Hiding a Website Inside a URL (and the meaning of sunspots, maybe)

A Norwegian researcher has figured out how to cram an entire website into the URL (actually, URI) — and his colleague points out you can do the same with Java applets. Their application is malicious/phishing sites, but given the popularity of (rather shorter) BitTorrent magnet links, I suspect there are more benign uses too.

Anyway, I spent more time looking at correlations between history and solar activity, and found myself wishing I had the statistical background and time to do a proper analysis.

Simply eyeballing it does suggest something interesting — that sunspot activity and human affinity for order/authority are somewhat proportional.

(Reagan was elected right at the top of a peak in solar activity.)

Conversely, when sunspot count goes down, people seem to care more about democracy and individual freedom. (the Protestant Reformation started during the Spörer [Solar] Minimum.)

BEFORE YOU JUMP TO CONCLUSIONS, do I actually believe that human desires are determined by solar activity? Not so much. Maybe cold winters just bring critical thinking and questioning authority.

Still, this potential correlation gives a testable hypothesis: if everything holds, we should see an increase in authoritarian power (governments, corporations) over the next few years — ending around 2019 — followed by a few decades of power to the people on a level that hasn’t existed since before 1950 (or 1900).

Also, it does turn out that I’m not the first to notice a correlation between human events and solar activity, and some others have studied the phenomena in some depth.

Some links on sunspots if you want to do a proper analysis:
http://wattsupwiththat.com/2008/11/04/a-look-at-the-dow-jones-industrial-average-and-sunspots/ http://phys.org/news160043689.html
http://spaceweather.com/glossary/sunspotnumber.html
https://en.wikipedia.org/wiki/Sp%C3%B6rer_Minimum
https://en.wikipedia.org/wiki/Maunder_Minimum

http://klevjers.com/papers/phishing.pdf
http://nakedsecurity.sophos.com/2012/08/31/phishing-without-a-webpage-researcher-reveals-how-a-link-itself-can-be-malicious/

“The need for a reliable place to host your malicious website has been the bane of phishers for much of the last decade.

But, no longer.

Web browser, courtesy of ShutterstockA researcher at the University of Oslo in Norway says that page-less phishing and other untraceable attacks may be possible, using a tried and true internet communications standard: the uniform resource identifier, or URI. […]

an attacker could create a stand-alone phishing webpage using images and content pinched from a legitimate site, then embedded in the external document. They could then encode the page’s content in Base64 to mask its meaning to the intended victim, and then append the encoded page into a data URI.

The encoded URI will be long and forbidding looking, but assuming it doesn’t exceed the maximum URL length of a browser, it can be rendered. And, Klevjer’s paper points out, the widespread use of URL shortening services makes it easy for the attacker to mask the hefty URL and circulate it to victims via social networks like Twitter and Facebook, or via e-mail and IM.

In his paper, Klevjer was able to shrink a 24,682 character URI representing a Wikipedia login “phishing” page to just 26 characters using a URL shortening service.

Fake Wikipedia page

The intention is that victims who receive the link will click on it, launching their web browser. Every modern browser supports the legacy URI scheme and will render the encoded URI as a page in the victim’s browser. “

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: