Shmatikov: Short URLs produced by bit.ly, goo.gl, and similar services are so short that they can be scanned by brute force. He says a large number of Microsoft OneDrive accounts with private documents are unlocked and allow anyone to inject malware that will be automatically downloaded to users devices. The actual, long URLs are thus effectively public and can be discovered by anyone with a little patience and a few machines at her disposal, he says. He also says many driving directions reveal sensitive information for identifiable individuals, including their visits to specialized medical facilities and prisons.”]

