Soo this seems to be when you use the "share" button on Youtube rather than doing the simple universal old-as-www thing of.. copying the URL from the URL bar. Of course, people these days have no idea what a URL or URL bar is, as it's often hidden anyway... :(
Of course, people these days have no idea what a URL or URL bar is, as it's often hidden anyway
...and if you didn't think this wasn't one of the goals of that trend, now you do. Those in power hate it when people can consume information from and communicate outside of their sanctioned methods.
We saw it coming when they started dumbing down browsers and hiding things from users --- not because the majority wouldn't use them, but to deliberately make users less inclined to learn.
Nearly 10 years ago(!) when that started happening, I made a comment here about how many YouTube users at the time realised what was the important part of the URL (the video ID) and began to use that in comments: https://news.ycombinator.com/item?id=7678729
Google has been working with great deal of effort for decades to stop people from using urls. From the integration of the search function in the address bar to the famous mangling of links returned by Google searches. It's why sites like urlclean exist.
I just looked at the full URI of very simple google search and it includes my browser for one thing... Why do they need those 387 characters beyond the original query...
If you right click on the progress bar at the bottom of the video, one of the options is: "Copy video URL at current time". (Although YouTube might also start adding extra IDs to that URL in the future.)
>Of course, people these days have no idea what a URL or URL bar is, as it's often hidden anyway... :(
The vast majority of users have no idea what an address or address bar is, let alone a Universal Resource Locator. Hell, most users don't understand files and folders in a computing context either.
As much as I hate how iOS, Android, MacOS, and presumably even Windows these days are obfuscating the file system and nearly everything pertaining to it, I do think it's a necessary step in the right direction. Most users do not address, and as computing hardware and software engineers, designers, and nerds we have an obligation to provide computers that all users can easily understand.
It is not a good idea to assume that users are stupid, uncurious and can’t learn. The end-state of this philosophy is that citizen can’t get informed and can’t vote properly, we need to tell them who to vote for, and do it instead of them.
What differenciated the Middle Ages from the Enlightenment periods is the understanding that people aren’t that stupid, we don’t have to hide the Bible behind Latin, we can translate it to the local language and they’ll learn by themselves instead of going through clercs, and the same goes for law, physics, sciences and philosophy.
And we’re much better off with populaces able to make decisions for themselves (ie copy from the URL and drop one letter by mistake) than dumbing down everything to have control over them.
Knowing how to navigate to websites directly seems important for laypeople to understand.
There is point where dumbing down technology doesn't make it meaningfully more accessible but just serves to harm users. Hiding the URL bar is past that point.
Same, shaking my head. Your “users” are full grown adults with full time jobs and kids. They dont have time to understand nothing. iOS model of simplifying everything is far more intuitive and better.
Don’t get me wrong, I’m all in for a dev-switch which would enable scripting and open up everything in OSes. But tell me how you are gonna do that without scammers telling grandmas “Copy this thing to here, yeah…”. Currently the dev switch is e.g. a Mac and $99/year, for iOS.
Damn. I noticed this happening a while back and I didn't think much of it. I just deleted the si= part because I knew it's not necessary for a Youtube link to work! I was curious about why this has been added and figures there's been something nefarious going down.
I kept using the app (with ads) because despite my hate for Google I still thought it was the right thing to do. And using YouTube in a browser on mobile felt clunky. But I noticed that identifier in the shared url too and that, plus the increase in ads, finally pushed me to ditch the official app and go with NewPipe. No more ads, no tracking in the URL, sharing the URL can be done with timestamp, when tapping a yt Link in another app, I get asked if I want to play it right away, enqueue it, play it in the background or play it in a little floating window.
At least on Apple devices, it allows you to “paste” things in surprisingly unlikely places. With some finesse, you can even add custom actions on MacOS like passing it to a shell script that downloads and then pipes it into ffmpeg or whatever. Yeah I use it a lot
Same thing I've noticed for Instagram links and many other different apps. Most of them have started tagging the link, to track the user, or check who interacts who, I think.
Those who don't want clean link manually, can use link cleaner apps or uBlock origin in browser.
Right, first I noticed Twitter doing it and then YouTube. I thought, someone sold those corporations new tracking tool or an existing one got a new feature.
Ever since the first time I spotted this I've been removing it manually. Any browser addons to help with this, anyone?
The fact that Google has to resort to this is amusing. To me it means they can't do it any other way and are now leaving themselves wide open for us the techies to strip that tracking ID; which we absolutely will do.
ClearURLs implemented the rule to remove the si attribute on November 5th[1].
I think a better approach though is to whitelist allowed attributes rather than blacklist disallowed attributes. For example, if you get a URL starting "https://www.youtube.com/watch?" then the only allowed attributes are v, t, etc and everything else would be stripped.
> The fact that Google has to resort to this is amusing. To me it means they can't do it any other way and are now leaving themselves wide open for us the techies to strip that tracking ID; which we absolutely will do.
