topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 3:43 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Bit.ly is Harmful to Your Reputation  (Read 28492 times)

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Bit.ly is Harmful to Your Reputation
« on: April 18, 2010, 03:33 PM »
If you tweet links on Twitter, retweet links from other people, or have a website in which someone might tweet a link to it, you are going to want to read this, because this can potentially affect any or all of us and harm our reputations.

It started with me trying to promote DC a little, to a writer on TechCrunch, which lead to a discovery of how Bit.ly blacklists links shortened by other services, adding an interstitial page that calls the target site harmful, malware, a forgery, spam, and phishing.

When the writer retweeted my link I sent to him, DC was flagged as a bad site, just because I choose to use a competing URL shortener and his twitter client automatically shortens all links with bit.ly (whether they need it or not).

I contacted bit.ly about it, attempting to get the flag removed from the DC link, and their response and attitude were quite alarming.

For the full story, read my blog post about the whole thing;


Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #1 on: April 18, 2010, 03:46 PM »
Devils advocate: Outside of a constrained medium like twitter I would consider it right to warn user that they are clicking on masked or obfusticated URLs. It is a very dubious practice, personally I almost never click such hidden links.

But nonetheless you are correct here app, there is no excuse for one url shortening service to flag their competitors as malicious.

[edit] Just noticed that it's a nice ironic twist the the bit.ly link is longer than the original  :D
« Last Edit: April 18, 2010, 03:49 PM by Eóin »

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #2 on: April 18, 2010, 03:48 PM »
Kind of outrageous that they won't unflag it (or don't have the ability to do so) as harmful once notified.

Companies these days seem to pretty much have a careless and carefree attitude these days regarding telling people that other sites are "dangerous" and "harmful" based on almost no justification at all -- pretty outrageous really considering the damage it can do to a site's reputation.  Maybe a few lawsuits will change their mind.

ps. Also, seems like some blame should be laid at the feet of any twitter client that is re-shortening already short urls.
« Last Edit: April 18, 2010, 03:51 PM by mouser »

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #3 on: April 18, 2010, 03:49 PM »
 :deal: I liked your idea about shortening a link to bit.ly with a competing service and then submitting it back to bit.ly to trigger a false positive.

Hoisting someone on their own petard is poetic justice at it's best.

(BTW - remind me never to get you mad at me. )

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #4 on: April 18, 2010, 04:15 PM »
Kind of outrageous that they won't unflag it (or don't have the ability to do so) as harmful once notified.

I would not have gone on the war path with this if they had the right attitude about it and done the right thing.

ps. Also, seems like some blame should be laid at the feet of any twitter client that is re-shortening already short urls.

I have attempted to contact the developers of TweetDeck about this, but so far there has been no response. I also don't know if this issue is limited to just TweetDeck or if it affects any of the million other Twitter clients.

Devils advocate: Outside of a constrained medium like twitter I would consider it right to warn user that they are clicking on masked or obfusticated URLs. It is a very dubious practice, personally I almost never click such hidden links.

There is a big difference between warning the user of masked or obfusticated URLs, offering a preview of the target site, and flat out calling the target a bad site with reputation damaging terms like malware, phishing, forgery, and spam without any proof whatsoever.

(BTW - remind me never to get you mad at me. )

I thought everybody that knows me knew that by now.  :D

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #5 on: April 18, 2010, 04:15 PM »
ps. Also, seems like some blame should be laid at the feet of any twitter client that is re-shortening already short urls.

Out of curiosity - why?

When did everybody get together and agree to bit.ly's arbitrary rule?

Guess I wasn't copied in that memo.  ;D

cthorpe

  • Discount Coordinator
  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 738
  • c++thorpe
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #6 on: April 18, 2010, 07:05 PM »
I just emailed bitly support to request that they stop flagging sites as potentially harmful without cause.  I included the following link as an example of a false positive: http://bit.ly/dj7uk7
« Last Edit: April 18, 2010, 07:07 PM by cthorpe »

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #7 on: April 18, 2010, 11:10 PM »
Rex Dixon, the same guy at bit.ly that gave the lame advice in the email to me, replied to my blog post:

Nice blog post. Well written, but as I tried to explain to you - our policy is not out to harm anyone. In fact it is there to protect our community. There are too many times that a bit.ly url can be used as a cloak to hide a rogue shortened link.

