Social Networking

I made the mistake of using TinyURL.com, a service that claims to "convert long urls into short ones" for one of my mailings.

Now apparently I found that the site does not only convert long urls into short ones, but that BEFORE THE REDIRECTION takes place (from the short tinyurl.com url to the real amazon.com one) the script inserts ITS OWN ASSOCIATE ID BEFORE MINE!

To prove this, I used WGET (a gnu http file retrieval tool for linux and also ported to windows) to do a request to my own "short url".

They cleverly change the redirection address, from what you enter when you create the "tiny url":

www.amazon.com/.../ASIN/BXXXXXXXX/your_associate_id
to
http://www.amazon.com/exec/obidos/redirect?tag=tinyurl-20%rest-of-your-original-associate-url-here

Real URL and associate IDs changed for privacy reasons, the one I'm leaving "as is" is the Tinyurl one!:

c:>wget --user-agent="Mozilla/5.0" http://tinyurl.com/axu6
--05:48:19-- http://tinyurl.com/axu6
=> `yupe6'
Resolving tinyurl.com... done.
Connecting to tinyurl.com[216.234.186.14]:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://unicyclist.com/tinyurl/redirect.php?num=axu6 [following]
--05:48:50-- http://unicyclist.com/tinyurl/redirect.php?num=axu6
=> `redirect.php@num=axu6'
Resolving unicyclist.com... done.
Connecting to unicyclist.com[66.98.140.48]:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://www.amazon.com/exec/obidos/redirect?tag=tinyurl-20&path=http%3A
%2F%2Fwww.amazon.com%2Fexec%2Fobidos%2FASIN%2FB0000560AA%2Fmyassociateid-20 [followin
g]
--05:48:51-- http://www.amazon.com/exec/obidos/redirect?tag=tinyurl-20&path=htt
p%3A%2F%2Fwww.amazon.com%2Fexec%2Fobidos%2FASIN%2FB0000560AA%2Fmyassociateid-20
=> `redirect@tag=tinyurl-20&path=http@3A@2F@2Fwww.amazon.com@2Fexec@2
Fobidos@2FASIN@2FB0000560AA@2Fmyassociateid-20'
Resolving www.amazon.com... done.
Connecting to www.amazon.com[207.171.182.16]:80... connected.
HTTP request sent, awaiting response... 302
Location: http://www.amazon.com/exec/obidos/ASIN/B0000560AA/myassociateid-20/ [follow
ing]
--05:48:51-- http://www.amazon.com/exec/obidos/ASIN/B0000560AA/myassociateid-20/
=> `index.html'
Connecting to www.amazon.com[207.171.182.16]:80... connected.
HTTP request sent, awaiting response... 301
Location: http://www.amazon.com/exec/obidos/tg/detail/-/B0000560AA?v=glance [fol
lowing]
--05:48:52-- http://www.amazon.com/exec/obidos/tg/detail/-/B0000560AA?v=glance
=> `B0000560AA@v=glance'
Connecting to www.amazon.com[207.171.182.16]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

[ <=> ] 77,636 20.60K/s

05:48:57 (20.60 KB/s) - `B0000560AA@v=glance' saved [77636]

SO THE COOKIE GETS SET FOR THE ASSOCIATE ID "TINYURL-20" BEFORE it loads the destination page!!.

I wonder what can I do to stop this, and if Amazon.com is aware of this scam. For instance, should associate members be allowed to use the "redirect" url
http://www.amazon.com/exec/obidos/redirect?tag=tinyurl-20&path=http://original-url

???

Second, they are hiding the fact on the tinyurl.com page they they actually REPLACE ASSOCIATE IDs WITH THEIR OWN!!

This, in my view, is a scam!

Create a "tinyurl" for your own original long-url (amazon.com associates individual item view) and see for yourself...

I AM REALLY OUTRAGED!!!

Tinyurl-20 should be suspended!!!! What is an official amazon.com email address to complain about this?

Well, let's have some honorable person (who needs a book who would never ever order stuff on his own Assoc ID) set up a Tinyurl url, order the book (whatever), and see if it rings up on his own cash register. If it does, he can always apologize to Amazon for the mistake.

I think Tinyurl is neat. But I have indeed used it from time to time to recommend books with my Assoc ID inside the url, so I am interested in the outcome of this.

Hi Fernando,

Here's some advice from someone who has been around long enough to know.  "Free" is almost never free.  Anyone providing any "free" service to you is getting something in return.  And if they aren't telling you what it is, there's a reason.  They don't want you to know, because if you knew, you wouldn't think their "free" offering was a good deal.

Here's another tidbit of advice.  When you see gross errors in spelling and/or grammar in a company's web site or other promotional materials, it should set off some alarms.  Why?  It is often a sign of one or more negative character traits in the writer, such as laziness, carelessness, etc.  In my experience, people who possess such traits are far more prone to be deceptive, and also far more prone to failure, than people who do not.

With that in mind, here is one snippet from their web site:

"Are you posting something that you don't want people to know what the URL is because it might give away that it's an affiliate link."

That should set off grammar alarms.  But even if it doesn't, think about what that sentence is meant to mean.  The real question is "Do you need some help being deceptive?"

What do you expect?

David,

You are right in your statement, but in this case, although you don't know TinyUrl, it was recommended by many well known sources.

Don't know where Fernando knew about it, but I saw it mentioned at many web related sources. The fact that SitePoint.com uses (don't know if they are still using it) this service in their massive newsletters, is a very important reference.

So, I wouldn't blame Fernando for sticking into this service. How many people hired several AWS shops that were awarded by amazon in their contest? As far as I remember the vast majority were useless or stopped their service.

The reasons that I didn't use TinyUrl was because:

1) It's a free service that uses valuable resources like Bandwidth, so it is likely to cease their operation when they start losing money or whatever.

2) I was looking for a way to shorten my newsletters urls and what I needed was a stable service.

3) I found that using htaccess redirect, I could write very small urls (with my domain) and even track them by reading my log files. Which is something I recommend.

Enrique

Hi Enrique,

I don't think blame is necessary, either.  But there are major warning signs right in the web site of this outfit.  Warning signs you see directly from the source are more important than expressed or implied recommendations from third parties.