Tuesday, March 12, 2013

lnk.shrtnrs (Link Shorteners) and Safety

   Recently I was speaking with a group about online safety.  Keeping to the basics, we discussed two main sources of problems: passwords and clicking on links.  I've discussed passwords a number of times here, here, here and here.

   One great way to avoid problems online is simply to not click on links!  Of course, that would probably render the web all but useless to you (well... I guess you could just type in url's but that would get old very quickly).  You probably followed a link to get to this post.  Actually, you probably followed a shortened link to get to this post.

   Among the problems with links is that the destination does not necessarily correspond to the site listed in the text or image of the link.  One way to check this is to hover your mouse pointer over the link and see what url is displayed in the browser status bar.  That works in many situations, however some links point to Content Delivery Networks (CDNs) or otherwise redirect through unrecognized sites.  That may or may not be a problem.

   That's tough enough to decipher.  But over the past decade link shortening has grown in popularity.  This predates micro-blogging sites like twitter, though the 140 character twitter limit drove adoption.  Hovering over a shortened link shows only the shortened destination, not the final destination site.

   So, what can we do about it?  I have 3 methods we can use to help:
  • Use features of the url shortener to show the destination link.  That definitely works, however each shortener uses a different method including: prepending "preview" or "peek", or appending a character like +, - or ?.  Here is a great blog post that covers these in depth.
  • Use a browser plug-in or extension that expands shortened urls like Long URL Please or LongURL.  These expand shortened URLs either inline or when you hover your mouse pointer over the link.
  • Consider the source - twitter vets shortened url's but most sites do not.  Here is a, somewhat geeky, post about URL shortener service security.

   Do you use shortened links?  How?  And what else can you do to check the safety of shortened links before clicking?

No comments:

Post a Comment