Why YSK: Trackers don’t do good for anyone except the platform, and they’re not necessary to view the content in the URL.
It’s courteous to not subject the recipient (most likely your friends and family) to this tracking. You’re already sending them to the platform, which is tracking them in other ways. But you can help reduce that tracking by removing everything after the ampersand in the URL. Here are some examples.
Twitter example
URL: https://x.com/CookieSlayers/status/1623712884902567937?s=20
The s=20 is a Twitter-specific parameter to show that the tweet was copied from the web app. s=46 is iOS, and I can’t remember what Android’s code is. This is a relatively clean link, but there are some links that’ll concatenate unique identifiers, like: https://x.com/CookieSlayers/status/1623712884902567937?s=20&t=Fn47fnSDJUD74bd9.
In this case, you’ll notice there’s also a &t= parameter, which is a unique identifier to the person who shared it.
The only part of the URL you need is https://x.com/CookieSlayers/status/1623712884902567937.
Instagram example:
URL: https://www.instagram.com/reel/CzP877du2EB/?igshid=MzRlODCFWFlZA==
The only part of the URL you need is https://www.instagram.com/reel/CzP877du2EB.
TikTok example
You’ll notice TikTok’s is a lot more readable in terms of what the URL contains.
The is_from_webapp parameter is self-explanatory, as is the sender_device, and then there’s the identifier that’s unique to you. In this case, 7302915057791436331.
The only part of the URL you need is https://www.tiktok.com/@inthepaintcrew/video/7301348328602717482.
The best route1 would be to use privacy-respecting frontends, but if you don’t, simply deleting everything after the ampersand goes a long way.
1The best route would actually be to not use/reward platforms that are literally destroying humanity, but we’re not there yet, so… in the meantime, let’s just try to decrease the tracking and stop subjecting our friends and family to it as much as possible.
Just to add, the part of the URL that goes like “/foo/bar/123/article/whatever_blah_blah” is called the “path” and the part that looks like “?foo=bar&t=12345&flavor=chocolate&priceInCents=350&etc=etc” is called the “query string”.
Amazon does it as well when you share an article.
How do we know which links would have this? What is the connection Amazon has to an article? I’m confused, I thought this meant only if you are sharing a link from a social media site.
Affiliate links I’m assuming but I’m not sure
Some random article from the Amazon Android App:
Share button: https://amzn.eu/d/2Ok2Czn
Clicking the link: https://www.amazon.de/dp/B0BZ5RRT1B?ref_=cm_sw_r_apan_dp_F70NMAH6BZPA74X38C31&language=de-DE
Cleaned link: https://www.amazon.de/dp/B0BZ5RRT1B
The op is about social media sites, but almost every site does it. Amazon, news sites, just about anything Google, Facebook.
Shopping sites all do so they can track you across their platform even if you are not signed in. ‘You looked at (premium) Widget, then (bargain) Widget’. They will probably show (mid-priced) Widget somewhere on that page then. If you click an external link on that page it will have tracking parameters along with it.
If you want to remove parameters from urls you can use the
removeparamfilter in uBlock Origin. Documentation: https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparamFor example:
/?igshid=$removeparam=igshid,domain=instagram.comFor the best performance it’s recommended to make sure the parameter is included in the filter as seen above with
/?igshid, and with the domain it originated from.Filters for the examples in OPs post:
/?igshid=$removeparam=igshid,domain=instagram.com ?is_from_webapp$removeparam=is_from_webapp,domain=tiktok.com &t=$removeparam=/^amp;/,domain=x.comThere’s also a filter that removes a lot of known params: https://github.com/DandelionSprout/adfilt/blob/master/LegitimateURLShortener.txt
Apps should just strip these for us?
That’s exactly what URLCheck does on Android, acts like a middleman for links and allows you to strip tracking parameters etc, before forwarding you to another app to view the link’s contents
Firefox does exactly that, in beta at least. When you copy a URL one of the options is to copy without trackers.
simply use this on android: https://f-droid.org/de/packages/com.svenjacobs.app.leon/
I search up this link that helps spread to word about getting rid of trackers:
Here is an alternative Piped link(s):
https://piped.video/pmmG6z4wqO4?si=64BWjT8Slv5u3f1L
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Your link has tracking in it tho. You dont need the ?si= part
deleted by creator
Yup. I caught that after I clicked send. Oops
You are allowed to edit comments on lemmy
Fixed. Thanks.
I’ve found the android app URLCheck to be useful for this. You set it as your default Web browser and it lets you check for redirects before you open the link
Yeah, I also recommend URLCheck on Android. You make it your default web browser and you can manually or automatically have the query string removed. It can do other stuff such as resolving redirects before sending it to a web browser.
Or you can use it to clean the URL before sharing it.
I searched up this and am pasting it in again to get rid of the tracking:
Here is an alternative Piped link(s):
https://piped.video/pmmG6z4wqO4
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Good bot
Thank you!
Tldr, anything after a ‘?’ In a url is unnecessary.
It’s getting worse too. Recently I’ve noticed Reddit links from friends looking like:
reddit.com/r/example/s/1234567Which then redirects to the actual
reddit.com/r/example/post/comments/1938473I believe Spotify and Tiktok do short tracker-filled links like that too. If you’re on android, URLCheck can wrangle those links to find the actual content without the trackers. I’ve set it to intercept all clicked links so I can modify as needed.
