Hacker News new | ask | show | jobs
by chipdart 781 days ago
That's besides the point. If I'm passed on a short url, I need to trust that the link points somewhere safe, that all the link shortener does is return a Status Code 301 with the actual link, and if I open the short link again that it won't take me to a malicious site.

By design, this URL shortener service does neither, and to me it feels too risky to even consider opening a link.

But that's just me. I'm sure plenty of people will find this useful.
1 comments
zizouu 781 days ago
Fair enough. Point taken. Thank you.
link
O1111OOO 781 days ago
There's a link shortener I use occasional. The team offers two services (domains):

domain 1: the shortURL goes directly to the destination site

domain 2: the shortURL takes you to a page that displays the destination URL. The user can opt to click on the destination url. It's a two-step process.

The few times I use an URL shortener, I always use domain2 because of the concerns raised by /u/chipdart. These are concerns I have myself.

Also... a couple of things:

When I was searching for a link shortener, I noted that all of them had a good deal of information about data collected, how/if they use the data, privacy, etc... I was really surprised by all the information collected. There's nothing on your site concerning this.

During my research it was clear that the first types of people that use these services are scammers, malicious people. They swarm new sites like these. They get blocked from other services and are constantly in search of new ones.

There were steps that operators took to make it difficult for these scammers to use the service. I forgot what most of the different strategies were. One person had a good write up about this (was it here on HN?). I remember that a sign-in requirement really helped (which you have).

The service looks useful, otherwise. I really like the idea of it. Good luck!

link
zizouu 781 days ago
Hi! Very valid points raised. Thank you for raising them. We will add information about data collected, how is it processed if at all. And also address the concerns that /u/chipdart had.

Of course we don't want the tool to be used by scammers or malicious people - so we'll do what's required to prevent that.

Thank you once again. Much appreciated.

link