this post was submitted on 03 Jan 2024
137 points (100.0% liked)

hexbear

10261 readers
2 users here now

Now that the old Hexbear fork has been officially abandoned, this community will be used as a space for meta-discussion on the site itself.

founded 4 years ago
MODERATORS
 

I've noticed a rise in people sharing links to YouTube, Instagram, Twitter, TikTok, and reddit that include tracking parameters in the URL.

It might largely be harmless for now, but it's not good to let companies build a web of links between users of this site, and to link the usernames of users on this site to their off-site accounts, which may include sensitive info.

SM URL Part Appearance in URL Filtration technique
Youtube Query ?si=* Remove query string
Instagram Query ?igshid=* Remove query string
Twitter Query ?t= Remove query string
Tiktok Subdomain and path (vm/vt).tiktok.com/(random_string) Block
reddit Path /(sub_name)/s/(random_string) Block

This site should only allow canonical links to the content to limit the information exposed.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 35 points 10 months ago (1 children)

Yeah... As much as I wish it were not a problem for this site to solve, much like nitter/invidious/etc. links were better solved by a browser extension, It's such a dangerous practice to allow this for a place that values opsec, that I really think we should get to work on it. Maybe upstream lemmy would accept it as well, we certainly aren't the only privacy focused instance out there.

Another one I'd add:

SM URL Part Appearance in URL Filtration technique
StackExchange Path /<answer_id>/<referrer_id> Remove final path element
[–] [email protected] 23 points 10 months ago (1 children)

Yeah, maybe it's better to take it to dessalines instead of keeping it on hb

StackExchange

Good call especially since we know the FBI used data from them in one high-profile sting already lol

[–] [email protected] 9 points 10 months ago* (last edited 10 months ago)

I am very much in favor of getting as many of these as convenient off Hexbear. I made a smaller thread about I think the twitter ones a long time ago and it didn't go anywhere at the time.

Don't forget the general purpose UTM ones:

utm_content=site-enterprise-button&utm_source=organic&utm_medium=website&utm_campaign=null

These are used across the net, various sites document what they are, like this one: https://mailchimp.com/resources/utm-links/