On web / iOS, I’m not sure
I haven’t checked how reddit does this but just from the example it seems like there is no anti tracking from the use of urlcheck that you’re describing.
reddit appears to generate tracking link with a specific numeric identifier in their database, so instead of attaching a bunch of removable url parameters they instead do a lookup in their database and then redirect to the original destination.
this also means your app checking the redirect will need to fetch the url to determine the destination, which means their tracking still works just fine.
edit: a word
If the goal is to share clean links, getting the url after the redirect accomplishes it. The tracking that’s done isn’t on your friends/whoever you share the link with, but done on the app. Which does generally defeat the purpose of their tracking.
true, my comment was primarily from the perspective of the recipient of tracking links
I’ve been meaning to look into how the URL expansion works. If it happened on the device then I guess it doesn’t help much, but if it happens elsewhere it might fix the tracking?
It might also limit how much identifying information is attached to it. If the original link opens in my app, then they can tie accounts together. If it’s wrangled by a third party app, then I open the clean link, they just get my IP address
Though I’ve always wondered if that’s always consistently the case, and when that’s not the case is there any mostly consistent way to identify the separator symbol in the URL text strings :/
Not true on every site. Try it in your browser without the query string first before assuming that’s the case. The app I work on, for instance, uses the query string to set date/time ranges and filter data.
Not always, but it’s a good rule of thumb.
No, this applies to these specific parameters. Removing question marks and ampersands from urls will often break the pages if you don’t know what you’re doing or don’t know what the parameters are for.
Except when it’s not.
On YouTube, adding “&t=37s” starts the video at 37 seconds. It is pretty useful.
That is the full extent of my coding knowledge.
I don’t know why “amp;” appeared. I didn’t write it and it is not necessary. It’s just the and symbol. Followed by t=__s
deleted by creator
Lemmy does not. So, just dump these other social media scams.
Google search does it too. Hangouts used to. Not sure about Messages and other Google services.
Fuck Google AMP as well.
Thankfully haven’t seen AMP links posted to lemmy in a loooong time. At the beginning of the migration it was pretty painful though, had to use some de-amputator website to fix the links since there was (and still is) no bot to handle them
Even Wikipedia does it. I think it’s to see what platforms people are using it on
Keep in mind, there are many valid reasons for tracking or things that can be utilized to track or fingerprint you. I however feel there’s no transparency, there is often no basis for trust for these websites and I feel they share/sell data with reckless abandon so it is from that angle I approach issues like these from.
Oh for sure, I don’t mind it at all that Wikipedia puts a referrer in the end to indicate what platform the link is shared from. Of course that’s far cry from proper tracking and whatnot.
I use this installable web app for cleaning extra parameters from links - https://linkcleaner.app/
Adds a share target to Android once you install it as well, makes it easy to send links to. Open source too!
Anyone have an Android version of this?
Hmmm. I see a ? In that link … Tracking me much??
Jk thanks though
Downloaded btw thanks again
It’s an installable PWA, click the … Menu in Chrome browser and choose “install”. Hope this helps!
I found URLCheck recently. It’s great!
I downloaded it, but how does it work setting it as your default browser? Doesn’t that prevent links from opening in your browser of choice? (in my case, Fennec)
You set URLCheck as your default browser, then you can select an actual default web browser in the app.
Or don’t change your default browser at all and selectively share to URLCheck when you need.
I dislike that Android makes it so easy to accidentally set an app as default for something, and the only way to reverse it is to revoke all of the app’s defaults
You can (at least on my my phone) separately configure the default browser.
Oh, I see. Thanks. I’ll re-install it so I can try it. I panicked when it asked me to set it as my default browser.
That sounds useful. Although I always fix them, I do get tired of squinting at urls looking for the &.
deleted by creator
*uBlock Origin
Came here for this
What i do when sharing from an app would be to use a url cleaner app first and then share the cleaned link.
This is the app i use https://play.google.com/store/apps/details?id=com.svenjacobs.app.leon
does anybody bother with blocking javascript anymore, like with noscript.net on firefox?
Im using uBlock (Medium Mode) and JShelter (Strict Mode). It’s an awesome combination, mixed with Firefoxs already existing anti tracking and resist fingerprint setting (default on Librewolf)
NoScript isn’t very popular anymore since it breaks many Webpages. Only exception is Tor, which comes with NoScript by default. Also there’s uBlock, uMatrix, LibreJS and many more to block scripts nowadays
noscript breaks webpages on purpose, because it blocks javascript
Obviously. That’s why not many poeple use it, they just don’t care enough to handle not being able to use those websites/fix them by configuring their NoScript
deleted by creator
What if you modify the tracker, like change some letters? Could that mess up their system if many did it?
A few years ago, I came across a tool that did exactly this. It might’ve been a browser extension… When you clicked a link that had trackers, rather than providing a clean URL, it sent incorrect/invalid parameters to the tracking link.
If you go that route, start collecting real ids of loads of random people and then randomly add those. If you add invalid ones, they’ll just get ignored, but with real random ones it really will fuck with their systems
I like the way you think
“In computer science, garbage in, garbage out (GIGO) is the concept that flawed, or nonsense (garbage) input data produces nonsense output”
YouTube has also started attaching a Share ID of sorts:
https://youtu.be/dQw4w9WgXcQ?si=rzmQCXsZkblahblah
The “si” query parameter is the tracker in question.
Presumably, it has your user ID embedded in it so all your efforts to concele your identity by using anon IDs on Lemmy/Reddit/Twitter etc routing through VPNs Tor whatnot can be shattered with a single share of a YouTube video. Plus, they can track and associate users with each other based on who all opened your link.
Thank you senpai next lesson ?
i bet the letterz boys LOVE THIS
Here is an alternative Piped link(s):
https://piped.video/dQw4w9WgXcQ?si=rzmQCXsZkblahblah
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Bad bot you included the trackerz
Really don’t wanna be that guy but I think si stands for - source identifier, correct me if I’m wrong though.
Yeah that seems plausible.
