I've been ranting about Bitly for years! The ubiquitous link shortener had an interesting "feature" - add a + to the end of the URl and you could see all the statistics for the link. How many clicks, referers, location of users. Here's a blog post I wrote about it way back in 2011. I often used this feature to explore how popular companies and scammers were: Terence Eden is on…
Continue reading →
Popular URl shortner Bitly allows users to customise its links. This means you can have all sorty of weird and wonderful character in there. For example: bit.ly/ó¾°ó¾° You can also use Emoji! bit.ly/☹ bit.ly/♐ Well, OK, not all Emoji. If you try to use most of them, the Bitly system craps out and generates broken URls, like so: But you can use most Unicode Miscellaneous symbols - so…
Continue reading →
Because I'm an optimist, I submitted a few talks to FOSDEM in the hope one might be accepted. Because I'm lucky, I got two speaking slots. Because I'm an idiot, I decided to do both talks. On the same day. An hour apart. On opposite ends of the venue. Fool! My first talk was at the Social Web Birds-of-a-Feather session. I told people about my ActivityBot social networking server and how I…
Continue reading →
One of my most memorable experiences in the Civil Service was discussing link shortening services with a very friendly person from the Foreign and Commonwealth Office. I was trying to explain why link shortners like bit.ly and ow.ly weren't sensible for Government use. They didn't seem to particularly care about the privacy implications or the risk of phishing. I needed to take a different…
Continue reading →
The Guardian launched its online adventures back in 1999. At some point, they started using the name "Guardian Unlimited". Hey, the dot com boom made us all do crazy things! As part of that branding, they proudly used the domain GU.com Over time, the branding faded and GU.com became a URL shortening service. Tiny URls like gu.com/abc could be printed in papers, sent via SMS, or posted on…
Continue reading →
Phishing is the devious practice of tricking users into giving away their usernames and passwords to fraudulent sites. It is big business, and the best defence against it is constant vigilance. I'm going to walk you, step-by-step, through a scam that targetted me today. Along the way we'll see how to avoid falling prey to these monsters. It starts with a text I was sent this SMS from a…
Continue reading →
The British intelligence service GCHQ has been on Twitter since January 2016 - however they only sent their first tweet today. GCHQ@GCHQHello, world. bit.ly/GCHQhello❤️ 1,612💬 453🔁 010:02 - Mon 16 May 2016 As I never tire of saying, Bitly is a terrible at keeping your data private. Simply add a + on to the URL and you can see some really interesting stats about the link and the user who created…
Continue reading →
Journalist Dave Lee pointed out a disturbing new spear-phishing attack on Twitter. The phony account looks for people who are Tweeting their dissatisfaction with Lloyds Bank - one of the largest and oldest banks in the UK - and sends them messages urging them to log in to a fraudulent site. The tweets have some realistic touches - such as ending with "^LY" to signal the initials of who is…
Continue reading →
I had dinner with the outgoing editor of The Guardian the other night. Clever chap, sure he'll go far in life. The Guardian is very hot on security. Many of their writers have PGP keys which they publicly advertise. In theory, that's great (complaints about PGP notwithstanding) - but the reality shows just how tricky it is to act in a security conscious manner. Have a look at Alan's Twitter…
Continue reading →
2025 Update - Bitly removed the ability to create emoji links, so some of these links are now dead. Facebook rewrite URLs with Unicode in the path - this is not best practice and could be dangerous. It is possible to create a URL like http://bit.ly/😀 - the Unicode characters are valid in the path. The URL Encoded representation is : bit.ly/%F0%9F%98%80 Facebook mangles these URLs in such a wa…
Continue reading →
Analysts estimates are always interesting to read - especially if you know the real statistics which they are trying to prophetize. Even when someone releases "official" statistics, they're usually hard to verify independently, and even harder to analyse by region. Benedict Evans - who I've had the pleasure of meeting at Mobile Monday - published some very interesting official stats on…
Continue reading →
Earlier this year, I blogged about seeing these QR codes appearing on some train tickets. The campaign itself wasn't that great - a poor call-to-action and a decidedly mobile-unfriendly site - but I was interested in how many people had scanned them. Thanks to bit.ly's practice of exposing everyone's statistics, we can see exactly how well this campaign did. Wow! Twenty-five thousand…
Continue reading →
