When you share a YouTube video using the share button it adds “si=some_unique_code” to the URL. If you don’t remove that it shows your personal account to anyone who receives it so that they can chat directly with you. For a lot of people this is their real name.
I’ve seen it all over Lemmy so I figured I’d mention it here! You only need the stuff before the question mark in the URL to let others see the video.
This can also be turned off in your YouTube settings under the privacy section. The setting is “channel visibility for shared links”. It will still add the si code for tracking though.
Since 4 March 2026 I am seeing “is=” in some YouTube links instead of “si=”, also with the 16 character ID.
The frequency with which I’ve seen the
siattribute included in youtube links has made me painfully aware of just how many people are not using the internet the same way I do; they’re experiencing the internet through a handful of mobile apps, not through a web browser on the desktop.Traffic is roughly 70-80% mobile on most websites I know.
A problem I’ve had is people using those Google share links. I keep yelling them that I’m not clicking that link no matter how funny or interesting it may be.
Even then… what proportion of people do you think know the parts of a URL? Or know what a URL even is…
You may be in a bubble, friend
I know all this stuff and even I don’t look at the technical stuff in the URL. I just make sure it doesn’t have dQw4w9WgXcQ in there.
til people don’t reflexively strip out everything after the ? unless you know exactly what it’s doing
tbf, it’s intentionally designed to be malicious and deceiving
Not sure if my anxiety is justified here, but I am not tech savvy whatsoever. And I worry about all the things I’m doing that’s probably completely giving myself away that I’m just unaware of. I didn’t know about this at all.
pretty much everything that has a “share” button does this. it’s not to help you share the link more easily than copying from the address bar - it’s to harvest your data
Even voyager gives a link to vger.to when you hit share instead of a direct link to the thing you want to share. No idea what they are doing with it (other than trying to redirect it to the app). Maybe it’s set up to just use the localhost and that’s all it does, but I usually strip that part out because I have no idea either way.
If it helps, for Androids share YT link to something like Untracker to remove unwanted nonsense from the url which you can then pass on safely (also works for things such as Amazon links).
For images, share to something such as Imagepipe first to remove location data. Other apps such as Aves Libre gallery or image Toolbox also strip this data but Imagepipe is simple - share image to it & it passes the image directly to your messaging app after stripping the data
On my forum, youtube links get stripped of any extra url parameters. Every site should have to do that.
That’s a great extra layer of protection, but people shouldn’t rely on it and get/stay in the habit of always removing the tracking code themselves.
Yeah, it’s easily possible to set it up to save the original link somewhere hidden. Same reason why you shouldn’t reuse passwords because it’s trivial to set up a site to look like it’s doing it right from the outside but actually saves all passwords in plaintext for owners, admins, or disgruntled staff to look at later and see if it logs in to your email.
Along similar lines be careful of the images you post if you location tag your photos. A lot of the larger websites will strip the location data by default but some do not. I’ve saved a handful of photos from reviews off the internet and now have people’s home addresses where the photo is of the product in their living room or whatever.
If you go to the ‘map’ section of your photos app it arranges them by location.
You can turn location tagging off globally when photos are taken or usually when you go to share a photo there is an option buried in a menu to strip location data(on mobile).
I have an iOS shortcut that remove exit meta data.
You can turn location tagging off globally
That’s one of the first things I did when configuring my kids phones.
It can’t share my personal account if I’m never signed in.
It would be great if link cleaning and auto-mirroring was part of the lemmy UI itself.
The problem is that there is an almost infinite way to design these kinds of URLs, so maintaining a database of what should be stripped out isn’t trivial.
Yeah, would be best within particular client implementations. Not core Lemmy tho. Too many ways to do this and high maintenance.
I think that would probably be a client implemented feature, not a Lemmy one. I also don’t design social medias, so I don’t really know.
Yeah “lemmy-ui” is the official web app for lemmy. There might be other web frontends or clients that already do this.
I remember telling this to people on reddit and getting downvoted to oblivion while redditors squawked “who tf cares bro”
fitting
I first heard about it on reddit but it was before the API exodus, so…
I just share the URL from the browser.
Even on mobile: I don’t use the YouTube app. On Android, this is a no-brainer, since you can run Firefox and uBlock Origin and bypass all the ads. On iOS it is a bit more dicey, but still advantageous to forego the app. Currently DuckDuckGo can bypass the ads for free. If you don’t mind paying, Wipr2 can also do it, in Safari. Then you just put a web shortcut to YouTube and bam, ad-free YouTube. Shitty icon though (it’s the regular icon in a white squircle). Either way, share from the browser, not YouTube.
