A Few Observations About Short URL Services

by | March 31st, 2009

A back water infrastructure service of the Internet for many years URL shorteners allow you to take a long nasty long URL like https://blog.pint.com/2009/03/31/a-few-observations-about-short-url-services into something like http://tinyurl.com/cc2o48 Try it you just bounce here.

While we use these shortening services in some Internet mediums because we must it is questionable the value of the keyboard character conservation services when you really consider their motivation and overall costs.

Twitter Revives URL Shorteners

URL shortening services simply didn’t matter much until recently. Just helping people deal with email messages that had URLs that didn’t wrap lines or similar occurrences in message board posts wasn’t much of a motivator. However, add Twitter to the mix and what is old well becomes new again.

Twitter’s 140 character limitation in today’s semantic SEO focused linked naming world is too restrictive. Your tweet can say “Here is a cool URL: http://big.old.url.here/that/goes/on/and/on/and/on” and then you are out of space. URL shorteners save us!

Why build around a 140character limitation? Are we trying to communicate by fortune cookie message!?! A tweet with a long URL brings shame to your family!

Beyond snark we do use bit.ly, tinyurl.com and others URL shorteners is a pure function of the limitations of Twitter. Take that limitation away (which should hopefully happen sooner than later) and the relevance of these services goes bye-bye.

Some may argue that the succinct nature of the 140 character thought bursts is good to ensure focus, but regardless of your stance on the limit why Twitter doesn’t add this feature itself as it is obviously needed and it doesn’t force users to use third parties is curious.  Probably Twitter is more focused on finding a good business model, so this is farther down on the list.  Regardless of who provides the service there are a number of interesting observations that can be made about shortened URL and their providers.

Keywords and Hashes

So the URL shortener takes our URL and makes it something like http://tinyurl.com/d4xd2u.  Cryptic yes- hash values like d4xd2u aren’t meaningful, they’re just short. If a shortened URL was http://tinyurl.com/shorturls then you might have value in balancing path length with meaning.  However, won’t a lot of other people want that URL then too?

Well in some cases we can actually make our keywords if it hasn’t been already taken.  For example, for this article I got http://tinyurl.com/shorturlpost

Of course this custom keyword is now taken, too bad anyone else who might want this.  So now we’ve just reinvented the idea of AOL Keywords.  We want a special “Go” word that is used in the URL or browser that gets us right to the object of interest rather than a nasty long URL.  It is a good idea, but it is not a new idea.

Networds, URNs, and a multitude of other name ideas that would aim to make the URL a short keyword system.  The current crop of shorten the URL services doesn’t do this (YET) nor does it even get the basics right. First consider if you are going to shorten or keyword URLs you really need a better domain name for the service.  TinyURL.com really isn’t that tiny and Bit.ly really isn’t a good obvious name.  Better candidates:

  • http://go.com – ABC owned portal that isn’t doing much
  • http://go.to – already doing something kind of like this but not right

Here we are 5 and 4 chars with some semantics in play.

Take the same idea and keep going and we get our second idea, a new TLD (top level domain) just for this duty.

  • http://go/KEYWORD
  • http://keyword/KEYWORD-HERE

Challenge with this is getting new top-level domain names going is a long process and frankly why do we need this?

The best idea really is to get the browser vendors to put this concept in a browser directly.  DNS would be to IP addresses as the keyword system would be to URLs.  Look up the special keyword resolve to the site.  Problem – we’ve tried this before.  Everyone wants to own this because it is a potential money minting business to sell keywords off it rather than cryptic hashes.  Do a Web history search lots of failed attempts here.  This is a hard problem, not technically – socially.  Everyone must accept this is the new way.

Watch Where You Are Going

Well putting aside the possibility for more meaningful shortened URLs, let’s discuss the simple problem of getting dumped to something unexpected (http://tinyurl.com/2w4apm).  Yes if you typed or clicked that you got Rickrolled.  Of course getting some poppy 80s video in your face is hardly a worry, you might find yourself following a Tweet to a Viagra ad or worse yet a drive-by malware site.  So with short URLs you can’t tell where you are going so now we need a preview URL.

A preview URL like http://preview.tinyurl.com/2w4apm now takes us to a page that reveals what the actual URL we are going to go to is. Try it in another window and take a look. Of course that doesn’t help too much but at least you know you are going to YouTube now so maybe your guard is up.  So now we have saved some characters and added some clicks to got to the verify page and verify the URL by providing what the real URL actually is!?

