier heuristic. For domains that I don't recognize, I don't click unless there is about a page/day's worth of discussion, and no one writes "that link horked up my computer". I agree, that's a good one for forum or other static type of links. Let the teeming masses vet it for you
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 09:50 AM	#21
carlitos "más divertido" Join Date: Jul 2009 Posts: 11,463	Originally Posted by Ray Brady It's rare that I follow links out of the forum at all. But if you don't bother to give some indication of what's waiting on the other side, preferably with a succinct summary, you've guaranteed I will have no interest. Same here. While on my home computer, I'm more likely to follow a link. On a mobile device, almost never, as I find it inconvenient to leave the forum, even if I know where it goes. Without a description, no chance either way. Originally Posted by TheL8Elvis restore from backup shouldn't be too much of a PITA Just checking - are you serious? I shouldn't worry about dodgy-looking links because I can "restore from backup" if I get a virus?

29th January 2013, 09:58 AM	#22
Hokulele Official Nemesis Join Date: Feb 2007 Location: Trying to decide whether to set defenses against an army, or against mole rats. Posts: 27,265	For me, it isn't so much about security, but about wasting my time. I almost never follow links on my cellphone (Blackberry), as sites with a lot of images and crap take too long to load. If the poster does not tell me why I should follow the link, I have no interest in wasting my time to find out if it is interesting or not. On my computer, I am more likely to follow a link if it appears to go someplace I might be interested in. For example, an article posted on the BBC website is more likely to be something I will enjoy than an article on Stormfront. A shortened URL or an IP address only doesn't give me that information, so I will always skip those, unless the poster indicates what is on the other side.
	__________________ Yvette: "Blasty! Blasty! Blasty!" Some person: "Why did you shoot that?" Yvette: "Blasty! Blasty! Blasty!" - Tragic Monkey

29th January 2013, 11:15 AM	#23
NoahFence Psycho Kitty Join Date: Mar 2011 Location: Patriot Nation Posts: 9,291	Originally Posted by TheL8Elvis Once upon a time, in different thread, a poster posted a link and there was some controversy about whether or not to follow the link. There were some claims made about people not following links they weren't familiar with and that perhaps it wasn't safe to follow some links. I would like to ask all those link-following-averse people what sort of methodology they use to determine if they should follow a link, and how they know it's safe ? Below are some example urls , they don't lead anywhere bad or to anything NSFW...Additionally, I intentionally broke them all by adding a space, so if you want to follow them, you really have to try. http://www.exploit-db.com/exploits/23077/ 67.228.115.45/ tinyurl.com/mo4ff6 1.usa.gov/OYCBM7 forums.randi.org/forumindex.php http://tiny url.com/create.php?sourc...yURL%21&alias= I would only follow the JREF one.
	__________________ Our truest life is when we are in our dreams awake. -Henry David Thoreau

29th January 2013, 11:53 AM	#24
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by NoahFence I would only follow the JREF one. Are there any security related reasons why ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 12:10 PM	#25
NoahFence Psycho Kitty Join Date: Mar 2011 Location: Patriot Nation Posts: 9,291	Quote: http://www.exploit-db.com/exploits/23077/ Well, it says the word "exploit" right there, so that would be googled before I go there. Quote: 67.228.115.45/ Eww... Quote: tinyurl.com/mo4ff6 Honestly, this one is just because tinyurl's give me the heebee-jeebies. Quote: 1.usa.gov/OYCBM7 Ditto URL's that start with a number. "332_TaxHelper.Duh!" Quote: forums.randi.org/forumindex.php I blindly trust everything that I find on Randi.org. Coming from you, I'd trust it, from others, it's probably just harmless self-promotion (9/11 subforum experience) Quote: http://tiny url.com/create.php?sourc...yURL%21&alias Again, heebee-jeebies
	__________________ Our truest life is when we are in our dreams awake. -Henry David Thoreau

