I’ve been sounding the alarm for quite awhile about URL shorteners. I understand what their purpose is, but I think that with Twitter having longer limits now, and Mastodon not caring about URL’s as they don’t count toward limits from what I’ve read, it is about time I honestly say that it is time to say good-bye to these services.
The reason why I don’t want to go that far is because it can be useful. Let’s take Shaun’s Blind VMS page. I set up a redirect on this domain to the blog page that talks about what this is.
So, if you go to blindvms.jaredrimer.net, it goes to the longer technology.jaredrimer.net blog page which is linked within our blog roll.
But I also see a benefit to URL shorteners. Let’s say that you are sending a link to a zoom conference. The url looks something like http://us02.zoom.us/link/string or maybe something similar. I’m not using any active links as that’ll give you access to any scheduled or ongoing meeting. But for all intense and purposes, that URL is lengthy, and so you use a trusted service to send this link to your email list or text buddies to join you.
The article in question does not to my knowledge indicate what .us pages are out there causing trouble, but we know of several legitimate URL shorteners.
Problem with these, is that they can also be abused. I’ve seen bit.ly and cutt.us and others abused in spam.
I’d try and use one where you can look where it is redirecting. Cuttly does, when you go to its option to turn on the preview mode, the URL will show you where its going.
I’d frankly like to see you use one where you can see how many times it’s been visited as well as report it for abuse right then and there and I’ve used one. I don’t remember now what its called, but cuttly seems to be the one where you can send abuse reports and they ask what for. No contact info is asked for when reporting URL’s.
You see a lot of spam use these, at least in my forms they’ve been there.
Bitly is one of the most popular ones out there, but it doesn’t stop there.
Infoblox says it’s unclear how the phishing and malware landing pages tied to this service are being initially promoted, although they suspect it is mainly through scams targeting people on their phones via SMS. A new report says the company mapped the contours of this link shortening service thanks in part to pseudo-random patterns in the short domains, which all appear on the surface to be a meaningless jumble of letters and numbers.
Also,
Infoblox determined that until May 2023, domains ending in .info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “Prolific Puma.” Since then, they found that whoever is responsible for running the service has used .US for approximately 55 percent of the total domains created, with several dozen new malicious .US domains registered daily.
I know of one company who found me and continues to call me and now texts to get me to bite in their services. I’ve blogged about the company.
Suffice it to say, we really don’t know who is behind the keyboard when they use URL shorteners. This is why I use shorteners on my domain and I let you see exactly where you’re going. I have control over it, nobody can create from it, and I can kill it if it isn’t needed anymore.
There’s more. Brian Krebs does a great job with this one. .US Harbors Prolific Malicious Link Shortening Service is the article and I think you should check it out.
Without knowledge of what is going on in the industry, we’re never going to improve, and if scams and phishing use these and you aren’t aware, you will get burned. I want to make ure you’re aware of it, so we post these things.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.
I agree.
Couldn’t do without my shortners for blindvms, google classic and a few other services.
However shorteners have their place.
They are quite spammable sadly.
I mean there are uses and there are other uses.
For example cutt.us/gmailweb and cutt.us/blindvms go to those places and I may have a couple more I forget.
I don’t technically produce blindvms anymore but I am loathed to state I am perminantly shutting it down.
I just don’t have a direction for it.
I am unsure what will happen with google after next year when web services which I find snappier than the other interface finally goes but I plan to use that service till it goes.
I use it for spam management and for email I don’t need to see so yeah there is that.
However you shouldn’t need to shorten everything either.
If you actually have a long link to something perminant like for example that file on cloud storage or that shared folder shared to those in it or something like that or something like a long winded rss url then sure.
But you shouldn’t use it stupidly.
Unsure how we combat that.
Shortened anything is good for all sides and all sides should be underlined and circled in ultravilot here.
Remember the net mirrors real world to an extent and gets more real every day.
Treat the net as you would a mega super citty.
In a city there are shops, houses and most of the time good people.
All of it has chrime to, and an underground and just like the real world the police resources are stretched thin.
The major difference is there are no hotels anywhere.
Sleep never happens.
There is no weather or rather its never dark or light or wet or windy or anything online it just is.
You also don’t have to be any form or shape either.
You don’t die but you don’t eat either.
So the net runs while you sleep.
That means its not stopping for any user anywhere.
And if its to be believed where us users are is just the shore of the beach.
There are areas deeper than even the chriminals go, I mean we have read all the super ai appocolipse stories and things from neuromancer to the matrix.
And while these were just stories we aren’t really that far from the next leap.
Just yesterday a security patroll of redmondmag had an article warning about quantom computer attacks.
Remember when the cloud appeared back in 2002 and now we can’t live without it.
Remember when the first home computers appeared.
Well the next units will be smaller and more of them.
Who knows maybe in the next little while but not tto long glasses eyes, things will be electronic.
Maybe eventually we will all be borg.
However remember the human personality is not logical or straight forward.
So yeah everything has their place and be carefull is all.