select all

The Internet Is Lying to You

You could be reading literally any other article on the internet right now, so how is it that you ended up here, right now, reading this one? (Thanks for your time, by the way!) You probably clicked on the link on Twitter or something, right? Well, not exactly — you certainly clicked something on Twitter, sure. But it wasn’t actually this link, because Twitter is one of many companies aggressively trying to destroy the very idea of links as we know them.

Instead, Twitter gave you something else and then swapped it out for this article’s actual URL instantaneously the moment you clicked, before you even had a chance to realize what was going on. You’ve probably run into this kind of link redirection before in the form of shortening services like Bitly and TinyURL, which first rocketed to popularity back when Twitter counted the full text of links against the character count. Those user-facing services were occasionally handy for cases where you might have needed to simplify long and highly specific URLs, like a specific view of Google Maps highlighting a destination, which might include in its URL some unwieldy combination of geographic coordinates to seven decimal places, an opaque blob of metadata, specific location names, and more.

That sort of product is a curious wrapper placed around a very specific group of HTTP status codes, which are collectively a group of signals that are always sent from servers to the computers trying to connect to them. Your browser requests a page from a server, and the page is sent in response, and at the top of that response is a status code. You’ve probably run into error 404 all over the place — it means “not found,” and you’ll see it anytime you try to follow a broken link. The rest of the 400 and 500 ranges refer to errors that are varying degrees of confusing, but the 300s are used for things that have moved rather than things that have vanished or have broken. If the thing you’re looking for has moved permanently, you’ll get a 301 with a pointer to the new location; if it has only moved temporarily, you’ll get a 302. Arguably, the entire purpose of Bitly is to surface the controls for this deeply buried internet signal and then wrap them in a cute user interface. URL redirects are intentional 300 errors!

There’s a big difference between URL redirects created deliberately by users and redirects created by companies for their users. Elective URL redirection invoked by users for their own convenience is arguably a necessary evil now that web applications have become sophisticated enough to do many complicated things at once, and consequently, keeping track of them all requires very long URLs. Far more concerning is the blanket use of this same technology by Twitter, Facebook, Google, and the many companies that so desperately aspire to be like them — they are incentivized to apply it across their services en masse, hoping the users won’t notice. Their massive economies exist on the internet almost solely because it is possible to capture a wealth of information by running code in the user’s browser tab, but even so, the same arcane rules of network architecture that gave us those error codes dictate that some things can only be done by routing through a server you control, so occasionally just running your code inside a browser tab isn’t enough. For example, if you want to detect a user’s I.P. address — and then possibly also geolocate it — for the most part, that can’t be done in the JavaScript that runs in the browser. In order to get that information, you’re going to need a server; then, to get the user to visit your server, you’re going to need to change the link they click in the first place.

Ultimately, though, redirecting a single user isn’t that important, especially if the value of collecting an I.P. address is surpassed by the comparatively tremendous identifying signal of a logged-in user account. Instead, the biggest impact of redirecting links may be in social applications where the redirected links are passed between users. Redirected links often end with unique numbers or gibberish alphanumeric hashes, which can be easily modified for each user because the available space of possible character combinations is effectively limitless. So every user gets a unique link that can be used to connect them with other users — when everyone is reposting someone else’s unique token, you can get a much more granular view of how a piece of information moves through a system. A single blog post with a sensible URL gets split into innumerable unique redirect links that instead end with inscrutable nonsense, each of them separately reporting back to the mother ship. This even includes off-platform use — if you copy and paste a redirected link into an email, it still works, inserting the recipient back into the tracking site’s activity network again as soon as they click through from their inbox. It all happens in a split second right after you click, and none of it is real.

This practice is ideologically flawed in a way that would probably horrify the engineers who originally designed the internet. They quite literally named it the internet precisely because it allowed smaller local networks to be connected: universities, labs, the military, the government, and eventually even the homes of regular people, all of whom suddenly had a unified addressing system for sharing content. Recklessly redirecting every URL into a proprietary version of the same thing philosophically seeks to undo that connectivity in favor of walled gardens where everything is the same flavor — every link is suddenly Twitter, even if it’s not actually Twitter, and if you want to read a blog or watch a video, you can just do it from one of Twitter’s servers using a pair of Twitter-colored binoculars. Links redirected by Bitly were part of the tool kit used by hackers attacking the 2016 presidential election, but somehow Twitter’s ideal internet is still one in which literally every URL begins with We know this to be true because the platform does not allow users to post any other kind of link. This plan is both dangerous and ridiculous.

Pages load more slowly, and the extra useless links are much more likely to break, and it’s impossible to know where you’re actually heading until after you’ve already clicked. One of the reasons users must so awkwardly tumble through a useless proprietary server that performs customized URL-redirecting behaviors is because this sort of thing is not actually included in any of our technical standards for building computer networks, and it is not part of any standard because it is a terrible idea. Bouncing internet users around between obfuscating servers in a game of internet pinball is a patently absurd way to run any sort of address system. It is a terrible distributed collective architecture that comes at the expense of the real internet. (Remember the real internet? It was once full of strange and diverse projects published by people all over the world, way back before Facebook began subsuming everything else, and then further changing the URLs to tell us that everything else outside of Facebook is actually also part of Facebook.) It’s somehow a simultaneously more boring and more nefarious version of Tor, the controversial anonymizing software that routes every request through a series of confusing intermediates before finally connecting to its actual intended destination. The same kind of network used by spies and criminals, but running backward, built by Facebook, and trying to send you ads.

URLs are, of course, used all over the place when writing web pages, and in some of those cases the HTML language gives the coder a way to specify whether a specific URL is “canonical” or one of these substitutions. There are some cases where redirecting links can be helpful, but those are the exception, not the norm. Why would you ever want a blanket policy to convert everything on the internet into its noncanonical form? Doing so trades away the structural health of the internet for … what, exactly?

On the level at which the packets flow, this is all a sham. Redirected URLs are networks that are lying to us, and to each other, with every server pretending to be a different server just long enough to log your clicks, tear off its mask, and run off cackling into the night. The news stories may now be fake, and we can also now watch them ripple through the universe with granular precision, logging every last gullible click. For the time being, machines still mostly do as they are told, and they will also dutifully learn to mislead us if we continue to teach them to do so. If huge swaths of the internet’s infrastructure are by now quite literally a web of lies, is it any wonder that some of us decide to use it for the same?

The Internet Is Lying to You