[Ipg-smz] The use of URL Shorteners violates security principles
Ken Gagne
kgagne at gamebits.net
Mon Oct 8 17:40:48 UTC 2018
I use URL shorteners for a few reasons. A short link:
* is easier to remember and type, without having to look up the
original, long link.
* is easier for someone to use if seeing it in a presentation or a
hardcopy handout.
* takes up less space in print.
* is better branding.
However, I create my short links with YOURLS[1], an open-source URL
shortener that you install on your own domain — no integration with (or
dependency on) bit.ly, ow.ly, or other third-party services. Some
examples of links I've created in it:
* gamebits.tv/dox: my Computerworld article about removing your profile
from data brokers.
* kgagne.com/moo: my referral code for Moo.com.
I also used YOURLS to create a2.click, a URL shortener with a frontend
that anyone can use — but only if the submitted URLs match my domain
whitelist.
-Ken
On Mon, Oct 8, 2018, at 12:43 PM, Esther Schindler wrote:
> Are they still a thing?
>
> I used to use them because they provided some level of tracking click
> throughs. That went away.>
> I also used to use them back when Twitter counted all the characters
> in a URL as part of its 140. That went away too.>
> I’m not sure when/why anyone wants to use these any more… even before
> the security vulnerabilites.>
>> On Oct 8, 2018, at 9:04 AM, Tom Henderson
>> <thenderson at extremelabs.com> wrote:>>
>> I can give you a long list of ow.ly[2] shortened URLs that will give
>> you a malware dose the size of Cincinnati.>>
>> ONE SINGLE MISTYPED character will send a user into plain hell.
>
> --
> Ipg-smz mailing list
> Ipg-smz at netpress.org
> http://netpress.org/mailman/listinfo/ipg-smz_netpress.org
Links:
1. https://yourls.org/
2. http://ow.ly/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://netpress.org/pipermail/ipg-smz_netpress.org/attachments/20181008/56c6d047/attachment.html>
More information about the Ipg-smz
mailing list