Twitter changing links system to fight malware

9 Jun 2010

In dual move aimed at both defeating malware and phishing, and at the same time better enable sharing by automatically shortening links, Twitter has revealed it is testing a new linking system that will roll out to all users this summer.

In a blog posting, Twitter’s Sean Garrett explained that since March, the company has been routing links within direct messages through its link service to detect, intercept and prevent the spread of malware, phishing and other dangers.

“Any link shared in a Direct Message has been wrapped with a URL. Links reported to us as malicious are blacklisted, and we present users with a page that warns them of potentially malicious content if they click blacklisted links. We want users to have this benefit on all tweets.

“Additionally, as we mentioned at our Chirp developer conference in April, if you want to share a link through Twitter, there currently isn’t a way to automatically shorten it and we want to fix this. It should be easy for people to share shortened links from the Tweet box on,” Garrett said.

He said that the new system is being trialled internally by Twitter employees.

“When this is rolled out more broadly to users this summer, all links shared on or third-party apps will be wrapped with a URL. A really long link such as might be wrapped as for display on SMS, but it could be displayed to web or application users as or as the whole URL or page title.

“Ultimately, we want to display links in a way that removes the obscurity of shortened link and lets you know where a link will take you.

“In addition to a better user experience and increased safety, routing links through this service will eventually contribute to the metrics behind our Promoted Tweets platform and provide an important quality signal for our Resonance algorithm — the way we determine if a Tweet is relevant and interesting to users. We are also looking to provide services that make use of this data, an example would be analytics within our eventual commercial accounts service,” Garrett said.

He said that developers who create applications on the Twitter platform can begin to prepare for this service.

“They will be able to choose how to display the wrapped links in a manner that is most useful, informative and appropriate for a given device or application. Our first step is a small one. We’re rolling out wrapped links on a handful of accounts, including @TwitterAPI, @rsarver, and @raffi, to help developers test their code. Ultimately, every link on Twitter will be wrapped,” Garrett said.

By John Kennedy

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years