this post was submitted on 18 Nov 2023
406 points (98.6% liked)

You Should Know

32996 readers
1911 users here now

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.



Rule 2- Your post body text must include the reason "Why" YSK:

**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.



Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

founded 1 year ago
MODERATORS
 

Why YSK: Trackers don't do good for anyone except the platform, and they're not necessary to view the content in the URL.


It's courteous to not subject the recipient (most likely your friends and family) to this tracking. You're already sending them to the platform, which is tracking them in other ways. But you can help reduce that tracking by removing everything after the ampersand in the URL. Here are some examples.

Twitter example

URL: https://x.com/CookieSlayers/status/1623712884902567937?s=20

The s=20 is a Twitter-specific parameter to show that the tweet was copied from the web app. s=46 is iOS, and I can't remember what Android's code is. This is a relatively clean link, but there are some links that'll concatenate unique identifiers, like: https://x.com/CookieSlayers/status/1623712884902567937?s=20&t=Fn47fnSDJUD74bd9.

In this case, you'll notice there's also a &t= parameter, which is a unique identifier to the person who shared it.

The only part of the URL you need is https://x.com/CookieSlayers/status/1623712884902567937.

Instagram example:

URL: https://www.instagram.com/reel/CzP877du2EB/?igshid=MzRlODCFWFlZA==

The only part of the URL you need is https://www.instagram.com/reel/CzP877du2EB.

TikTok example

URL: https://www.tiktok.com/@inthepaintcrew/video/7301348328602717482?is_from_webapp=1&sender_device=pc&web_id=7302915057791436331

You'll notice TikTok's is a lot more readable in terms of what the URL contains.

The is_from_webapp parameter is self-explanatory, as is the sender_device, and then there's the identifier that's unique to you. In this case, 7302915057791436331.

The only part of the URL you need is https://www.tiktok.com/@inthepaintcrew/video/7301348328602717482.


The best route^1^ would be to use privacy-respecting frontends, but if you don't, simply deleting everything after the ampersand goes a long way.

^1^The best route would actually be to not use/reward platforms that are literally destroying humanity, but we're not there yet, so... in the meantime, let's just try to decrease the tracking and stop subjecting our friends and family to it as much as possible.

top 50 comments
sorted by: hot top controversial new old
[–] slazer2au@lemmy.world 28 points 11 months ago (6 children)

Tldr, anything after a '?' In a url is unnecessary.

[–] Nemo@midwest.social 35 points 11 months ago

Not always, but it's a good rule of thumb.

[–] otter@lemmy.ca 15 points 11 months ago* (last edited 11 months ago) (1 children)

It's getting worse too. Recently I've noticed Reddit links from friends looking like:

reddit.com/r/example/s/1234567

Which then redirects to the actual reddit.com/r/example/post/comments/1938473

I believe Spotify and Tiktok do short tracker-filled links like that too. If you're on android, URLCheck can wrangle those links to find the actual content without the trackers. I've set it to intercept all clicked links so I can modify as needed.

On web / iOS, I'm not sure

[–] example@reddthat.com 7 points 11 months ago* (last edited 11 months ago) (2 children)

I haven't checked how reddit does this but just from the example it seems like there is no anti tracking from the use of urlcheck that you're describing.

reddit appears to generate tracking link with a specific numeric identifier in their database, so instead of attaching a bunch of removable url parameters they instead do a lookup in their database and then redirect to the original destination.

this also means your app checking the redirect will need to fetch the url to determine the destination, which means their tracking still works just fine.

edit: a word

[–] otter@lemmy.ca 5 points 11 months ago

I've been meaning to look into how the URL expansion works. If it happened on the device then I guess it doesn't help much, but if it happens elsewhere it might fix the tracking?

It might also limit how much identifying information is attached to it. If the original link opens in my app, then they can tie accounts together. If it's wrangled by a third party app, then I open the clean link, they just get my IP address

[–] candybrie@lemmy.world 2 points 11 months ago* (last edited 11 months ago) (1 children)

If the goal is to share clean links, getting the url after the redirect accomplishes it. The tracking that's done isn't on your friends/whoever you share the link with, but done on the app. Which does generally defeat the purpose of their tracking.

[–] example@reddthat.com 1 points 11 months ago

true, my comment was primarily from the perspective of the recipient of tracking links

[–] InFerNo@lemmy.ml 12 points 11 months ago

No, this applies to these specific parameters. Removing question marks and ampersands from urls will often break the pages if you don't know what you're doing or don't know what the parameters are for.