The concept of needing a preview URL really is kind of odd because no URL really can tell you what you are about to go tp.  Even if you see a URL like http://IamASafeSite.com/intendedPage/ what’s to keep that from being redirected to something just as bad as what a shortened URL?   The answer – absolutely nothing.  Every time you click any link you are taking that chance but likely it seems getting to know what the site as the shown destination you trust it is safe.  This hiding of destination is of course the same scheme phising uses.  What makes the cryptic short URLs bad is that you have no clues of good versus bad links at all, thus the preview URL introduction.

They’re Watching Where You Are Going

When you shorten a URL to save a few bytes you generally give away data about your readers and their interests. Most 3rd party short URL services track traffic to various URLs that are shortened or use advertising which similar may track as a way to offset the cost of the provided service.  Via link redirection the URL shortener obtains insight into a volume of Internet traffic but at the same time they become a critical link of Internet linking as well.

If a URL shortener service has problems lots of Internet links particularly in the Tweet-o-sphere have problems. Link consolidation to bounce off someone allows for observation and creates points of failure that don’t need to exist on the Web. In short links on the whole are more reliable when dispersed not aggregated.

Certainly one might argue that it is nice to get some statistics on what people click on. Some of the newer redirecting services provide this openly, but the question is should they and do you need them to get this data. The answer is it depends on where and why you use short URLs. In Twitter you needs these folks, outside Twitter you can easily do this yourself with a little JavaScript.

A simple JavaScript can be written to attach to outbound links and send a little request to your server when the link is clicked.  Simply attach an onmousedown or onclick handler to monitored links.  With this scheme you can fairly predictably watch people bounce away from you without a “site in the middle.” For a demo and example source take a look at http://ajaxref.com/ch2/recordlink.html.  The demo is quite basic and the scheme it employs is fairly widely used, check out the Google link result page with an HTTP monitor and you will see it employed.  The point being is that don’t assume you have to give away traffic data to a 3rd party to gain insight, you just don’t.  Then again most of us do so massively with Google Analytics, Google Toolbar, etc. willingly so what’s a little more info disclosure between Web 2.0 friends?


You probably have to use URL shorteners if you Twitter because of the 140 character limit in play but we should understand the following:

  • These shortened URLs are currently not meaningful or SEO benefiting because of cryptic hashes
  • These shortened URLs are worse for security because of easy destination masking
  • These shortened URLs have privacy concerns as we share user traffic with a 3rd party
  • These shortened URLs are less resilient than standard Web links because it consolidates and 2 parties the link


Thomas Powell is a long-time web industry veteran, as well as the founder and CEO of PINT.

  • I would imagine Twitter is aware of this concern is will eventually take care of it, but like you said it’s probably not on the top of their priorities list.

    I’m sure they’re not on some self-righteous ‘all cogent thoughts must be under x characters’ limitation, rather they probably started with the simplest rule and decided to address it later.

    Another few things to think about before using a short URL service:
    1. You are subject to the terms and conditions set forth by the people running the service. If they decide to place a delay on redirection (to show ads or something), you may be unaware of this choice.

    2. If the security of the short URL service has been compromised, the security of every link you sent out from that site has been gone along with it.

    3. SEO effect – by using these services you are hindering search engine’s capabilities of accurately tracking back links.

    We don’t have to worry as much about security if using a trusted service like TinyURL, but when using other (less known) short URL sites, the motives of the short URL site owner may affect your user’s experiences, and nobody wants that for their users.

  • Thomas

    The character limit of Twitter is almost certainly the SMS limit kind of thinking. It seems somewhat arbitrary beyond that as you point out and does put a limit on reasonable thought turning Tweets into shout-outs, URL swaps, and brief exclamations. Maybe their business model will be expanded tweets for dollars!

    Your points about the possibility of bait and switch scam of short-URLs is quite correct. Keeping these systems safe and honest is tough and size may not matter.

    For example, recently some short URLs have been abused in Twitter and been swatted down because people were easily being dupped. However, don’t think the trusted sites can do much here. They can try to look at a destination site and see if it is live and not malware delivering. Yet nothing is reasonably possible to keep the destination URLs from later being to changed to bad sites. As long as redirection exists as the post states a URL (short or not) doesn’t really indicate truly where you may end up.