Web links are great, when you’re on the web. But if you need to read off or write down a web address, or URL, to someone else, anything beyond a simple domain name is going to be way too complicated. Ideally, you want something short and memorable. Enter link-shortening services like Bitly, Owly and others. These services convert long, ugly URLs to short, simple, memorable links. Unfortunately, this also obscures the actual link. When you click a shortened link, you have no idea where it will take you. Today, I’ll give you some tools that will allow you to determine the final destination and even see an image of the site without actually going there.

In other news: TikTok group teaches people how to hot-wire Kia and Hyundai cars; Twitter charges users for the least-secure two-factor authentication method; scam authenticator apps proliferation on the app store; Apple devices are being stolen after surreptitiously learning the lock codes; Google to launch Android Privacy Sandbox beta; Mozilla discovers huge discrepancies between actual privacy policies and the ‘nutrition label’ summaries on top Android apps; supermarkets track tons of user data via loyalty cards and apps; we need to create a much more robust and resilient internet; and the CEO of Safing answers a user question about Portmaster and SPN.

1. [Lifehacker] TikTokers Are Hot-Wiring These Hyundai and Kia Cars https://lifehacker.com/tiktokers-are-hot-wiring-these-hyundai-and-kia-cars-1850113943
   
2. [Mashable] Twitter to charge users for SMS two-factor authentication https://mashable.com/article/twitter-removes-sms-2fa
   
3. [9to5mac.com] Scam authenticator app advertising on App Store: Sends all your QR codes to the developer https://9to5mac.com/2023/02/21/scam-authenticator-app/
   
4. [MacRumors] Apple Responds to Report About Thieves Spying on iPhone Passcodes to ‘Steal Your Entire Digital Life’ https://www.macrumors.com/2023/02/24/iphone-stolen-passcodes-report/
   
5. [The Verge] Google launches first Android beta for ad-tracking overhaul https://www.theverge.com/2023/2/14/23599027/google-android-privacy-sandbox-beta-advertising-tracking
   
6. [foundation.mozilla.org] Mozilla Study: Data Privacy Labels for Most Top Apps in Google Play Store are False or Misleading
   
7. [The Markup] Forget Milk and Eggs: Supermarkets Are Having a Fire Sale on Data About You https://themarkup.org/privacy/2023/02/16/forget-milk-and-eggs-supermarkets-are-having-a-fire-sale-on-data-about-you
   
8. [Schneier Blog] What Will It Take? https://www.schneier.com/blog/archives/2023/02/what-will-it-take.html
   
9. How to Reveal Shortened URLs: https://firewallsdontstopdragons.com/how-to-reveal-shortened-urls/
   

• 2FA apps: https://lifehacker.com/the-best-authenticator-apps-for-iphone-and-android-1850140802 
  
• Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
  
• Send me your questions! https://fdsd.me/qna 
  
• Support me! https://fdsd.me/support 
  
• Subscribe to the newsletter: https://fdsd.me/newsletter 
  
• Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
  
• Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest 
  
• Generate secure passphrases! https://d20key.com/#/ 
  

Use these timestamps to jump to a particular section of the show.

• 0:00:47: Book out of stock?
  
• 0:01:45: News rundown
  
• 0:04:09: Hot-Wiring Hyundai and Kia Cars
  
• 0:09:11: Twitter to charge users for SMS 2FA
  
• 0:12:58: Scam authenticator apps
  
• 0:18:13: Thieves Spying on iPhone Passcodes to ‘Steal Your Entire Digital Life’
  
• 0:24:22: Google launches first Android beta for Privacy Sandbox
  
• 0:27:52: Data Privacy Labels in Google Play Store are False or Misleading
  
• 0:34:59: Supermarkets Are Having a Fire Sale on Data About You
  
• 0:44:41: Schneier: What Will It Take?
  
• 0:52:38: Dear Carey
  
• 0:55:53: Tip of the Week
  
• 1:01:21: Wrap up: merch store, previews