I don't think it means that (although I wish it did): it's just another connecting datapoint, and more connecting datapoints are always good from their perspective.
(I think it's helpful to think about these things from Google's perspective: they're running a service that ~billions of people access and share daily. 95% or more of those people won't know how to strip those identifiers; the 5% or so that do are put on the slightly-less-happy-path for social graph discovery.)
Oh I am sure it will have positive impact on their tracking; that much is guaranteed.
What I am saying is that they chose a very lame way to do it and this robs them of very valuable data they could get from those 5% and I'd argue that they really would want to know how you and me are moving and discovering stuff when we're outside YouTube.
Trying hard not to have the protagonist syndrome here but I'd think they are more interested in how the non-couch-surfers do stuff.
Though a very good counter-argument would be that they can now target ads better and probably gain slightly higher conversation regardless of us the 5% stripping the tracking parameter, and that would still be a huge financial win for them.
All in all, my stance is: let them have it, but I still find it reassuring that they are not even covert about it which gives us a lot of options on how to deny them.
Finally, there's the possibility of various browsers and addons to start automatically removing the tracking parameter, though such movements usually take years.
The theory has been at some point they'll remove the separate ID and have a single ID that encompasses both. Due to things such as Apple's automatic tracking link removal (but also many others):
https://9to5mac.com/2023/06/08/ios-17-link-tracking-protecti...
If you click on the link, you can see all the tracking parameters in the URL bar. Whosever link this is used the official Reddit iOS app to generate the unique URL.
Not a browser extension, but an Android app. URLChecker[0]. You can "share" to this app, and can clean the URLs (uses ClearURLs database) and check for redirects. You can also do more advanced URL rewrites (such as Twitter -> Nitter) and open URLs in specific browsers
This is purely an extra data point; without it, there is 0 attribution for which user is responsible for a link to a video causing that video to go viral, besides the referrer header.
They have experimented with other ways to do this in the past. For example, they used to have a direct friends list on YouTube where you could share videos to
specific friends or groups of friends at once.
They can obviously generate indistinguishably unique urls for video sharing links if they wanted, this is just easier to implement (though not by much).
Also there’s no treachery afoot here… go ahead and remove it, the stakes here are very low.
Well exactly, they are outright adding an URL parameter and of course I'll remove it. Doesn't mean that they don't rely on less tech-inclined people to never even notice, and I am sure that's a core part of their strategy anyway.
As for the indistinguishable URLs, you have a solid point there but I'd think there would be a lot of outrage because people want those URLs to generate previews when pasted in pages, social media comments etc.
Not to mention all the false positives generated by people embedding such URLs.
So I think for now we're safe on that front, they would poison their own well if they went ahead with encoded URL identifiers, happily.
But again, I am very amused that they just outright added "?si=..." -- to me that reeks of desperation and I have to admit that I enjoy it when Google is struggling.
Pretty sure it's way older than that. My YouTube ReVanced version is installed early March and it has this behaviour. I'm quite sure I've seen it also last year too.
Right, but nothing prevents YouTube to get rid of public video IDs and simply share an opaque version of (user, video) whenever possible.
It'd be awful, but Google nowadays is willing to do shitty stuff like this and atrocious stuff like engage with the military too (because obviously the only flaw of project maven was being discovered)
URL obscuring gives a URL a shelf life that URL parameters don’t. The URL only ends up functioning as long as the redirect service is functional whereas a URL will work no matter what garbage parameters you throw in after the ? in a URL. If the page can do something with the parameters it will, but if it can’t, it just gets ignored.
True, but that redirect service can be stupid simple if the URL has all the information it needs to do the redirect encrypted in the URL. So no new DBs.
The URL gets a little longer, but a format-preserving encryption scheme might be able to help a bit.
Not even that, I'm surprised they don't just encode it into the actual uri and dynamically generate those on share and decode when someone clicks it. I'm not seeing why they need this as a parameter in the query string to begin with.
I wonder if that shows up in some error log of failed &si= lookups in their tracking database. Maybe some random engineer at Google will see it and be amused for about 10 seconds.
Readit News
https://nitter.net/OldRowSwig/status/1732112446943269347
...and if you didn't think this wasn't one of the goals of that trend, now you do. Those in power hate it when people can consume information from and communicate outside of their sanctioned methods.
We saw it coming when they started dumbing down browsers and hiding things from users --- not because the majority wouldn't use them, but to deliberately make users less inclined to learn.
Nearly 10 years ago(!) when that started happening, I made a comment here about how many YouTube users at the time realised what was the important part of the URL (the video ID) and began to use that in comments: https://news.ycombinator.com/item?id=7678729
No wonder Chrome wants to hide all that...
The vast majority of users have no idea what an address or address bar is, let alone a Universal Resource Locator. Hell, most users don't understand files and folders in a computing context either.
As much as I hate how iOS, Android, MacOS, and presumably even Windows these days are obfuscating the file system and nearly everything pertaining to it, I do think it's a necessary step in the right direction. Most users do not address, and as computing hardware and software engineers, designers, and nerds we have an obligation to provide computers that all users can easily understand.
