This is for publishers to track outgoing links.
this post was submitted on 27 Mar 2025
931 points (91.1% liked)
Fediverse memes
1340 readers
5 users here now
Memes about the Fediverse.
Rules
General
- Be respectful
- Post on topic
- No bigotry or hate speech
Specific
- We are not YPTB. If you have a problem with the way an instance or community is run, then take it up over at !yepowertrippinbastards@lemmy.dbzer0.com.
- Addendum: Yes we know that you think ml/hexbear/grad are tankies and or .world are a bunch of liberals but it gets old quickly. Try and come up with new material.
Elsewhere in the Fediverse
Other relevant communities:
- !fediverse@lemmy.world
- !yepowertrippinbastards@lemmy.dbzer0.com
- !lemmydrama@lemmy.world
- !fediverselore@lemmy.ca
- !bestofthefediverse@lemmy.ca
- !fedigrow@lemm.ee
founded 8 months ago
MODERATORS
Mastodon is the preferred alternative.
decentralization is the way to go, loving it here.
I will never understand how people keep falling for the same scam over and over and over again... something has got to give at some point before I die
I'm shocked!
Well, not that shocked.
What else would happen. Lol
They already know your IP address, you're using their website/app.
It's either to track outbound clicks (And potentially block them if they're harmful, YouTube and Steam do that), or a much more unlikely option is to hide the referrer from the target site (Since browsers have better ways to handle that now, but old ones don't)
So either they are solving problems the most common browsers are solving or they are tracking clicks to sell user data. Somehow the latter sounds more likely, especially since they have no reliable source of income yet.
load more comments
(1 replies)
Wouldn’t it be easier to just scan the original post for harmful links?
Then you have to scan every single existing known post every time a new link is blocked, if you redirect it through a bouncer it's a single endpoint to block any link, regardless of the source of the post (since bluesky is in theory decentralized)
Interesting idea. Is that what devs & mods have commented about the system setup in update notes (if any?)? I'm not in web development, and not at all sure about what's considered standard practice or new. Others seem to be commenting in a way that sounds as though they feel put out or deceived, but you're saying it's just a minor security protocol?
Could be that.
Could be big data. If you click a link to furaffinity on Bluesky, this change means they know your account visited that website, and they know you're a furry. So they sell that data to Fursuits-R-Us. Then Fursuits-R-Us buys some feed priority with furry users, and now you're seeing a lot of posts about Fursuits-R-Us. Ta-da, that's the magic of feed-integrated personalised advertising. You get marketed to, and you don't even know it.
You might think advertising fursuits is harmless. But what if The Heritage Foundation buy that data and that feed priority instead? Or what if a right-wing Twitch streamer just started a playthrough of Red Dead Redemption, so they pay Bluesky to promote their content to all accounts that are marked as politically naive Red Dead fans?
This is how elections are bought and sold.
load more comments
(1 replies)
Websites can change
load more comments
(1 replies)
I mean, it was made by former Twitter execs... and that was marketed as an "advantage" over alternatives like Mastodon. This isn't surprising at all unless you literally don't pay any attention to anything.
load more comments
(3 replies)
Never follow social media to a second location.
sometimes follow social media to a second location.
always follow social media to a second location
perhaps even a third or fourth location
load more comments
(1 replies)
So much for the claims I read that it would be a more open platform. I can’t see how this possibly benefits the users.
The product is ~~not open source and it~~ is mainly controlled by a company through its servers and proprietary components. They own it. Even if they use some open protocols. They are about as open as OpenAI — they are not.
So much for the claims I read that it would be a more open platform.
There's no profit in an open platform. You only build these things to mine data.
load more comments
(2 replies)
you’re right that this is likely to be used for tracking crap, but i wouldn’t write off the concept as only for that
for example, home assistant has https://my.home-assistant.io/ where you can set your home assistant URL and doc links (etc) link there, and then that site in turn automatically redirects to the correct place on your local home assistant
this could be used similarly by the fediverse: imagine my.join-lemmy.org where lemmy instances you’re not logged into redirected you to, which then in turn redirects to your home instance… that way, links across the web to lemmy would automatically redirect to your home instance
perhaps it’s not something that’s worth the trade off - centralising in some ways - but in federated platforms on the web it’s far from a write-off
load more comments
(2 replies)
This is technically incorrect (the best kind of incorrect?). Bluesky is open source, with the exception of the discover feed algorithm, which they claim must remain secret to prevent it being manipulated. There are open-source replacements for that feed available, so it's open enough that it is theoretically possible to spin up a Bluesky replacement, albeit impossibly expensive.
Coming at it from another angle though, the product in any commercial social media product is you, so in that sense you're right: the product is not open source. Either way, open source code is not some panacea that erases all risk of commodifying its users. Bluesky is a great example because while it is open source, that in absolutely no way prevents them from tracking their users.
