In the era of the compressed and ephemeral thoughts, Twitter let us share 140 char long messages and that’s pretty small (and can’t really qualify as a fully-developed thought IMHO).
Given this constraint, people often use URL shorteners such as Bit.ly or Tinyurl.com to makes hyperlinks as short as possible, saving some room for a few words here and there in their tweets.
I don’t question the usefulness of these services in this usage context. However, they introduce a non-desirable property from a security standpoint: opacity. A shortened link is an opaque link. We don’t know where it links to before clicking on it.
security-savvy users often hover their mouse pointers over an hyperlink to see where it leads before deciding whether they should click on it or not. There are even security awareness courses and security best practices that recommend doing so. But this no longer work with shortened links.
There are URL shorteners such as Tinyurl.com and Budurl.com that provide some help to remove the opacity of the links they produce by offering a preview link.
For example, If I were to create a shortened link for my blog on Tinyurl.com:
If I shared this link as (http://preview.tinyurl.com/yd38uvv), you’d see:
But what can one do when they receive a Bit.ly shortened link given that -to my knowledge- there is no easy way to preview where it leads?
FireFox users can install the Bit.ly Preview extension that offers a workaround. It lets you hover a bit.ly link (and even tinyurl.com ones) and see where they lead to:
This extension also works on Google Chrome. But as you can see, it shows only part of the hyperlink if it doesn’t fit in the fixed size and non-configurable IFRAME loaded from Bit.ly. If you want to know more, you have to click on that More Information link. Moreover, it is necessary to have a Bit.ly user account since this extension use a unique API key associated with your account to query Bit.ly.
While offering a workaround, this extension also rises a few questions pertaining to privacy: Is it desirable to let Bit.ly know about the Tinyurl.com link you’ve just hovered your mouse pointer over? What about other links?
Even if I silence my security-conscious mind, I still see no global solution to this tricky problem. The above-mentioned extension only works on FireFox and Google Chrome. Opera, Safari and Internet Explorer are left out. Also, what about the sheer amount of other URL shortening services such as (http://is.gd/) (which lets you preview a shortened link by adding a # to it), (http://ow.ly/) (often used on Twitter, no easy way to preview so far) etc.?
Am I missing something?