What differenciated the Middle Ages from the Enlightenment periods is the understanding that people aren’t that stupid, we don’t have to hide the Bible behind Latin, we can translate it to the local language and they’ll learn by themselves instead of going through clercs, and the same goes for law, physics, sciences and philosophy.
And we’re much better off with populaces able to make decisions for themselves (ie copy from the URL and drop one letter by mistake) than dumbing down everything to have control over them.
There is point where dumbing down technology doesn't make it meaningfully more accessible but just serves to harm users. Hiding the URL bar is past that point.
Don’t get me wrong, I’m all in for a dev-switch which would enable scripting and open up everything in OSes. But tell me how you are gonna do that without scammers telling grandmas “Copy this thing to here, yeah…”. Currently the dev switch is e.g. a Mac and $99/year, for iOS.
I used to see ads occasionally on YouTube before they tried to crack down. The irony lol.
At least on Apple devices, it allows you to “paste” things in surprisingly unlikely places. With some finesse, you can even add custom actions on MacOS like passing it to a shell script that downloads and then pipes it into ffmpeg or whatever. Yeah I use it a lot
Those who don't want clean link manually, can use link cleaner apps or uBlock origin in browser.
But Twitter doesn’t appear to do it anymore.
Deleted Comment
The fact that Google has to resort to this is amusing. To me it means they can't do it any other way and are now leaving themselves wide open for us the techies to strip that tracking ID; which we absolutely will do.
Things must be getting desperate somewhere in HQ.
Good.
If you want power and customizability, check out Request Control.
uBlock Origin can also block this by adding the following rules (Dashboard > My Filters tab):
I think a better approach though is to whitelist allowed attributes rather than blacklist disallowed attributes. For example, if you get a URL starting "https://www.youtube.com/watch?" then the only allowed attributes are v, t, etc and everything else would be stripped.
[1] https://github.com/ClearURLs/Rules/commit/f4d52da5902640d4d0...
I don't think it means that (although I wish it did): it's just another connecting datapoint, and more connecting datapoints are always good from their perspective.
(I think it's helpful to think about these things from Google's perspective: they're running a service that ~billions of people access and share daily. 95% or more of those people won't know how to strip those identifiers; the 5% or so that do are put on the slightly-less-happy-path for social graph discovery.)
What I am saying is that they chose a very lame way to do it and this robs them of very valuable data they could get from those 5% and I'd argue that they really would want to know how you and me are moving and discovering stuff when we're outside YouTube.
Trying hard not to have the protagonist syndrome here but I'd think they are more interested in how the non-couch-surfers do stuff.
Though a very good counter-argument would be that they can now target ads better and probably gain slightly higher conversation regardless of us the 5% stripping the tracking parameter, and that would still be a huge financial win for them.
All in all, my stance is: let them have it, but I still find it reassuring that they are not even covert about it which gives us a lot of options on how to deny them.
Finally, there's the possibility of various browsers and addons to start automatically removing the tracking parameter, though such movements usually take years.
Reddit too, but I don't have a news source for it. I can only share a link I came across: https://reddit.com/r/dataisbeautiful/s/LCv7yIwiVF
If you click on the link, you can see all the tracking parameters in the URL bar. Whosever link this is used the official Reddit iOS app to generate the unique URL.
[0]: https://github.com/TrianguloY/UrlChecker
This is purely an extra data point; without it, there is 0 attribution for which user is responsible for a link to a video causing that video to go viral, besides the referrer header.
They have experimented with other ways to do this in the past. For example, they used to have a direct friends list on YouTube where you could share videos to specific friends or groups of friends at once.
Also there’s no treachery afoot here… go ahead and remove it, the stakes here are very low.
As for the indistinguishable URLs, you have a solid point there but I'd think there would be a lot of outrage because people want those URLs to generate previews when pasted in pages, social media comments etc.
Not to mention all the false positives generated by people embedding such URLs.
So I think for now we're safe on that front, they would poison their own well if they went ahead with encoded URL identifiers, happily.
But again, I am very amused that they just outright added "?si=..." -- to me that reeks of desperation and I have to admit that I enjoy it when Google is struggling.
Edit: found a you.be link of mine with the `si` param from August 23rd.
When it became news https://old.reddit.com/r/webdev/comments/15ukrpi/what_is_the...
It'd be awful, but Google nowadays is willing to do shitty stuff like this and atrocious stuff like engage with the military too (because obviously the only flaw of project maven was being discovered)
Instagram and TikTok have already been doing this for years.
Ironically I've only seen it work best when removing tracking from Firefox's own links. https://mastodon.social/@lazycouchpotato/111480927753796790
The URL gets a little longer, but a format-preserving encryption scheme might be able to help a bit.
Not that I want to give them any ideas.
Dead Comment
Deleted Comment
Tracking copy pasted like is an old techniques that also allows them to build a unofficial friend graph between cookie profiles.