Tag Archive for ‘URL Shortening’

tr.im to Discontinue Service ➝

My URL shortener of choice, tr.im, is discontinuing its service. The API will continue to operate until further notice and all tr.im URLs will continue to work until the end of the year.

tr.im’s blog says that Nambu Network (tr.im’s parent company) had contacted several “people within the Twitter development world” and no one wanted to purchase the service. Also saying that “users will not pay for URL shortening,” because of this it just didn’t make sense for them to continue putting time and effort into the service.

Update 8/12/09: Yesterday tr.im announced on their blog that due to the overwhelming response from their discontinuance they have decided to re-open the service. This is good news but after announcing that they would close, why would anyone use them again?

Update 8/14/09: In hopes of keeping shortened links relevant, even after their service shuts down, 301Works is going to be opening sometime in the next week and will essentially host a database of shortened URLs and their longer counterparts. With this, even if the URL shortening service goes away users will still be able to find out what the shortened URLs are pointing to. TechCrunch‘s MG Siegler has a fantastic piece explaining how it will work.

Update 8/17/09: tr.im has announced that they are going to become “community owned.” It’s a little confusing and I’m still unsure how a “community” can own a domain name but if you are interested you can read tr.im’s blog post regarding the move.

Another interesting part of the blog post took a hit at the “journalists” who covered the shut down story, specifically mentioning TechCrunch as being part of the misinformation machine.

I wish outfits such as TechCrunch, which wrote five (5) articles last week regarding the tr.im shutdown (more than anyone else), could have taken 5 minutes to call us rather than simply repeat vertbatim what bit.ly/twitter feeds them, which they seemed to do regarding this story. Their misinformation machine created a lot of misunderstanding among users and other stakeholders not immersed in the technology, impeding progress. Hopefully that can change going forward.

The Insecurity of URL Shortening

If you are reading this blog you probably know what URL shortening is, but for those of you who don’t (and that’s okay) it is a service that takes a normal URL and shortens it (pretty simple huh?). Lately there has been a lot of talk about URL shortening and the possible security issues regarding it.

The first (and sometimes only) reason I hear when I ask about the insecurity of URL shortening services is the possibility that someone would post a shortened link that points to a malicious website. Obviously no one would click on this link if they could see the URL it is pointing to but adding that extra layer of the URL shortening service increases the chances that someone would clicking that link. But, if you are careful you can still be relatively safe.

I don’t know about all of you but I don’t click on shortened URLs unless they are either in an email or in a tweet, and they must be posted by someone I either know or trust. I don’t go around clicking on shortened URLs willy nilly, and neither should you. In fact when it comes to email you probably shouldn’t click on them at all, unless you were expecting to get a link from the person that sent it to you.

The other reason that seems to crop up often is the idea that someone would send you a shortened URL that is hiding an affiliate link. Affiliate links are great ways to make money but some people get a little upset when they are “tricked” into buying a product through an affiliate link that doesn’t appear as one. The fact is, if you purchased something through someones link they probably should get a kick back for it, for all intents and purposes they convinced you to buy something so why not let them have a commission for that sale? The worry that these complainers have is that the person posting the shortened affiliate link would lie about the quality or features of the product in an effort to convince you to buy it. But, we are all adults (last time I knew you had to be an adult to get a credit card, which is necessary to purchase something online), why can’t we take responsibility for our own purchases? Do your research before you buy anything online and make sure you are getting opinions about it from a reputable source, affiliate link or not. A lot of people using affiliate links give their honest and true opinon (but let’s not get into that can of worms).

The best thing you can do to keep yourself safe when clicking on shortened URLs is to only click on them if the person who posted them is trusted, and don’t click on them if there isn’t any good reason for the link to be shortened in the first place, Twitter’s character limit is a good reason to shorten a URL, there isn’t any reason anyone should shorten URLs posted on a forum or on a social bookmarking site.

The two things that make my suggestion a little more difficult to completely trust in is the possibility that the trusted person’s account or the URL shortening service itself is compromised. This poses a much more serious problem but unfortunately the only thing you can do to keep yourself safe from those situations (that is if you want to continue using shortened URLs) is to use up to date software.

But there are a couple of things that services like Twitter can do to keep you safe from shortened URLs pointing to malicious websites. Twitter could unshorten URLs sent to the service and only keep them short for users that receive tweets via SMS where there are character limits . Twitter could also build its own URL shortening service that would (seemingly) be much harder to hack than a smaller “rinky-dink” URL shortening service that might not have security on its mind as much as Twitter does. An unintended (but fantastic) consequence of Twitter implementing any of these suggestions would be that if a URL shortening service ever fails or ceases to exist the links would still work, because Twitter would have saved them in their database as unshortend versions.

But, no matter what anyone does URL shortening services will always be the subject of scrutiny by the security conscious. There is always a trade off of security for the sake of convenience, so if you want to continue using shortened URLs you will have to deal with a little bit of risk.