[–] Eagle0110@lemmy.world 2 points 11 months ago

Though I've always wondered if that's always consistently the case, and when that's not the case is there any mostly consistent way to identify the separator symbol in the URL text strings :/

[–] lolcatnip@reddthat.com 2 points 11 months ago

Except when it's not.

[–] ilinamorato@lemmy.world 1 points 11 months ago

Not true on every site. Try it in your browser without the query string first before assuming that's the case. The app I work on, for instance, uses the query string to set date/time ranges and filter data.

[–] Adalast@lemmy.world 14 points 11 months ago (3 children)

I will add to this that UTM tracking is a little less invasive. I have gotten my boss to use UTM codes instead of full-blown tracking so we can at least capture which ads people clicked on and on which platform without capturing any personal data. As long as you pay attention to the other tags, UTM are reasonable from what I have seen in my research. Gives enough info to let the business know what is going on without letting them know who is doing it.

[–] Adalast@lemmy.world 5 points 11 months ago (2 children)

That said, I use ScriptSafe on Chrome and a similar one on Firefox to ban the tracking code on websites entirely (along with anything that is not 100% necessary to view the page), so even if there are codes in the URLs I open, they are never logged by the analytics services that capture it.

I suggest it to everyone. Block the scripts. It is a pain in the ass whenever you go to a new page, but you have the opportunity to see what off-domain script sources are attempting to execute and you can research the sources, then decide if you want to allow them to execute or not, and decide if you want to associate with a page before you give them much of anything. Overall, distrust google tag manager, Google Analytics, and literally anything that has "ad" in it and you get about 60% of the nasty out of the way.

Fuck cutting the snake off at the head, I for his damn balls. Seems to work too as what advertising I do see, usually while casting streams, is all over the map. I get ads for video games next to ads for hip replacements, and I smile knowing that I have ghosted them as effectively as I can without going off grid.

load more comments (2 replies)
load more comments (2 replies)
[–] Lemmyvisitor@lemmy.dbzer0.com 12 points 11 months ago (1 children)

I've found the android app URLCheck to be useful for this. You set it as your default Web browser and it lets you check for redirects before you open the link

[–] Salix@sh.itjust.works 3 points 11 months ago* (last edited 11 months ago)

Yeah, I also recommend URLCheck on Android. You make it your default web browser and you can manually or automatically have the query string removed. It can do other stuff such as resolving redirects before sending it to a web browser.

Or you can use it to clean the URL before sharing it.

[–] reksas@lemmings.world 10 points 11 months ago (2 children)

What if you modify the tracker, like change some letters? Could that mess up their system if many did it?

[–] yoz@aussie.zone 4 points 11 months ago (1 children)
[–] irreticent@lemmy.world 3 points 11 months ago

Garbage in, garbage out.

"In computer science, garbage in, garbage out (GIGO) is the concept that flawed, or nonsense (garbage) input data produces nonsense output"

[–] phoenixz@lemmy.ca 3 points 11 months ago

If you go that route, start collecting real ids of loads of random people and then randomly add those. If you add invalid ones, they'll just get ignored, but with real random ones it really will fuck with their systems

[–] ladel@feddit.uk 10 points 11 months ago* (last edited 11 months ago) (2 children)

You can also let an add-on take care of this, e.g. ClearURLs or the "AdGuard URL Tracking Protection" filter in ublock

Edit: actually not much use if you are creating links to share from apps. It only strips the tracking from the URL in the address bar

[–] ono@lemmy.ca 3 points 11 months ago

*uBlock Origin

load more comments (1 replies)
[–] intensely_human@lemm.ee 9 points 11 months ago

Just to add, the part of the URL that goes like “/foo/bar/123/article/whatever_blah_blah” is called the “path” and the part that looks like “?foo=bar&t=12345&flavor=chocolate&priceInCents=350&etc=etc” is called the “query string”.

[–] Frellwit@lemmy.world 8 points 11 months ago* (last edited 11 months ago)

If you want to remove parameters from urls you can use the removeparam filter in uBlock Origin. Documentation: https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam

For example: /?igshid=$removeparam=igshid,domain=instagram.com

For the best performance it's recommended to make sure the parameter is included in the filter as seen above with /?igshid, and with the domain it originated from.

