Search

Categories

TinyURL

I see a lot of people using TinyURL.com and I gotta say it sounds a little scary. For those of you who know, anytime you access any website the IP address of your computer is available to that website’s server. For example here’s some information about you


That means when you go to that site to make a tinyURL they can record that information. On top of which, anytime any person you send that link to clicks on the link that person’s browser will connect to TinyURL.com to get redirected to the actual site but while connecting, again, TinyURL can record both which link was used and the IP address of the person using the link.

In other words, TinyURL can track who made the link and every person who followed the link. There’s all kinds of things that could be used for. A simple one might be advertising. If you like something maybe all your friends do as well. They could also check if one of your links was used by a known criminal or terrorist.

Of course the guy running it is probably a nice guy and is not doing that but it says right on his site that links are valid forever which means he’s keeping at least some of that information. Who knows when someone will make him an offer to sell TinyURL.com and the buyer will decide how to use that info.

Of course any site can track the info shown above and most do. What they can’t do is tell who told you about a particular page. When you use a tinyURL, TinyURL.com can tell who made the link and who it got passed to.

Note: I’m not a paranoid person. Part of this post is because I have friends that use TinyURL and those same friends worry about systems like Plaxo that track similar stuff. Also, Wired.com recently ran an article about TinyURL and didn’t mention the possible issues, something that Wired normally seems hyper sensitive about.

  • frumin
    Demographic information

    One thing they could easily get out of it is your demographics. For example, look at what gets sent to greggman.com from my user agent:

    Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040223 Firefox/0.8

    Now if they had some sort of a program that filters this information and matches it with ad banners, they could try and sell me some stuff that I might like; for example they could show me ads for thinkgeek.com or O’Reilly. Some browsers can change the information they send to the server (like Opera) to appear as if they were a different web browser, etc. The server will most likely place a cookie with a string that will tell all affiliated sites what kinds of things you might like (1123#@34, “Look Bill, this guy LOVES unix stuff, lets send him an ad from Sun”) and will show it to you when you return to the website. Or you could just store IP addresses and user agent info and do all kind of neat stuff with it. Say the server records all IP address alon with user agent info and filters out information about your operating system. Then they could try and send you some bogus stuff via “net send” if your operating system was Windows and your user agent was Internet Explorer (since they’d figure if you didn’t bother to get some decent browser, you propably won’t be running a firewall either) and tell you to click some link with spyware, trojan or a virus. Or a link to http://www.mozilla.org and the latest security patch ^_^

  • sherlock101
    just sad journalism

    this is just stupid journalism. the article makes tinyurl appear to be first one with the idea. it was not. besides, there are now tons of services like tinyurl and the only two that really stand out are http://snipurl.com or http://notlong.org

  • frumin

    No shit, sherlock

  • Anonomussy
    It’s not journalism…

    It’s just one guy’s observation on his own website.
    Sheesh.

  • joojoo
    An alternative AtomURL – shortcut to everything

    gotta check out Atomrul.com

    you can even do

    http://atomurl.com?IBM

    above takes you to yahoo finance quote page for IBM

    or

    http://atomurl.com?iraq war

    above takes you to google search to search for “iraq war”