I’ve noticed a rise in people sharing links to YouTube, Instagram, Twitter, TikTok, and reddit that include tracking parameters in the URL.

It might largely be harmless for now, but it’s not good to let companies build a web of links between users of this site, and to link the usernames of users on this site to their off-site accounts, which may include sensitive info.

SM URL Part Appearance in URL Filtration technique
Youtube Query ?si=* Remove query string
Instagram Query ?igshid=* Remove query string
Twitter Query ?t= Remove query string
Tiktok Subdomain and path (vm/vt).tiktok.com/(random_string) Block
reddit Path /(sub_name)/s/(random_string) Block

This site should only allow canonical links to the content to limit the information exposed.

  • YearOfTheCommieDesktop [they/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    35
    ·
    11 months ago

    Yeah… As much as I wish it were not a problem for this site to solve, much like nitter/invidious/etc. links were better solved by a browser extension, It’s such a dangerous practice to allow this for a place that values opsec, that I really think we should get to work on it. Maybe upstream lemmy would accept it as well, we certainly aren’t the only privacy focused instance out there.

    Another one I’d add:

    SM URL Part Appearance in URL Filtration technique
    StackExchange Path /<answer_id>/<referrer_id> Remove final path element
    • What_Religion_R_They [none/use name]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      23
      ·
      11 months ago

      Yeah, maybe it’s better to take it to dessalines instead of keeping it on hb

      StackExchange

      Good call especially since we know the FBI used data from them in one high-profile sting already lol

      • DaringDarek [none/use name]@hexbear.net
        link
        fedilink
        English
        arrow-up
        9
        ·
        edit-2
        11 months ago

        I am very much in favor of getting as many of these as convenient off Hexbear. I made a smaller thread about I think the twitter ones a long time ago and it didn’t go anywhere at the time.

        Don’t forget the general purpose UTM ones:

        utm_content=site-enterprise-button&utm_source=organic&utm_medium=website&utm_campaign=null
        

        These are used across the net, various sites document what they are, like this one: https://mailchimp.com/resources/utm-links/