Reply to post: Re: Not really secret

Hapless engineers leave UK cable landing station gate open, couple of journos waltz right in

eldakka Silver badge

Re: Not really secret

EDITED: partially ninja'ed by Baldrickk reply while writing this rant. Just in case you can't tell, using URL obfuscation services is one of my (many) pet hates. Original post below:

Would you have preferred https://www.google.com/maps/@53.6273895,-2.9876024,3a,75y,209.63h,67.67t/data=!3m6!1e1!3m4!1s0JRd4UeT2_n0tkhfcAU41g!2e0!7i13312!8i6656 or https://goo.gl/maps/DbTvADnpK5o

Abso-fucking-lutely would I have preferred: https://www.google.com/maps/@53.6273895,-2.9876024,3a,75y,209.63h,67.67t/data=!3m6!1e1!3m4!1s0JRd4UeT2_n0tkhfcAU41g!2e0!7i13312!8i6656.

Every day of the week!

URL obfuscation services are bad. They actively hide the URL that you are actually visiting.

That long URL you posted tells me I am going to a google maps reference.

By using a URL obfuscation service, that information is being hidden. For all I knew - or still know, as I haven't tried using the obfuscated URL, so have to take it on trust that they are one and the same location - that URL could have been going to a porn site, or was an advert for something else, or could have been going to a malware site.

Using URL obfuscation is a key tactic of malware purveyors, identity thieves, spam-bots, internet tracking (what, you don't think URL obfuscation services aren't primarily web-trackers to build up saleable profiles of your internet usage?), just all-round dodgy people. When we get spam emails claiming to be from our bank, or anything else that provides a link for you to login in, many of those use obfuscated URLs. That way you can't tell by looking at the URL that it isn't in fact sending you to accounts.mybank.com/login because what you see hidden under the anchor is goo.gl/xrfeHuYH, which when you click on it actually takes you to login.mybank.com.34dsxcc.bobsite.tv.

Never, ever click on an unknown URL, which is what an obfuscated URL is, by definition of what URL obfuscation (aka URL shortening) is.

It's just as dangerous - and foolhardy - as opening an unknown attachment from an unknown sender in an email.

Downvoted because I believe that someone providing criticism shouldn't do so without providing a solution.

I'm happy to receive down votes if that's your opinion.

The solution was provided in the criticism, "do not use URL obfuscation". What further solution is required? I mean, logically, what's the alternative to not using an obfuscated URL? Ummm, how do I provide a URL without using URL obfuscation? Duh, providing the full URL? Which you seem to have done in that reply, so it wasn't really that hard to work out, was it?

Even better would have been to use an actual HTTP anchor like this: look at this map.

On mouseover you can see the link in your browsers status-bar, or you can usually right-click and copy the actual URL embedded under the link so it can be pasted into an address bar and seen before pressing enter to go to the site, or searched for, or pasted into a text editor, wherever you'd like to have the actual URL before interacting with it.

This is common internet-safety knowledge, like not opening attachments from unknown senders, what further information than "do not use URL obfuscation" do you think should have been provided?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020