29th January 2013, 12:41 PM	#26
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by carlitos Same here. While on my home computer, I'm more likely to follow a link. On a mobile device, almost never, as I find it inconvenient to leave the forum, even if I know where it goes. Without a description, no chance either way. So if it has a description, you're good ? This link if full of things carlitos loves to read about: http://www.mangle.ca/randomweb/ Originally Posted by carlitos Just checking - are you serious? I shouldn't worry about dodgy-looking links because I can "restore from backup" if I get a virus? Well, mostly serious. Really I am trying learn about how many of you determine what a dodgy-looking link is, and if not following dodgy-looking links is in reality any safer than just clicking on any old link.
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 12:43 PM	#27
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by NoahFence Well, it says the word "exploit" right there, so that would be googled before I go there. Eww... Honestly, this one is just because tinyurl's give me the heebee-jeebies. Ditto URL's that start with a number. "332_TaxHelper.Duh!" I blindly trust everything that I find on Randi.org. Coming from you, I'd trust it, from others, it's probably just harmless self-promotion (9/11 subforum experience) Again, heebee-jeebies So do you consider your methodology any more than 'woo' ? Is it perhaps akin to the rock that keeps away tigers - if I haven't yet clicked on a link that hosed my computer, my system must work ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 01:04 PM	#28
NoahFence Psycho Kitty Join Date: Mar 2011 Location: Patriot Nation Posts: 9,291	Originally Posted by TheL8Elvis So do you consider your methodology any more than 'woo' ? Is it perhaps akin to the rock that keeps away tigers - if I haven't yet clicked on a link that hosed my computer, my system must work ? woo? No. Educated guesses based on experience.
	__________________ Our truest life is when we are in our dreams awake. -Henry David Thoreau

29th January 2013, 01:08 PM	#29
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by NoahFence woo? No. Educated guesses based on experience. I'm not trying to pick on you .. just trying to get to my point ... How do you (or anyone) know your educated guesses are working ? Do you have evidence there is something inherently more dangerous about following an IP address as opposed to a blogspot post, for example ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 01:43 PM	#30
NoahFence Psycho Kitty Join Date: Mar 2011 Location: Patriot Nation Posts: 9,291	Originally Posted by TheL8Elvis I'm not trying to pick on you .. just trying to get to my point ... How do you (or anyone) know your educated guesses are working ? I never get malware or ~~virusis viruii virusez~~ my computer never gets sick. Quote: Do you have evidence there is something inherently more dangerous about following an IP address as opposed to a blogspot post, for example ? Nothing empirical, no.
	__________________ Our truest life is when we are in our dreams awake. -Henry David Thoreau Last edited by NoahFence; 29th January 2013 at 01:45 PM. Reason: spel chek

29th January 2013, 02:20 PM	#31
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by NoahFence I never get malware or ~~virusis viruii virusez~~ my computer never gets sick. Nothing empirical, no. I generally click on any link, and I don't get malware or viruses either. How do do you know your educated guesses aren't just the same as the famous tiger keeping away rock - ie correlation is not causation.
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 02:21 PM	#32
KoihimeNakamura Creativity Murderer Join Date: Feb 2007 Location: Graham, WA Posts: 6,846	I am very suspicious of IP addresses if I didn't ask for it. As for apps being sandboxed, that does not mean I want to let it crash.
	__________________ Don't mind me.

29th January 2013, 04:02 PM	#33
Paul C. Anagnostopoulos Nap, interrupted. Join Date: Aug 2001 Location: a little toolshed Posts: 18,588	NoScript. ~~ Paul
	__________________ Millions long for immortality who do not know what to do with themselves on a rainy Sunday afternoon. ---Susan Ertz RIP Mr. Skinny

29th January 2013, 04:04 PM	#34
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by KoihimeNakamura I am very suspicious of IP addresses if I didn't ask for it. As for apps being sandboxed, that does not mean I want to let it crash. I don't think I have find any links that I could identify from the url that would crash my browser. I understand there is usually some context around the url/ip - but I think we can probably all agree that unsolicited links in email are generally bad to follow. We can probably even empirically prove that they are more likely to try to do something bad empirically. If an IP address was returned in a search result, would that make it less suspicious ?
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513

29th January 2013, 04:07 PM	#35
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513	Originally Posted by Paul C. Anagnostopoulos NoScript. ~~ Paul Might as well use lynx.
TheL8Elvis Illuminator Join Date: May 2011 Posts: 3,513