Filters for the examples in OPs post:

/?igshid=$removeparam=igshid,domain=instagram.com
?is_from_webapp$removeparam=is_from_webapp,domain=tiktok.com
&t=$removeparam=/^amp;/,domain=x.com

There's also a filter that removes a lot of known params: https://github.com/DandelionSprout/adfilt/blob/master/LegitimateURLShortener.txt

[–] Xander72@lemmy.one 6 points 11 months ago (1 children)

I personally use an app called URLCheck on Android (link)

Replaces your default browser handles and lets you manipulate the URL before it goes to your actual browser.

[–] lntl@lemmy.ml 6 points 11 months ago (2 children)

Apps should just strip these for us?

[–] Vash63@lemmy.world 8 points 11 months ago

Firefox does exactly that, in beta at least. When you copy a URL one of the options is to copy without trackers.

[–] lemann@lemmy.one 3 points 11 months ago

That's exactly what URLCheck does on Android, acts like a middleman for links and allows you to strip tracking parameters etc, before forwarding you to another app to view the link's contents

[–] wowwoweowza@lemmy.ml 6 points 11 months ago (1 children)

I searched up this and am pasting it in again to get rid of the tracking:

https://youtu.be/pmmG6z4wqO4

[–] PipedLinkBot@feddit.rocks 7 points 11 months ago (1 children)

Here is an alternative Piped link(s):

https://piped.video/pmmG6z4wqO4

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] wowwoweowza@lemmy.ml 4 points 11 months ago
[–] gogosempai@programming.dev 5 points 11 months ago* (last edited 11 months ago) (3 children)

YouTube has also started attaching a Share ID of sorts:

https://youtu.be/dQw4w9WgXcQ?si=rzmQCXsZkblahblah

The "si" query parameter is the tracker in question.

Presumably, it has your user ID embedded in it so all your efforts to concele your identity by using anon IDs on Lemmy/Reddit/Twitter etc routing through VPNs Tor whatnot can be shattered with a single share of a YouTube video. Plus, they can track and associate users with each other based on who all opened your link.

[–] PipedLinkBot@feddit.rocks 1 points 11 months ago (1 children)

Here is an alternative Piped link(s):

https://piped.video/dQw4w9WgXcQ?si=rzmQCXsZkblahblah

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] MaxVoltage@lemmy.world 4 points 11 months ago

Bad bot you included the trackerz

load more comments (2 replies)
[–] Appoxo@lemmy.dbzer0.com 2 points 11 months ago (2 children)

Amazon does it as well when you share an article.

[–] Cheradenine@sh.itjust.works 5 points 11 months ago

The op is about social media sites, but almost every site does it. Amazon, news sites, just about anything Google, Facebook.

Shopping sites all do so they can track you across their platform even if you are not signed in. 'You looked at (premium) Widget, then (bargain) Widget'. They will probably show (mid-priced) Widget somewhere on that page then. If you click an external link on that page it will have tracking parameters along with it.

[–] fatbeer@reddthat.com 1 points 11 months ago (2 children)

How do we know which links would have this? What is the connection Amazon has to an article? I’m confused, I thought this meant only if you are sharing a link from a social media site.

[–] KingJalopy@lemm.ee 1 points 11 months ago

Affiliate links I'm assuming but I'm not sure

[–] wowwoweowza@lemmy.ml 2 points 11 months ago (2 children)

I search up this link that helps spread to word about getting rid of trackers:

https://youtu.be/pmmG6z4wqO4?si=64BWjT8Slv5u3f1L

[–] Oha@lemmy.ohaa.xyz 8 points 11 months ago (2 children)

Your link has tracking in it tho. You dont need the ?si= part

[–] wowwoweowza@lemmy.ml 1 points 11 months ago (1 children)

Yup. I caught that after I clicked send. Oops

[–] starman2112@sh.itjust.works 2 points 11 months ago (1 children)

You are allowed to edit comments on lemmy

[–] wowwoweowza@lemmy.ml 1 points 11 months ago

Fixed. Thanks.

[–] PipedLinkBot@feddit.rocks 3 points 11 months ago

Here is an alternative Piped link(s):

https://piped.video/pmmG6z4wqO4?si=64BWjT8Slv5u3f1L

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] c5e3@lemmy.world 2 points 11 months ago
load more comments
view more: next ›