While I tried to explain that our interstitial page was a bit vague, that page is currently under review. Again, our apologies for the inconvenience, but bit.ly is trying to protect the overall community from rogue short links. We understand the frustration, and hopefully after review, you will understand that we are not out to undermine you or your efforts in promotion.

To which I replied:

That interstitial page is not vague at all. It clearly states the target site is believed to be a forgery, spam, malware, or phishing. All very damaging words to a site when you have no proof of such activities.

I ask again, why give an email address to report mistakes if you are unwilling to check the links and unflag them if they turn out to lead to safe sites? I gave you enough information to be able to decide if the link lead to a safe site or some rogue site, so why are you unwilling to remove flags from safe sites?

This post would never have been written if you were more cooperative and removed flags from safe sites that were mistakenly marked as bad sites. Instead you gave lame advice that was very unhelpful and apologized for your unwillingness to undo the harm you are doing to innocent people.

Change your ways and stop hurting people and I'll modify my post with an update to reflect the changes.

Reputation is a thing of great value that can take many years to build and only one small careless act to destroy. And in this case the careless act isn't my own, so the reputation damage isn't my fault.

It's yours.

urlwolf

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,837
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #8 on: April 19, 2010, 03:59 AM »
I contacted them too, and got an equally non-caring answer:

Understand the concern, but our policy has been the same. The interstitial page is currently under review.
- Hide quoted text -

On Sun, Apr 18, 2010 at 4:03 PM <my email> wrote:
cranialsoup.blogspot.com/2010/04/bitly-is-harmful-to-your-reputation.html
this is simply unacceptable.

Will tell everybody I know.

Best,

when I tried to tweet about it, it said 'twitter may be experiencing problems'. Funny because any other tweet of mine not containing the url to the post didn't have any issues. I wonder if (this is a big accusation, so remember that this is only hypothetical) twitter was in bed with bit.ly and blocking the spread of news that harm bit.ly. It'd have major consequences. Worth keeping in mind.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #9 on: April 19, 2010, 04:16 AM »
when I tried to tweet about it, it said 'twitter may be experiencing problems'. Funny because any other tweet of mine not containing the url to the post didn't have any issues. I wonder if (this is a big accusation, so remember that this is only hypothetical) twitter was in bed with bit.ly and blocking the spread of news that harm bit.ly. It'd have major consequences. Worth keeping in mind.

I have serious doubts about that, for quite a few reasons, this being at the top of the list.

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,066
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #10 on: April 19, 2010, 05:39 AM »
Why can't bit.ly have a list of shortening services and simply stop bit.ly from reshortening them?

Failing that why not warn someone during the process that they cannot posted shortened links and refuse to accept them - at least then the correct link will be posted?

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #11 on: April 19, 2010, 06:46 AM »
I know this is all happening automatically without evil intent, but when you step back and look at it from again from the point of view a maliciously cloaked addresses then one that is doubly cloaked is very very suspicious.

A big part of me still thinks the blasé use of these services need to be highlighted and if you're using a client which is re-shortening already short links you should switch clients.

nudone

  • Cody's Creator
  • Columnist
  • Joined in 2005
  • ***
  • Posts: 4,119
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #12 on: April 19, 2010, 07:17 AM »
Why can't bit.ly have a list of shortening services and simply stop bit.ly from reshortening them?

Failing that why not warn someone during the process that they cannot posted shortened links and refuse to accept them - at least then the correct link will be posted?
-Carol Haynes (April 19, 2010, 05:39 AM)

sounds like a very reasonable thing to expect.

could we set up a service that did that - the others might follow afterwards...

