Those stupid miniaturized urls...
Eric Hertz wrote 05/27/2016 at 05:20 • 0 pointsYou know what I'm talking about, they look like sdf.ze/3f5xy
A) I HATE their existence. Sorry.
i) Didn't anyone learn anything about clicking untrusted URLs back in the heyday of virii and malware?
B) What the heck are they referred-to-as?
C) Is there such thing as a way to look up where they redirect to without actually *clicking* them? (Maybe a firefox extension?)
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.
URL shorteners allow whoever post them to track the clicker, for marketing purposes.
Are you sure? yes | no
Now, there are extensions for this, but mostly, they don't work. I have seen "unshortener" API's, so making a *nice* browser extension is not a bad idea.
Are you sure? yes | no
The most reasonable use I've seen is in printed materials. It allows a website to be shortened to something that a person can write down and enter in a browser later without much risk of a error.
My wife is a teacher who often times gives out my lesson plans/materials to other teachers using these urls. Many of the people she deals with would have a hard time going to her website and then finding the correct information. Giving them the entire url is a bit much and would decrease the chances of them actually viewing the material.
Are you sure? yes | no
Interesting point... I can see the printed/verbal communication of an URL being much simplified by something like this.
Seems they're here to stay.
Are you sure? yes | no
There is no reason for their existence outside of silly artificial arbitrary length limits like twitter. I pretty much ignore people that post them as they are asking for a lot of blind trust.
Are you sure? yes | no
Agreed. And yet you see 'em on regular ol' sites, as well! And length-limits seems strange to me... Twitz came around long after hypertext was well-established. Most of the time people write a description *then* one of those links... Which is *exactly* what <a href=... is all about. Stupid internet these days, half the time it's like they forgot what hypertext is all about, and the other half the time it's like they're trying to write an application for something that needn't be any more complex than a static page. Tiring :/
Stupid computers too, acting like single-button mice and At Ease is what a generation who grew up with three buttons and scroll, customized menus, etc. etc. etc. want to grow into... Tiring :/
Are you sure? yes | no
When an URL looks like this a url shortener might have a valid usage case, but it would of course be nicer if the site had their own shortener that gave me something like my.element14,com/lnk/Oei2trU3 when I click a get-link button on the page...
http,://my,element14,com/webapp/wcs/stores/servlet/Search?catalogId=15001&langId=83&storeId=10188&categoryId=800000029008&mf=100025,100050,100066,100272,100382,100631,101126,142500&showResults=true&aa=true&pf=110000269,110030120,110045749,110075261,110141776,110152508,110152555,110152698,110174291,110185324,110455361,110457187,111439590,111439591,111439601... more
Are you sure? yes | no
Good point, as well, but brings up the other question as to whether it's really reasonable that such URLs are as commonly-used as they are... servlets seem to be so common these days, there's basically no way to get to regular-ol' pages just a few months later... The best is when, say, a PDF datasheet has a link to another PDF, and the organization changed their site-layout to servlets since then, or better yet when they've changed from one servlet to another... WEEE! Seriously, is it so hard for them to keep a layout, or at least keep the old layout as an option (like good ol' aliases)?
I get it, though, you're referencing search-results, that's a little bit different. Which leads to another gripe: Google, et. all, with their smart/directed-search-results... There was a time you could say to someone "Google 'xyz', it's the fifth link down" but not anymore! WEEE!
Are you sure? yes | no
That long URL is still better than dynamic ones that you can't post at all because it is tied to your browser session. A long URL can easily be clicked on or copy/paste just as easily on a modern browser. Yes, it looks like the alphabet soup wasn't agreeable.
The problem is that you have no control on the shorten URL. They might expire in a few weeks or months and what was there was lost to others that found the discussion later. It might point to something entirely different or NSFW too. I have seen low life that use shorten URL to point to yet another ad paid URL to get clicks. You would never know.
Are you sure? yes | no
google is your friend. Quite often it is faster than trying to transcribe from phone. Thought we are talking about people POSTING shorten URL..
https://addons.mozilla.org/en-US/firefox/addon/unshortenit/
>Right-click on shortened URLs to discover where they actually lead to and get their safety rating.
http://www.techrepublic.com/blog/it-security/url-shortening-yet-another-security-risk/
There are 35 million google search result on "shorten url security risk"
Are you sure? yes | no
Also, apparently there is a NoRedirect add-on for firefox... which seems a bit ridiculous seeing as how my preferences are explicitly set to Warn About Redirections, but apparently that explicitly ignores 301's, allowing them to go through unnoticed.
https://addons.mozilla.org/en-US/firefox/addon/noredirect/
obviously this stack is the result of a temporary inability to searchify ;)
Thanks @Yann Guidon / YGDES for helping me through that. And giving me some new insight in the process!
Are you sure? yes | no
A: I feel your pain
B: whatever.
C: Thanks for asking this aloud ! (maybe a wget thing would help but user agent sniffing is still alive and used by miscreants to detect security checks)
Are you sure? yes | no
C: In other words, those urls may redirect to different locations depending on the source of the request (e.g. which browser version, plausibly even ... UGH!) Thanks for that new tidbit.
Are you sure? yes | no
Oh, I forgot : malware also sniffs/detect the IP stack, which is implemented differently depending on your OS.
Linux users are usually safer because few security researchers use Windows.
Are you sure? yes | no
LOL "Linux users are usually safer" is utter BS... there are much more dangerous things that can arrive as the directed-result of a request than computer-virii and malware, and those are OS-independent and damned-near impossible to detect without tremendous resources and knowledge most people don't have.
Are you sure? yes | no
I was refering to the relative safety in a specific, documented, limited case, which I saw recently on /. but yes, a safe(r) computer is a computer that does not communicate.
Are you sure? yes | no
ah hah, the wget thing is much easier than I expected, thanks: 'wget --max-redirect=0 <url>'
Are you sure? yes | no
you're welcome :-)
Are you sure? yes | no