Re: Perplexed - who should I believe?

In article <uzsySoVNGHA.1760@xxxxxxxxxxxxxxxxxxxx>, "Karl Levinson, mvp"
<levinson_k@xxxxxxxxxxxxx> wrote:
I'm an MVP. I've checked out that link and confirmed it goes to =
Microsoft's site. Microsoft's URLs are generally not case sensitive, so =
that even though the letter case may vary in different links posted on =
different pages, they go to the same place. Do note that in web pages =
and HTML-formatted emails and newsgroup postings, there are a variety of =
ways you can have a link that looks like http://www.microsoft.com but =
that actually goes to a different site if you click on the link [instead =
of copying and pasting the link into a web browser].

Karl's correct, but I would still applaud BoaterDave for his concern.

Unless you have a pretty good understanding of URL formats, and the way they
are processed, anything more complex than
http://www.example.com/directoryname/filename.html should be treated as
suspicious.

It's a sad fact that Microsoft have these sesquipedalien links for their
downloads, that look oh-so-similar to the similarly obfuscated links that are
used by phishers to confuse their targets, through public redirectors (Yahoo
is the most frequent example I've seen in the past) and the like. I
understand why this happens - because it's easier for Microsoft to automate -
but it is a mess of code that helps cause the confusion that phishers take
advantage of

It's easier to trust the http://go.microsoft.com/?linkid=4538415 links,
because you can retype those. [Links that you can type into the browser
yourself are much safer than those that you click - there's always the
possibility of a "homograph attack" - something that looks like an 'o', for
instance, but isn't the same code to the computer.]

Does that mean it's safe to trust the http://www.tinyurl.com links? No,
because tinyurl is a public service, that anyone can post a good or bad link
to.

So, BoaterDave, maintain that paranoia and distrust of things you don't
understand - and build up some trust for people who understand more than you.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
23921 57th Ave SE | alun@xxxxxxxxxx
Washington WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
.