TinyURL

**crokett** · 03-26-2007, 09:04 AM

Exploits like that are why I've stopped doing online banking at home.

Also why I don't click links that go through tinyurl or other forwarding services. And why I gave my wife a class on safe browsing practices.

**Black wallnut** · 03-26-2007, 12:11 PM

I've never used tinyURL and doubt its' usefullness. Thinking it is just as easy to create true hyperlinks regardless of forum software.

**sacherjj** · 03-26-2007, 01:42 PM

On many of the "geek" forums, it was a sport to post sites to places that you really don't want to load in your monitor. One site went as far as putting the domain name to the side of the link like this[domain.com]. I would rather have a link that I can right click and copy, if I am unsure about where it goes.

**linear** · 03-26-2007, 05:06 PM

I wouldn't touch a tinyurl link. The problem is, one of the most respected security researchers out there (Bruce Schneier) uses them pretty extensively on his blog.

I deal with this stuff for a living, and that SecureWorks gozi writeup (I had read it and discussed it with my staff a couple weeks back) sent a chill down my spine.

There's a lot of ugliness going on right now on the web. I'd rather not dwell on that here.

**leehljp** · 03-26-2007, 05:21 PM

Not needed on BT3Central

Quick Question for the WiseMen among us. Below is the way that I make short URLs. Is it just as bad or is it different from "TinyURLs"?

You can accomplish the same thing with this:

[-URL="replace this with your URL"]Click here![/URL]
It works like Tiny URLS and works on many forums.

EXAMPLE:

Click here for a link to the BT3Central Home page.
Below is the way it looks except that I have added a minus sign at the beginning to keep it from activating.
[-url="http://www.bt3central.com/index.php"]Click here[/url]

**dlminehart** · 03-26-2007, 05:40 PM

TinyURL has addressed this problem with a Preview option. When you generate the tiny URL, you have to option of linking to a "preview" page, that produces a result like this:

Preview of TinyURL.com/284y5g

This TinyURL redirects to:
http://www.bt3central.com/showthread.php?t=28
735
Proceed to this site.

So, the user can see the actual expanded URL and decide whether to continue on to it. Seems much safer.

**linear** · 03-26-2007, 08:44 PM

Originally posted by leehljp

Click here for a link to the BT3Central Home page.
Below is the way it looks except that I have added a minus sign at the beginning to keep it from activating.
[-url="http://www.bt3central.com/index.php"]Click here[/url]

Hank,

The difference here is that if you hover your mouse over yours, it shows exactly where you land if you click.

Having said that, there are ways to fake that as well, so by no means is it "safe" to believe what shows up in the status line. But reasonable browser settings (like not executing scripts from domains you don't trust) goes a long way toward fixing that.

Firefox users with the NoScript extension should fear very few links.

**bmyers** · 03-27-2007, 09:02 AM

I never understood why it's so important to have a tinyurl. It's not like I have to type in URLs that are referenced by someone else. I click on the blue link. I could click on a long one or a short one and it would take no more time or effort on my part. It's just a click.

Who cares how long the url is? What are we saving electrons or something using a shorter URL?

"Free" internet services, almost always, are not "free" and come with baggage.

Bill

**DaveW** · 03-27-2007, 09:25 AM

Originally posted by dlminehart

TinyURL has addressed this problem with a Preview option. When you generate the tiny URL, you have to option of linking to a "preview" page, that produces a result like this:

Preview of TinyURL.com/284y5g

This TinyURL redirects to:
http://www.bt3central.com/showthread.php?t=28
735
Proceed to this site.

So, the user can see the actual expanded URL and decide whether to continue on to it. Seems much safer.

I didn't know about that, and that's a good thing that TinyURL is now offering. The problem is that it's not turned on by default, and if I had never heard of TinyURL before, I wouldn't know to go to the top-level URL to enable that feature.

**DaveW** · 03-27-2007, 09:28 AM

Originally posted by linear

Firefox users with the NoScript extension should fear very few links.

Again, a good thing to use (I use it too), but that wouldn't protect you against an unpatched Firefox vulnerability - those do exist unfortunately and could be masked by the TinyURLs...

**DaveW** · 03-27-2007, 09:31 AM

Originally posted by bmyers

I never understood why it's so important to have a tinyurl. It's not like I have to type in URLs that are referenced by someone else. I click on the blue link. I could click on a long one or a short one and it would take no more time or effort on my part. It's just a click.

Who cares how long the url is? What are we saving electrons or something using a shorter URL?

"Free" internet services, almost always, are not "free" and come with baggage.

Bill

I think the reason a lot of people use it is because of how older forum software would show the entire URL, and if the person made a long post, now the page was as wide as the long URL, which if you had a small monitor, could be annoying because you now have to scroll both sideways as well as vertically. That's why I originally mentioned how vBulleting shortens URLs automatically.

**LarryG** · 03-27-2007, 09:33 AM

Originally posted by bmyers

I never understood why it's so important to have a tinyurl.

The first time I encounted shortened links was in email, where they do have real usefulness. Many email clients break long URLs across multiple lines, so that a very long link comes out looking like this:

http://www.amazon.com/b/ref=amb_link...102-5685629-76
89715?ie=UTF8&node=228416&pf_rd_m=ATVPDKIKX0DER&pf _rd_s=cent
er-3&pf_rd_r=1Z8C9S9TEJK37703RBM0&pf_rd_t=101&pf_rd_p =23710870
1&pf_rd_i=228239

The first line appears clickable, in fact it IS clickable, but it'll get you nowhere since the rest of the link has been broken off onto separate lines, each terminated by a carriage return. If you want to go to the referenced page, you have to laboriously copy-and-paste it back together.

Of course when you consider the questionable nature of so much email, in many cases it's just as well that some links DO get hosed, so the unwary will not click thru and get themselves into deep doo-doo ...

**DaveW** · 03-27-2007, 09:38 AM

Everyone,

I would like to take a moment to thank everyone for participating in this discussion. I deal with computers day in and day out, and hate the dangers of the net. And normally, I wouldn't bring in a discussion like that to Bt3 since this site is about R&R for me, but I try to look at posts like these as (a) a service of awareness if nothing else and (b) making me feel better about the state of the net users since the poll responses remind me that not everyone's as dumb as I fear when I read the stats on sites like Security Fix!

**Ed62** · 03-27-2007, 07:40 PM

Thanks for starting this thread. I never took into account that the tiny URLs might lead to somewhere I might not want to go. It's a pity people can't be trusted.

Ed

TinyURL

TinyURL

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Footer Ad