Makers Dev Detecting Malicious Links

I went back on Makers.dev to talk about spinning malicious-link detection out of T.LY, why abuse prevention matters so much in short links, and what I was learning while building Link Shield.

In this episode, we talk about why malicious-link detection became such an important problem inside T.LY, how Link Shield started to emerge as its own product, and what it takes to keep short links trustworthy at scale.

Transcript

Transcript generated from the episode audio and lightly cleaned for readability.

Host: You came back on Makers.dev to talk about a new product idea. What are you building now?

Tim: It grew directly out of running T.LY. One of the hardest parts of operating a URL shortener is stopping phishing and malicious links, so I started breaking that work out into a separate product that other companies could eventually use too.

Host: What does the product do right now?

Tim: The core is simple: you pass in a URL and get back a score that estimates whether it is malicious. The interface is still early, but the API works and I am already using it for T.LY.

Host: How do you even detect whether a URL is malicious?

Tim: Historically I relied on public blocklists and abuse feeds, but those only help after a bad link has already been reported. The newer approach is to inspect the structure of the URL itself, combine that with known-malicious datasets, and use a model to score the risk immediately.

Host: So the goal is to catch bad links before the rest of the internet has flagged them?

Tim: Exactly. A lot of other systems are more like delayed scans. Mine is meant to return an instant score so another app can decide what to do in real time.

Host: Who do you think would pay for something like that?

Tim: Any product that lets users post clickable links: comments, social products, chats, community tools, anything with user-generated content. If users can post links, abuse usually shows up eventually.

Host: We talked about a free plan and a paid plan. What does that look like?

Tim: One idea is to let the free version use an intermediate warning page before the visitor reaches the final destination. Then a paid API plan could skip that splash screen and let companies build the protection directly into their own product flow.

Host: Is this meant to replace T.LY for you, or is it still mostly supporting T.LY?

Tim: Right now it supports T.LY first. It has already helped me catch more malicious links before they spread. But I do think it could become its own product because the problem exists well beyond URL shorteners.

Host: We also talked about growth on T.LY itself. What stage does that business feel like it is in now?

Tim: It feels more like an optimization and awareness problem now. The product works, revenue has grown well, and the next leverage is better onboarding, better conversion, and more marketing support.

Host: So the challenge is not whether you have a viable product. It is what to focus on next.

Tim: That is right. I still like building, but the higher-leverage work now is often around getting the right people into the product and helping them see the value quickly.

Host: Where should people find you?

Tim: T.LY is the main product, I am on Twitter as Tim Leland, and timleland.com is the home for my projects and blog posts.