Finjan's new Secure Twitter is a way to keep Twitter users safe from the rash of malware that has been targeting the social networking phenomenon of late.
Social networking threats can come from a number of areas, including shortened URLs -- often used to make it easier to exchange links in short message services like Twitter and Facebook.
Kaspersky Lab's Viruslist.com, on its blog this month, unveiled the results of a short service study it did for URLs posted on Twitter: Bit.ly is the runaway Twitter share leader with 53.75 percent of all links shortened on the site, followed by tinyurl.com with 7.55 percent.
Writes Viruslist.com: ""What's really worth noticing is that more than half of the URLs being tweeted every day are hosted by a single service, bit.ly. But with great power comes great responsibility—if this service got compromised, that would mean more than half of the URLs circulating every day on Twitter would be compromised."
On Twitter, for example, links and "retweets" can go viral literally within minutes. Count on the security labs paying more attention to this. Unfortunately, so will the hackers and malware guys.
Although Finjan is best known for its secure Web gate solutions for the enterprise market, it has made SecureTwitter available as a free download for the public.
SecureTwitter is essentially a feature of Finjan SecureBrowsing, a security extension for Internet Explorer and Firefox that has been around for a couple of years. SecureBrowsing/SecureTwitter scans and classifies Web addresses, providing a safety rating for URLs before a user actually clicks on them.
Using this methodology, Finjan SecureTwitter provides a safety rating for a URL displayed in a browser. There are three ratings: Safe, Unsafe and Not Scanned. Because most of the malware tainting social networking sites consists of malicious URLs, it is an ideal solution for combating Twitter malware as so many Tweets contain embedded links.
Secure Twitter is useful and worthy, but we ran into issues testing it. The problem with this plug-in was that reviewers could not get it working in Internet Explorer 7.0.
First, system requirements were checked. Per Finjan's Secure-Browsing Web site, Internet Explorer 6.0 and 7.0 are supported as well as Windows XP SP 2. The plug-in was tested on supported software. Check.
But after installation, the Finjan toolbar was not visible. That was easily remedied by enabling the Finjan toolbar in "Manage Add-Ons" in Internet Explorer's settings.
After restarting the browser, SecureTwitter did no noticeable scanning and gave no ratings on any URLs. In Twitter, in Gmail, in fact on any site tested, the software remained inactive.
Per Finjan support, IE had to be reset to all default security settings and default zones. Doing this still did not get the plug-in to work. If that method is the only way to get the product to work properly, it's potentially a real hassle for any IE user who has painstakingly customized the IE settings.
In contrast, SecureTwitter worked superbly in Firefox 3.0.11. Logging into Twitter, SecureTwitter analyzed and quickly rated all embedded URLs in Tweets displayed in the browser. While reviewers can't at this point recommend SecureTwitter for IE, it gets a good recommendation for users on Firefox.
SecureTwitter, for all its good intent, seems to be a way of repackaging SecureBrowsing. There does not seem to be any re-engineering of the product. Also, the Web site cited in Finjan's press release about SecureTwitter, securebrowsing.finjan.com, lists supported products as dated as Windows 2000 and Firefox 2.0. No mention of Firefox 3.0 or Windows Vista, for that matter.
If Finjan can work out the kinks with IE and get the plug-in to work as effortlessly as it does in Firefox, it will be a valuable added layer of security for users on social networking sites. In the meantime, at least it's free.
COMMUNITY: Connect with the Test Center at Community.CRN.com
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
