August 21, 2009, 7:41 AM — Twitter has begun using filters to identify and block URLs embedded in tweets that point to Web sites spreading malicious code.
While the company hasn’t made a formal announcement regarding the technology, security experts at Symantec and Trend Micro have blogged about it recently.
The filter, according to Symantec, scans tweets and compares any embedded URLs to a list of known malicious sites. When the filter finds a URL embedded in a tweet that contains a link to a malicious site, a message pops up to inform the user, and then the tweet is automatically deleted.
Considering the number of tweets that are sent on any given day, this is no small task.
Although he applauded Twitter for taking steps to protect users, Zulfikar Ramzan, technical director at Symantec, said Twitter’s filtering technology needs tweaking.
“From my perspective, there are a few issues that need to be worked out,” says Ramzan. “Twitter is likely in the nascent stages of addressing these types of issues and we expect they will try to overcome the associated limitations.”
The folks at Trend Micro appear to agree, as they tested the filter with some Koobface-related URLs and the filter failed to block these.
Linking to malicious sites hasn’t been a huge problem for Twitter, Ramzan adds, and those URLs that do send users to these sites have mostly been from URL-shortening services such as TinyURL.
Do you tweet? Follow me on Twitter here.
