By David Coursey
December 15, 2009

Maybe it started as a joke, “What the world needs is another URL shortening service!” said as though we didn’t have enough already. Then, someone at Google heard the joke, took it seriously, committed $$$, and out popped Goo.gl.

Yes, another URL shortener, just what the world needs! Put another way: What won’t Google do to a) put its name on something and b) gather more information about users?

For now, Goo.gl works only with Google applications, where it shortens URLs for Google’s Feedburner and from the Google browser toolbar. The service cannot be accessed directly by users from a browser.

Entering the goo.gl address calls up the following:
“Google URL Shortener at goo.gl is a service that takes long URLs and squeezes them into fewer characters to make a link that is easier to share, tweet, or email to friends.”

Actually, whether the service really is at goo.gl is hard to say, since there is no public user interface–all we see is a Web page that also states the Mom-and-Apple-Pie goals for the service:

“Stability, ensuring that the service has very good uptime; security, protecting users from malware and phishing pages; and speed, fast resolution of short URLs.”

The Google Official Blog post that announced the service Monday afternoon offers a tad more detail.

“People share a lot of links online,” wrote Googlers Muthu Muthusrinivasan, Ben D’Angelo, and Devin Mullins. “This is particularly true as microblogging services such as Twitter have grown in popularity.

“If you’re not familiar with them, URL shorteners basically squeeze a long URL into fewer characters to make it easier to share with others. With character limits in tweets, status updates and other modes of short form publishing, a shorter URL leaves more room to say what’s on your mind – and that’s why people use them.”

The Google URL Shortener immediately competes with services including TinyURL, Bit.ly, and a host of others. Each generates a unique shortened URL, such as http://bit.ly/5jTKbh when I submitted http://googleblog.blogspot.com/2009/12/making-urls-shorter-for-google-toolbar.html (the address for the Google blog post) to the bit.ly service for shortening.

When the user clicks on the shortened URL, the shortening server must resolve the URL, match it to the original and longer URL, and then redirect the browser to that site.

I am not aware of any huge problems with the existing shortening services, but letting Google handle URL shortening for some of its customers’ needs probably makes sense.

(Google recently got into the public DNS business as well, another necessary Internet service).

So, while the world doesn’t need a new URL shortener, we may someday be happy Google started offering one as the need for such services continues to grow. If nothing else, the goo.gl URLs will be a constant reminder of the company gives us goodies.

BTW–If you are wondering about the domain name: GL is the country code top-level domain (ccTLD) for Greenland, that patch of glaciers (and a little soil) up past Canada on the way to Iceland, which is less icy and more green than Greenland. (The .ly in Bit.ly is the ccTLD for Libya).

IT security and data protection firm Sophos has published its report on the latest trends in spam, revealing the top twelve spam-relaying countries for the second quarter of 2009. By scanning all spam messages caught in SophosLabs‘ global network of spam traps, researchers have identified the top ‘Dirty Dozen’ spam relaying nations between April and June this year.

During the second quarter of 2009, the USA continued to relay more spam than any other country – the nation’s 15.6% contribution to global spam traffic meaning that more than one in six junk e-mails were sent through compromised computers in the country.  In contrast, Russia, a former spam super-power, continues to fall down the ranks.

Russia currently resides at ninth position in the chart, relaying a mere 3.2% of spam messages.  This represents a significant reduction compared to the same time last year when the country came second only to the United States and was responsible for relaying 7.5%of all spam e-mails.

Poland has seen the biggest single increase in spam output since the last quarter, moving up from tenth to sixth place in this global ‘hall of shame’, with the country now responsible for relaying 4.2% of all the world’s electronic junk messages.  Colombia is the only nation to have left the ‘Dirty Dozen’ since Q1 2009, with Vietnam a new entry this quarter.

The top twelve countries responsible for relaying spam across the globe between April and June 2009 are as follows:

“Barack Obama’s recent speech on cybersecurity emphasised the threat posed by overseas criminals and enemy states, but these figures prove that there is a significant problem in his own back yard. If America could clean up its compromised PCs, it would be a considerable benefit to everyone around the world who uses the net,” said Graham Cluley, senior technology consultant for Sophos.  ”All Web users need to properly defend their computers from attack, and pledge to never act upon spam messages.”

Spammers exploiting new vectors of attack
Over the past year, the booming popularity of social networking – in particular, micro-blogging service Twitter – has driven growth in services such as TinyURL, bit.ly and is.gd.  The services are used to create conveniently shortened links that re-direct to Web pages with lengthier URLs.  This is being exploited by hackers that will use the services to obscure links to offensive material or malicious Web sites, and then distribute the links in spam e-mails, as well as posting them on Twitter and other networks.

Earlier this year, link-shortening service Cligs was attacked by hackers, who redirected links created with the service to a single site of their choice – demonstrating how unsuspecting Web users can find themselves visiting unexpected Web sites when clicking on shortened links.  As social networking and related online services continue to grow in popularity, Sophos experts note that poorly protected computer users could become more vulnerable to a wider range of spam attacks.

“Clearly the problem isn’t going away, as is illustrated by the large number of sprawling spam campaigns we see on a daily basis,” continued Cluley.  ”Although it may seem encouraging to see reductions in the volume of spam that certain countries are contributing, authorities, ISPs and home users across the world need to be doing more to crack down on the spam problem.”

Spam relayed by continent, April-June 2009
Overall by continent, Asia continues to be the biggest offender.  Almost a third of spam message originated in the region for the second quarter of 2009, with the nations of South Korea and China being the biggest contributors.

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their e-mail and Web gateways to defend against viruses and spam.

It finally happened to Twitter.

Spammers really ride on the latest trend, and just recently they have turned their attention to micro-blogs such as Twitter. As everyone logs in to Twitter, spammers too, log on to tweet– this time about various weight-loss products/drugs and other tidbits on how to lose weight.

Capitalizing on people’s obsession over the topic of weight, spammers infiltrate users’ accounts to post messages with links connecting to weight-loss drugs. Spam tweets even use TinyURL so that their posts look like the usual harmless tweets, only to redirect victims to spam sites.

According to the Trend Micro Malware Blog, “Hacked Twitter accounts are being used to post messages that promote weight-loss drugs. The messages vary in the stated text, but generally states the same message and are all followed by a link that leads to websites where the drugs are being sold. Searches through Twitter for “$5 acai” yields the posts of users whose accounts were hacked.”

Trend Micro‘s Smart Protection Network blocks these sorts of spams and keeps you safe against these cybercriminals. Trend Micro leverages patent-pending technology to correlate the threat data gathered through a network of proactive e-mail, Web, and file reputation technologies, Web Crawlers, honeypots and global threat sensors of customers, partners, and threat research and support centers to combat even the most sophisticated sequential and blended threats. Built-in feedback loops and communication between Trend Micro products and services ensure automatic and immediate protection against the latest threats and provide “better together” security-much like the neighborhood watch crime-fighting systems that exist today in many communities.