Enhancing Link Security

Today Google informed us that some sites stored in people’s BonzoBoxes were are infected with Malware. Because we use a redirection script to track which sites are the most popular on BonzoBox this warning would have appeared when visiting a redirection address on BonzoBox.com, (for example, bonzobox.com/out?u=badsite.com). Even though these warnings appeared there, as far as we are aware BonzoBox.com itself is malware-free.

The number of links affected was very, very, small, (there were five), and they have been removed from BonzoBox.

We have requested that Google review our BonzoBox and expect to be declared clean shortly, (follow @bonzobox on Twitter for more frequent updates).

Lemons to Lemonade

Of course we’ve taken this day of red warning screens and pulled some good out of the bad. All of our links from BonzoBox to other websites are now signed, and they won’t work unless they’re properly signed. This means that it would be extremely difficult for a hacker to create a BonzoBox.com URL that redirects visitors to a nasty website, (the hacker would have to figure out how our signature works, and guess some very long, complicated, secrets, among other things).

Update (May 18): Sometime during the night Google has reviewed BonzoBox and declared us malware-free. No warnings should be displayed.

6 thoughts on “Enhancing Link Security

Leave a Reply

Your email address will not be published. Required fields are marked *