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #13 on: April 19, 2010, 07:38 AM »
I know this is all happening automatically without evil intent, but when you step back and look at it from again from the point of view a maliciously cloaked addresses then one that is doubly cloaked is very very suspicious.


I don't think app103's issue is with the validity of how bit.ly might be interpreting a double-shortened link. (Double shortening?)

I think her issue is with bit.ly's refusal to accept responsibility or do a fix once their error has been brought to their attention.

I'm not sure where bit.ly is coming from, but I'd suspect they've been aware of this problem for some time and either: can't be bothered, are in denial, or scared silly.

Reputations are valuable. There are legal repercussions for those who  damage one. And that liability applies even if such harm was done "unintentionally."

Unintentional actions may be viewed as mitigating factors in a slander or defamation charge. But only if the party who did the harm responded in a timely fashion; did everything in their power to minimize the damage; and could show how steps had been taken to prevent it from happening again.

Saying something was done "automatically" may let you argue your intent wasn't malicious. But to just say "oh well" or "sorry, we're working on it" doesn't meet the requirement for acting in a timely and responsible manner. Nor does it remove the liability for any harm done.

Society doesn't expect all our actions to be error free. But it does expect us to accept responsibility for our mistakes.

And to make good on them.  :)


Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,066
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #14 on: April 19, 2010, 07:42 AM »
Why can't bit.ly have a list of shortening services and simply stop bit.ly from reshortening them?

Failing that why not warn someone during the process that they cannot posted shortened links and refuse to accept them - at least then the correct link will be posted?
-Carol Haynes (April 19, 2010, 05:39 AM)

sounds like a very reasonable thing to expect.

could we set up a service that did that - the others might follow afterwards...

Not a bad idea - I don't really like shortened links 'cos you never know where they will actually lead.

Another option for bit.ly (and other URL shortening services) is to build in a 'resolving' algorithm so that whatever the shortened form used the new shortened form automatically detects where it is heading and uses the full URL - that way you would never get contractions of contracted URLs.

By far the simplest solution though is to refuse to accept any submissions that use shortened links - then it is up to the poster to post the correct link.

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #15 on: April 19, 2010, 08:13 AM »
Saying something was done "automatically" may let you argue your intent wasn't malicious. But to just say "oh well" or "sorry, we're working on it" doesn't meet the requirement for acting in a timely and responsible manner. Nor does it remove the liability for any harm done.

Just to clarify to automatic aspect I was referring to is a twitter client auto shortening of URLs for you, not bit.ly's identifying of site's as malicious.

My point is that the user who re-tweeted apps link should not have re-shortened the link and that they are more responsible for the damage done than bit.ly in the sense that they created a very suspicious looking, doubly cloaked, link.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #16 on: April 19, 2010, 10:06 AM »
Problem seems to me to be mostly with the automation - because they're not automatically checking to see if the link is long enough to need shortening. (i.e. running www.wdc.com through bit.ly helps who?)

if(strlen(link) < Screen_Width_of_Typical_Cell_Phone) {
  Skip_it;
}

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #17 on: April 19, 2010, 10:13 AM »
Problem seems to me to be mostly with the automation - because they're not automatically checking to see if the link is long enough to need shortening. (i.e. running www.wdc.com through bit.ly helps who?)

if(strlen(link) < Screen_Width_of_Typical_Cell_Phone) {
  Skip_it;
}

One of the reasons that bit.ly is in such widespread use is that it gives you other information about the link, i.e. how many times it was clicked, how many times was your version of the URL clicked vs others that link to it, how many were from twitter and how many from other places.  Nothing identifiable, but some people might use that, I suppose...

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #18 on: April 19, 2010, 10:40 AM »
One of the reasons that bit.ly is in such widespread use is
People are lazy, and deluded into thinking security is the other guys problem. Regardless of how chronically incredibly dangerous this practice is ~OMG~ it's Fun! - Because the whole point of the internet is FaceBook, marketing & vanity...

