Reading Threadwatch the other day, NickW was having a laugh at the self-propagating cross-site scripting (XSS) worm a guy called Samy had devised to get himself more friends at MySpace.com (Slashdot). It's a funny story. Nick links to the worm author's page describing the whole event. Anyways, I'd been meaning to have a rummage around MySpace.com for a while. I'd joined months back but never got to exploring. I finally did and it seems,at least to me anyways, that there are a number of exploits being used from various profiles across the site. That, and some seriously dodgy-sounding ads getting slipped into people's comments. And, wow! The teenagers of the area where I live should be much more cautious about the info they slap onto the internet! (They seem for the most part to be the only ones in the area that use it). If only their parents knew. But that's another story. What's the general opinion of MySpace.com as a massive security hole for anyone who logs in? Is it like when Blogger.com seemed infested with javascript exploits for about every third blog?
Yeah, I saw that a while ago. Myspace blocked since then. It was pretty simple idea rather, I wouldnt expect myspace to be stupid to allow javascript to execute when its multiline lol
offtopic - some newspaper or some other company , recently bought myspace.com ? is that right , i heard they paid a huge amount for the same
Yeah, you'd think a company that is worth half a billion US might be a bit more vigourous in their security practices. Apparently, it executed simply because the word "javascript" was written, "java script", with a space. When I was exploring MySpace, I was getting all sorts of odd security messages appearing from my various security apps. It would only take one malicious, well-publicised worm / virus / vulnerability exploit to wipe out several hundred million dollars worth of investment.
$548 million to be a little more exact - WOW! What a coup. And we thought that the dot com / domains days of millionaires were a dead breed I think they get like 30,000+ new members everyday - amazing. They're one of the largest referrers for my website (freshdames.com) but not cause they're sending me visitors - the little sh!ts are hot linking photos, but the url is done in such a way that it's nearly impossible to find the abusers and I'm certainly not going to sift through 35,000,000 member profiles to find them ... I wish I had cpanel
You really need to get creative then! Think of all that free advertising on one of the busiest sites on the planet! Forget about cpanel, change the images that are hotlinked to ones that advertise your site instead. Ok, it will take a little work to rename the images but careful use of the 'Find and Replace' function should make it more tolerable. Voila! Free advertising on MySpace.com!
That's solid advice for sure mcfox. That is exactly what I did when I found Yahoo Stealing Bandwidth by hotlinking some of my photos
Wow! I hadn't noticed that thread. Haha! Do you buy the images for your websites? Does that cost? Where do you get them from if you do?
No, I've honestly never paid for pictures. Though I'd pay to have my picture taken with some celebs for the sheer exposure, no pun intended. The issue for me was the fact that Y! was blatantly sucking up bandwidth without so much as a courtesy reach around of linking it back to my site or acknowledging where they were getting it. Most of the pictures I have is through collaboration with other website owners, news sources, etc. I'm very picky about what images I'll use. Some of that has to do with quality, but mainly, I try to be extra cautious not to violate someone's copyright or portray in a negative way. If you can believe it, the Yahoo stealing bandwidth issue prompted a member of another forum to launch a website over the issue http://www.yahoostealingbandwidth.com/ - I honestly don't know this person from Adam, but he graciously jump on the cause so to speak.
How do you get your celebrity images then? Someone must own the copyright. Aren't you worried someone decides to nail you on it?
I have had several myspace kids "borrow" images and bandwidth from me for their sites. I have to agree I can't believe some of the stuff these youngins' are putting out on the net.