URL lengthening service also makes URLs "shady"


[Read the post]


Oh this sort of thing gets a whole chapter in my forthcoming book,

How to win Enemies and give them the Influence they Need to Cause You Harm.


URL shorteners already creep me out.


Was hoping for an Easter egg with this one:



Thanks, already had enough Rick Astley today. Boom-ch-boom-boom!


Hey, it works!


I teach web development, and creating a URL shortener is our first ‘application’ challenge. Most students are happy to make a conventional shortener, but I always tell one pair I have a special challenge for them.

“I want you to make it longer.”
“But… why?”
“Because we can.”
“But… but… what will it do?”

And this is how you get a URL lengthener that turns your link into procedurally generated Taylor Swift lyrics.


Oh, whaddyaknow?! There is an Easter egg!


This is wise. They should scare anyone.




There’s actually one long-running spammer (an Arizona-based outfit that specializes in small US businesses) that used 5z8.info URLs in their spam for a while.

Spammers often use URL rewriting services as a way to get past URL-based blacklists, and this outfit must have reasoned that it didn’t matter what the URL looked like. HTML-formatted emails mostly hide the URL from the recipient, so the risk that recipients would be frightened off by the apparently ‘shady’ URL was small.


well it sure fools the work filters.


And that splains getting blocked at work.


Doesn’t work recursively to generate really long and disturbing links. :frowning2:


If I were a spammer I’d use this for the unsubscribe link.

At the current effective rate of querying bit.ly, enumerating the entire bit.ly database would take approximately 12.2 million compute hours, roughly equivalent to 510,000 client-days. Amazon EC2 Spot Instances may be a cost-effective resource for automated URL scanning...At the time we were conducting our scanning experiments, Amazon EC2 Spot Instances cost $0.003 per hour, thus scanning the entire bit.ly URL space would have cost approximately $36,700.



A bit much to do just for the lulz; but probably not enough to even need Serious Signed Approval at a number of the world’s spook shops, never mind the economically motivated criminals.

(And, of course, bit.ly already has the entire bit.ly database, since that’s how ‘the bit.ly database’ exists; and what do they do to make money, anyway?)


If you have an unsubscribe link, I think you’re missing some foundational concepts of spam.


Ha that’s pretty funny. I made something like this too, to give short urls a bit more style.


I haven’t tested them in awhile but as far as I know they all still work. And with at least friskypriests.com you can assign your own custom code (http://friskypriests.com/boing goes to my preferred method of reading boingboing, for example).

Edited to add: they have another advantage over most short url services: their generated codes are just 4 characters, making them easy to type by hand.


… and now you’re on a watchlist, too. Congratulations!