Short URL

I've been ranting about this all week, so I'm taking a few minutes to blog about it here. Hopefully it does a little bit of good.

By now, everyone knows that OMG clicking a link can maybe reset your Samsung phone and erase all your data!!!11!! Unfortunately, it's true for a good many phones out there, including about a jillion Galaxy S2 models. Like mine. While I'm the first to say that OEMs need to get off their ass and patch the phone of every user in the world that still has a contract or is under warranty, I also know that in the end, it's us -- the users -- that are responsible for our own security. 

For some, like me and many of you, that means getting out the data cable, giving the OEM and their jacked version of Android the finger and flashing a custom ROM that fixes bugs and exploits. There are plenty of AOSP builds already made for my Galaxy S2, and I'll be flashing at least one of them this evening. But some of us can't (or just don't want to) hack things up and deal with different bugs on unofficial firmware. That's cool, too. Not everyone is an idiot who likes to break willing to hack their expensive phone. That means you get to sit and wait for a patch that may never come. What can you do?

Here's a quick and dirty suggestion that will cut down on over 9,000-percent (totally made up figure) of exploits. 

Stop clicking random short URL links from people you don't know or trust. Stop. 

How easy is it to hide a link to something disgusting, unsafe, or illegal inside a short link? Way too easy. Head to www.goo.gl and follow the instructions. And that's just one of many URL shorteners out there. In fact, if you're wanting to make a short link to a script or other bit of evil that legit URL shorteners have blocked, a cheap GoDaddy website and a bit of Googling can help you make your own. Then you can hide all sorts of nefarious shit in plain sight.

Knowing this, the next time you get a random text message, or @reply on Twitter, or Google+ spam, or Facebook spam (and this could go on forever), don't click the damn thing. Delete it. Maybe even report it. Reply to it that you think the sender is a douchebag. Do anything but click it. Only trust people you know you should trust. You can trust your bank. You can trust your church. You can trust us. You can't trust 86114 or the Prince of Nigeria.

By only clicking short links from people you trust, you'll have a pretty good idea where they are sending you is something that won't break your phone. Or if it does, you know who to kick in the balls for it afterwards.

 

Reader comments

Stop clicking random short URL links

33 Comments

Six paragraphs deep I was thinking, "smartest editor on AC, how'd the others get jobs?". Then I reached the seventh paragraph and realized I was wrong. Good writeup though, spelling is good, grammar... more than I can say about the other "editors". Of course, other reader's opinions may vary.

Nice, Jerry! And now I actually have a good reason to hate short links... Before I just hated them for the same reason I hate "chat/text speech", because it looks like people are being lazy. I'll take my 6 paragraph link anyday! :D

Hey Don't Bad Mouth The Prince, He It's A Stand Up Guy. He It's Sending Me Money To Help Him With A Recent Death I His Family.

for those that love their short links, use a website like unshort.me/ or unshorten.com/ and see where it's sending you

No f'ing sh*t... :-)

The whole concept has screamed "hack me" for years...

Who ever thought this was a good idea? ( except for the hackers, of course)

If you can't show me a real Link, I don't need to see what you're hawking...

B' Bye :-)

I can understand you're all heated about this but instead of all your dirty language why don't you just explain it like a normal person. Jeez. All the cursing is unnecessary.

Damn god article Jerry.

One observation. Jerry does such a good job of saying the dangers of trusting strangers but then saying you "can trust us" meaning Android Central I realized something. This was how Jerry got women back in the day. Tell them how you should trust the athlete but that he's their friend and you can trust him. SCORE!!

Jokes..fellas....jokes.

Awesome writeup but tell us how you really feel lol... Personally people who click on everything just annoy me.. I have never had a virus/malware ever and have been using computers since the 286!

I can see that Lookout has now inserted itself with a "scan before dialing" option (that can also be set as default) on my GS2. I assume that's in response to this problem?

I also have another dialer installed and none set as default, so just having the the request prompt showing up should also block any sneaky, automated dialing codes.