37 comments

[ 1.5 ms ] story [ 55.3 ms ] thread
What purpose does "deactivating" any serve?
It may help prevent linkjacking. If an old URL no longer works, but the goo.gl link is still available, it's possible that someone could take over the URL and use it for malicious. Consider a scenario like this:

1. Years ago, Acme Corp sets up an FAQ page and creates a goo.gl link to the FAQ.

2. Acme goes out of business. They take the website down, but the goo.gl link is still accessible on some old third-party content, like social media posts.

3. Eventually, the domain registration lapses, and a bad actor takes over the domain.

4. Someone stumbles across a goo.gl link in a reddit thread from a decade ago and clicks it. Instead of going to Acme, they now go to a malicious site full of malware.

With the new policy, if enough time has passed without anyone clicking on the link, then Google will deactivate it, and the user in step 4 would now get a 404 from Google instead.

I'll never use a URL shortener again.
"I'll never use a URL shortener again."

I don't know if anyone should use a URL shortener or not ... but if you do ...

"Oh By"[1] will be around in thirty years.

Links will not be "purged". Users won't be tracked. Ads won't be served.

[1] https://0x.co

Years ago Google deactivated a similar product, which ended my access to a tech blog I had written for years.

I'll never use a Google product again.

What amazes me is that this wasn't the original plan. What product manager thinks "the best thing for our customers is to delete their data!".

> We understand these links are embedded in countless documents, videos, posts and more, and we appreciate the input received.

How did they think the links were being used?

So bizarre. Embedded links, docs, social posts, stuff that could be years and years old, and they're expecting traffic to them recently? Why do they seem to think their link shortener is only being used for like someone's social profile linktree or something. Some marketing person's bizarre view of how the web is being used.
> How did they think the links were being used?

Can't dig this document up right now, but in their Chrome dev process they say something along these lines: "even if a ferie is used by 0.01% of users, at scale that's a lot of users . Don't remove until you've made solely due impost is negligible".

At Google scale I'm surprised [1] this is not applied everywhere.

[1] Well, not that surprised

One that is operating in an environment where strict privacy laws exist. User data stuck in legacy systems is a liability.

Not only are things evolving internally within Google, laws are evolving externally and must be followed.

I don't understand. For you to see the message, you have to click on the link. Your clicking on the link must mean that the link is active, since it is getting clicks. So why is the link being deactivated for being inactive?
"Actively used" criteria scrods that critical old document you found, in which someone trusted it was safe to use a Google link.

Not knowing all the details motivating this surprising decision, from the outside, I'd expect this to be an easy "Don't Be Evil" call:

"If we don't want to make new links, we can stop taking them (with advance warning, for any automation clients). But we mustn't throw away this information that was entrusted to us, and must keep it organized/accessible. We're Google. We can do it. Oddly, maybe even with less effort than shutting it down would take."

> someone trusted it was safe to use a Google link.

That someone made a poor decision to rely on anything made by Google.

"Those who control the past control the present. Those who control the present control the future."

Look at what happened to their search results over the years and you'll understand.

"Don't Be Evil" has been deprecated for a while
> Oddly, maybe even with less effort than shutting it down would take.

Google has a number of internal processes that effectively make it impossible to run legacy code without an engineering team just to integrate breaking upstream API changes, of which there are many. Imagine Google as an OS, and every few years you need to upgrade from, say, Google 8 to Google 9, and there's zero API or ABI stability so you have to rewrite every app built on Google. Everyone is on an upgrade treadmill. And you can't decide not to get on that treadmill either because everything built at Google is expected to launch at scale on Google's shitty[0]-ass infrastructure.

[0] In the same sense that Intel's EDA tools were absolutely fantastic when they made them and are holding the company back now

I would've imagined that the good will (or more likely, the lack of bad will) from _not_ doing this would've been worth the cost, considering I can't imagine this has high costs to run.
They probably saved the equivalent of an engineer's salary!!
And for an encore, I guess they'll start tearing out random pages in the books I didn't happen to read last August?
Noticed recently on some google properties where there are Share buttons that it's generating https://share.google links now instead of goo.gl.

Is that the same shortening platform running it?

And also does this have something to do with the .gl TLD? Greenland? A redirect to share.google would be fine

Next step, deprecate those ridiculous forms.gle links that just train users to ignore domain names.
Yet another google product put to the chopping block. If products were people, they'd have a lot of blood on their hands.
I am pretty sure the terrible idea of putting the Google brand on something that can so easily be used for phishing is the reason they deprecated it in the first place. They should have used something without obvious branding.
I'm sure there's some level of security implication, but maybe they could also archive the database of redirect with Archive.org or just release it
oh google, please get your mojo back this is correct
Jesus, do not rely on Google for anything.
This whole thing has 0 cost to Google to run. They could be nice citizens and continue to provide this service for free, but they chose to not to.
i am not even sure what you can trust this company for anymore
“COOL URLS DON’T CHANGE! COOL URLS DON’T CHANGE!!” I continue to insist as I slowly shorten and turn into a bit.ly
Reaching a measurable reduction in cost by commiting a immeasurable breach of customer trust. Seems to be a repeating pattern over there at google.

I for one would think twice to rely too much on any of their services.

It's like they don't get it. As if they're incapable of understanding.

Inactive links? There is no such thing. Research papers written a decade ago, you read, and want to click. Now you cannot, unless the data is popular.

If they're keeping the service alive, then keep it alive.

This reminds me of when google deleted my entire timeline (and broke the photo integration feature) to save some pennies. This is despite the fact I am a google one subscriber and have hundreds of gigabytes free. They sent me a couple of emails as warning to a gmail address I don't use, and nothing to the primary email address associated with the account. I hope they are happy with their nickles, because they lost a $1000+ a year subscriber over it.