Also, of course you can remove all the extra shit from the URL if you know how. That wisdom is lost on younger generations, but innate to older ones (who grew up around tech, like Millennials; or younger Gen X who adopted it at a young age — not like these iPad babies you have now).
I don’t see how it’s a generational thing. I remember when every link included the page type at the end, meaning there was nothing that could be truncated. If you don’t know what si stands for or don’t know that anything after a ? Is tracking bullshit, then you simply don’t know. It’s a “knowledgeable person” thing that can be learned at any time. I’ve pointed it out and many people I know still don’t care
I don’t see how it’s a generational thing.
People who grew up when smartphones were already a thing might never have needed to learn how the Internet and URLs actually work. To a lot of everyday users nowadays, the Internet is just a series of smartphone or tablet apps you switch between. I used to think that the spread of the Internet into more segments of society would create a society of computer nerds, ha ha ha ha ha nope.
Sample the people around you in real life. They don’t know any better, regardless of age. The group that experienced it has already largely forgotten it because the link purpose got obfuscated and the need became obsolete in everyday use
As a web developer, everything after the ? is actually parameters for the request. Anything could be in there, even important stuff (though hopefully nothing identifying, since that is extremely unsecure). You will likely break functionality if you delete everything without knowing what it is.
if it’s obfuscated, then it’s assumed to be malicious
Usually parameters are easy to understand. Like the time parameter in yt URLs, which is t=180 (meaning 180 seconds from the beginning of the video). Usually, parameters that are a string of seemingly random letters are UIDs or tracking parameters. Whenever I see a URL with one or multiple of those, I start deleting them and seeing if the URL still works. In 90% of the cases, it still does. Amazon is one of the worst offenders, with usually 4 or 5 random looking parameters that can be deleted without affecting the functionality of the URL.
People can’t even unanimously agree on when each generation starts and ends (see terms like “zillenial” or “xillenial”) so I’d even go so far as to say it’s a completely redundant concept in the colloquial sense. Obviously most people care more about continuing to use the “kids these days” rhetoric so it hardly matters regardless, but it doesn’t make it any less ridiculous.
Blurry deliberations are typical. As time goes on, “millennial” will become more accurate as the differences between xennial and zillennial become smaller and smaller in comparison to differences between _ennial and alpha or beta or delta. I just take issue with acting like direct url interface was the experience of a generation, and not a short-lived blip for the gen pop that has already been forgotten, especially as full url purpose has shifted to something arguably evil.
Blurry deliberations are typical.
Yes, though my point that I wanted to add is that people seem to treat generational terms as if they’re a fact of reality instead of a very shaky conceptualization of cultural differences between birth groups that are already influenced by a lot more factors than just when people are born. It’s much more of a spectrum than a strict range of demographics inherent to humanity.
Facebook and Instagram do the same btw. Just FYI.
TikTok too, actually. They’re just more clever about it by generating a slug when you share a video, so you can’t just lop off the end.
YSK PieFed automatically strips that out.
Like if you post a YouTube link, the platform detects it and automatically edits the link?
Yeah
Edit: I posted this from PieFed, and it preserved the “?si=” part of the URL, which I have since edited out by hand.
This one I loaded from a private-browsing tab. The URL includes the tracking ID but it may not be connected to me.
It doesn’t do it in comments, just when you make a post.
They might be talking about the default web interface.
That’s what I use!
Pretty cool!
Thank you for that.
Thats great!
Here’s another. If the video you want to share is on youtube, it’s also on invidious. Without ads, downloadable and just generally none of youtube’s bullshit. It even uses the same video vURL address.
tbh I would still prefer receiving the raw youtube link so everybody can redirect it to their preferred way of watching e.g. Morphee. Invidious instances can go down or stop working.
I haven’t had a positive experience with an invidious instance in years. They are usually either down or horribly slow for me.
Always remove those search parameters before pasting links, even to my friends. F—k these big tech platforms, I’m not giving you any sharing data!
Same here, the awful thing is if they click on it, they cannot see the comments under the video and can only “reply” to you. Not sure what that should do, since the link has already been shared.


















