Blackhat Academy showed this week that they could circumvent this technology by recognizing the request for the URL was coming from Facebook, and display a different webpage to Facebook, then the actual page being delivered. Here's an example of how this works from PC World:
Blackhat Academy members, provided a live demonstration, which involved posting the URL to a JPEG file on a wall.
Facebook crawled the URL and added a thumbnail image to the wall post, however, clicking on its corresponding link actually redirected users to YouTube. This happened because the destination page was able to identify Facebook's original request and served a JPEG file.
"While most major sites that allow link submission are vulnerable to this method, sites including Websense, Google+ and Facebook make the requests easily identifiable," the Blackhat Academy hackers said.
"These sites send an initial request to the link in order to store a mirror thumbnail of the image, or a snapshot of the website being linked to. In doing so, many use a custom user agent, or have IP addresses that resolve to a consistent domain name," they explained.
Looks like Facebook is going to have to do a little work to hide the fact that these request for categorization are coming from Facebook, if they want the true value of URL filtering.
Posts
No comments:
Post a Comment