Additionally, it looks like you can host your own instance too.
It's kind of complicated. Bluesky doesn't do anything the way the fediverse does, so a PDS isn't a full instance, it's just the way that your personal account interacts with the Bluesky service.
An analogy I used in another thread about Bluesky got way too complicated, but my starting point was that if Bluesky is a swimming pool, then hosting a PDS is bringing your own personal bucket of water from home. Ultimately, you're still feeding it all into the one big pool that Bluesky owns, at least until somebody else builds another swimming pool (puts up the money to host a fully-fledged Bluesky replacement service) and you take your bucket over there.
On its own, the PDS doesn't really do anything without the rest of the infrastructure behind it. You can't go swimming in a bucket.
Bluesky is a trailer park. A PDS is a trailer. You can take it somewhere else, but you need somewhere to park it at night, and right now the only option is Bluesky.
Yeah. Bluesky works way more like how people seem to imagine the fediverse does, with PDSes being glorified dumb terminals accessing a (functionally, if not forever technically) centealized pool of content. Hosting a PDS is just shouldering some of the cost of BS's last mile.
load more comments
(1 replies)
load more comments
(7 replies)
load more comments
(1 replies)
load more comments
(7 replies)
Anybody know what the real reason for this is?
All websites can track how often a link is clicked, and what the link is, and who clicked it (especially if you have an account).
Most companies implement for malicious link control. They can actively scan as needed and they can prevent users from going to any links deemed malicious. It also adds tracking for amount of clicks on a specific URL. There are more nefarious uses that others have stated redirection for paid links to them and user profile building for ad targeting
I'm thinking they'd want to control misuse of the platform. Someone links malware and it is shared enough, they may want to be able to intercept that. At least, that's what I'd want to be able to do.
i doubt it’d be for that: if it’s a malicious link, they can just remove the post/link from their platform and the same effect is achieved
best case scenario it’s planning for when atproto has more PDSes, front-ends, etc: in that case, a central place where all platform links go so that you can set your “home” server so that all links into atproto redirect to your home server
worst case it’s for tracking click through for advertising
It's to get around a bug on some platforms where the Referer header isn't set properly. Basically when you click the link in the app (maybe other platforms too idk), it can't set the Referer, so website statistics can't know what came from bsky. This was in their changelog. It used to already work correctly on desktop, though.
Yeah I saw it in some announcement from them, it’s this.
So far no one seems to know what the real reason is. That is why there is a lot of guessing.
They said themselves its for publishers to track outgoing clicks.
Not sure why they have it go through a redirect like that; you can just trap click events and do whatever with them, including sending tracking info back before sending the user to the new page.
Probably so bluesky can get affiliate money, either changing affiliate links with their own a'la honey or just tracking them to report to advertisers how much traffic is going through their platform to garner deals.
In other words, money
load more comments
(3 replies)
I use an app called URLcheck that I've installed via F-Droid. Although it doesn't appear to give me the ability to skip the bluesky redirect action but at least I know it's there I guess.
You can use pattern checker to automatically replace the URL with the original one.
"bsky": {
"regex": "https?:\/\/go.bsky.app\/redirect\\?u=(https?.*?)",
"replacement": "$1",
"decode": "true",
"enabled": "true",
"automatic": "true"
}
(it's possible they will add more parameters in future, in which case you may want to restrict the selection to not be essentially anything after u=)
FYI, you need to insert an additional Return ¿ or the text will align with your image's left-hand side and throw off the comment formatting. The extra line of space will either place the text above or below the image instead of on its hip.
Ah okay thanks. Is that true, independent of the app I am using? Reason I ask is that I am currently using Sync, but I'm looking into other apps (Voyager specifically)
load more comments
(2 replies)
URL Checker is an awesome that many more should be using if they're not. It can also remove trackers, redirects and other shenanigans from links before committing to the click
Right? I didn't even know all of the times I've clicked links that had trackers on it before using this app, or to remove amp links and such too. I'm not 100% sure what the "scan" function does however.
load more comments
(2 replies)
The best part is that if you inspect elements, it still shows as the original link. They only generate the go link after you clicked.
that’s also for accessibility, etc so i wouldn’t pin it all on being malicious
That's how Google always worked, btw. But there is one obvious benefit to showing the original URL before you click it, you can hover it to see where the link actually leads before they hijack the click.
Not always, but for quite a while now
That is so... gross!!! Ugh. Yuck!
Gross, or brilliant?
The former lol. I'm a software dev and I'm ashamed at how we keep making the internet worse by just doing whatever the money tells us to do. It's even worse when we "innovate" for them in this way.
load more comments
(2 replies)
Depends on where you fall on the sociopathy spectrum.
load more comments
(7 replies)