Skip to content

Half-baked ideas: privacy friendly and sustainable URL shorteners

URL shorteners are a pest for the web. Not only because the accelerate link rot by adding just another way how hyperlinks can become outdated, but because their business model is mostly based on tracking users. And even worse, they do not so much track users who publish them, but cause other users to be tracked. But they are damn useful, especially since there are a lot of flawed mail clients, often mobile, that will mutilate long URLs. Not to mention media that restrict the length of a message, such as Twitter. Either way, here is an idea to deal with this:Have a browser extension for Firefox and Chrome that uses a list of known URL shorteners and matches URL requests to them. If the URL points to a known URL shortener, it first matches a hash of it with an online service whether its expansion is already known. If it is known, it will just request that expansion from the service instead, avoiding any HTTP requests to the shortener service altogether. If the expansion is unknown, it’ll proceed through the original shortener service for its expansion and subsequently shares it with the replacement service.

But now we have replaced a proven untrustworthy third party (take link.is as an example of a very poorly behaving shortener service) with another third party. That can still track you based on your IP-address, even if you strip away any other information such as cookies and referrer URLs. The most obvious solution would be to include a Tor client in the extension and to use a Tor hidden service to provide the data, so the service would not be able to know what IP-adresses are requesting. A slightly more resilient option would be to have a hybrid model in which the replacement shortener service publishes on a daily basis a compressed database of, say, 1 GB, of the most popular URLs in the past 24 hours as a torrent file and in which the clients continuously share that database.

Having such a distributed database has obvious other uses, for example for archival purposes, which are now suffering from link rot through unmaintained shortener services.