Michael Barrett 
The URL shortening service tr.im is closing up shop, promising to maintain redirected URLs until December 2009.
There is a lot of noise on Twitter and tr.im’s blog about the shut down. Apparently many users were using a feature of tr.im to generate ad hoc web site statistics – which was foolish even before tr.im shut off its service.
There are many little remora-like services that piggy back on Twitter’s success, Twitpic, Audioboo, and various URL shorteners.
Since I’m an old timer on the internets, my first reaction when one web site asks me for my username and password for another web site (under completely different ownership no less) is to get suspicious. I wonder how hard it would be to convince people to give up their bank website username and password, if you promised to print funny pictures of cats on their checks.
The folks at tr.im seem to be earnestly trying to prevent their domain name from falling into the hands of spammers, which I applaud. But it’s only a matter of time before one of the other services fails and sells out, and we get a web full of link rot and spam.
Twitter’s absurd 140 character limit is based on a primitive SMS limitation that is no longer relevant. It’s this arbitrary limit which creates the need for URL shortening services in the first place, which Twitter strangely doesn’t provide internally (Twitter apparently hooks into bit.ly for URL shortening, but who knows how long that will last.)
If Twitter provided this service itself it would accomplish two things:
- Less link rot (if twitter dries up and blows away, so do the broken links)
- Twitter could check for spam or malware laden links as a service to their users
While I think shorter URLs are generally nicer to use (assuming they are somewhat intelligible when you read them) I think URL shortening services are just a tragedy waiting to happen.
A poorly authored (or a deliberately shady) URL shortening service can be used to obscure links to phishing sites, sites which try to install malware, or create links which actually contain malicious scripts themselves.
Since I’m not an active Twitter user, the only ‘follow’ requests I receive are from spammy, porny, fake twitter users with only one ‘tweet’ – the tweet containing, of course, some shortened URL from some service I’ve never heard of. (it’s interesting that most of my actual activity on the Twitter site itself is to block these spambots from following my account).
The giant gaping security holes in URL shortening services notwithstanding, I am a little surprised by the number of services who’s only business model seems to be “fill in a missing feature for Twitter and worry about making money later”.
A simple change at Twitter, say allowing Tweets to be 255 characters long, would basically shut down a number of web sites before they ever make any money.