Yes, I'm a bit cranky today.  :)

scancode

  • Honorary Member
  • Joined in 2007
  • **
  • Posts: 641
  • I will eat Cody someday.
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #19 on: April 19, 2010, 11:00 AM »
I'm a fan of is.gd... when you try to shorten a shortened link you get this

Sorry, the URL you entered is either on our blacklist or is of a type not supported by is.gd. Often this means you tried to link to is.gd itself or another URL shortening site. Links to these sites are disabled to stop spammers hiding abusive links behind a chain of shortened URLs.

And if you use the api you get
Error: The URL you entered is on our blacklist or of a type not supported by is.gd (links to URL shortening sites or is.gd itself are disabled to prevent misuse)

Tehy be teh smrat! :P

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #20 on: April 19, 2010, 11:09 AM »
One of the reasons that bit.ly is in such widespread use is
People are lazy, and deluded into thinking security is the other guys problem. Regardless of how chronically incredibly dangerous this practice is ~OMG~ it's Fun! - Because the whole point of the internet is FaceBook, marketing & vanity...

Yes, I'm a bit cranky today.  :)

:huh:

Ever consider the limitation of twitter and what it does to URLs.  Isn't this 'twitter' craze partly to blame for that?  Or are they absolved because it has to be the lazy, deluded people's fault?

There's all sorts of dangers on the internet... shortening URLs I don't think falls too soundly in that category.  It's in the implementation (as ScanCode just pointed out above) not the practice.

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #21 on: April 19, 2010, 11:36 AM »
It would be interesting to see a survey of tweets with shortened URLs. I bet the vast majority would still fit within the 160 chars limit even with the long URL.

Of course I have no data to back that up, it's just a feeling ;)

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #22 on: April 19, 2010, 01:16 PM »
It would be interesting to see a survey of tweets with shortened URLs. I bet the vast majority would still fit within the 160 chars limit even with the long URL.

Of course I have no data to back that up, it's just a feeling ;)

Of course, people don't just tweet the URL... or why do it using twitter?   As micro-blogging implies, it's commentary on the URL that adds value.  Fitting said commentary + the URL (and sometimes even the shortened URL) is at times a challenge.

frex - what I would consider a miniminalist tweet about this conversation -

An interesting discussion on URL shorteners on DonationCoder - Bit.ly is Harmful to Your Reputation - https://www.donation...ndex.php?topic=22478

Clocks in at over 160 by 22 characters.

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #23 on: April 19, 2010, 02:15 PM »
An interesting discussion on URL shorteners on DonationCoder - Bit.ly is Harmful to Your Reputation - https://www.donation...ndex.php?topic=22478

Clocks in at over 160 by 22 characters.

2 characters, actually. Didn't see the ellipsis.

An interesting discussion on URL shorteners on DonationCoder: Bit.ly is Harmful to Your Reputation

And, hey, look, a mere 98 characters line (170 internally, including BBcode and HTTP link).

I wonder if all this paranoia comes because of the hack done to the Apache issue-tracking server (which used TinyURL to deliver the XSS attack that started everything), because last week a friend sent me a bit.ly URL that redirected to at least one other URL shortener before showing me the true URL, and worked perfectly, without any warning message. Considering how distasteful the content hosted at the site URL was, I wish it worked back then, it would have saved me one more terrible picture ingrained in my brain >_<
« Last Edit: April 19, 2010, 02:23 PM by Lashiec »

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: Bit.ly is Harmful to Your Reputation
« Reply #24 on: April 19, 2010, 02:28 PM »
An interesting discussion on URL shorteners on DonationCoder: Bit.ly is Harmful to Your Reputation

And, hey, look, a mere 98 characters line (170 internally, including BBcode and HTTP link).


Ummm... that's not twitterable, which is what my point was.  The arbitrary limit set by twitter at 160 characters is what made these url shorteners gain traction.  They were around before, but no where near as ubiquitous as they seem to have become since twitter.  I'm not advocating their use anywhere else in particular.  I personally never used them until I started using twitter, and it became easier to use the same URL in all mediums rather than switch up for one contact method.