The shortened url straw men of doom
Bastardizing the Drake equation, if only a fraction of the people using twitter used it to send urls to each other, and only a fraction of those urls were artificially shortened by a url shortener, and only a fraction of those shortened urls were actually hyperlinks to Rick Astley’s Never Gonna Give You Up, and only a fraction of those Rick Astley hyperlinks were in fact not to Rick Astley videos, but instead phishing attack hyperlinks to Mills On The Hill Fish and Tackle Shop in New Market, MD, hosted on a RedHat 5 server at a local Mom and Pop ISP compromised and hardened by multiple attackers over the years but now serving free embedded javascript with every page inserting iframes from choose-your-own-nationalist- conspiracy-theory-ok-chinese-attackers, and only a fraction of the twitter users likely to find such links by searching for hashtags actually click on them, the Internet as we know it would come to a screetching halt, please can’t someone do something about these urls shorteners?
Still with me?
Some of these arguments are very good, and thorough. Or at least thorough. Oops, I mean thorough. Most are echos of As Web communication shrinks, so do links, by Rachel Metz at the AP.
Sorry, skip the foolish advertising business model of free dull razor blades, with every cut sponsored by Punch The Monkey and jump to the existing url shortening sites that are trying to reduce the risk posed by our straw man.
Preview images sound cute, I’ve never used them. I could preview a thumbnailed malicous pdf for you, would that help?
Auto-unshorteners sound neat too and I’ve seen twitter clients that use their API’s to some success, but they are just that – secondary services that some clients have.
New shorteners like safe.mn do more, but how much more? I was able to validate that safe.mn refused to shorten an old link in my spam quarantine, but not a new one.
How safe is safe enough? Does our straw man actually have a brain? How much protection does the culture of associative trust so prevalent on twitter reduce the risk that a given shortened url will actually be evil?
It won’t be the next link you get from a new follow consistent with their posting history about that-thing-for-which-you-followed-them that gets you. It will be the next #amazonfail meme. It will be thousands of opportunistic spam accounts bubbling up a Trending Topic with helpful links. Or it will be innocent meme followers, linking to their blog hosted on the same server as Mills On The Hill Fish and Tackle Shop, or, etc.
Hyperlinks never had any trustworthiness. URL shorteners seem like a great opportunity to add trustworthiness. Is anyone going that direction? Safe.mn seems to be heading in the right direction, but they make some bold claims.