"My graphics were hijacked"—no, you stole them. (Trivial webmaster rant)

[yosemite]

I was browsing around eBay yesterday and stumbled upon an old auction which had some pretty vile graphics on it. The auction was about music in some way, but some of the pictures (I assume they were originally music-related graphics) were instead these rather gross porn pictures with obscene language printed over them. Maximum offensiveness was strived for, I'd say. I viewed the source of the graphics and it was some domain site relating to CDs.

I wrote the owner of the auction and asked him what was up, if he knew about the graphics, and so forth. He wrote back and said, "my graphics were hijacked by an outside entity." He went on to complain about how awful it all was, how embarrassing, how eBay was informed, and how he'd "fixed things so it would never happen again." What he didn't admit (until I started asking him more questions) was that the reason "his" graphics were "hijacked" was because he stole (hotlinked) the graphics from this "outside entity." And that was the reason he couldn't change them since he didn't have control over them.

Now, granted, what this CD site did to him was beyond vile. I can't stand hotlinking but I know that most people do it out of thoughtlessness and ignorance and I can think of more amusing ways to embarrass them than replacing the graphics with porn. But I thought it was pretty hilarious that this guy, even when caught, couldn't just admit that HE sort of brought this on himself by trusting that he could use someone else's graphics on someone else's server and that he'd never piss anyone off by doing so. So instead of saying, "Yeah, I messed up, but look what this jerk did" he tries to place the blame on the other guy, by saying that his graphics were "hijacked." No, sucker, YOUR graphics were not hijacked. You didn't deserve something quite so vile to happen to your auctions, but I still can't feel terribly sorry for you. Glad that you've vowed never to hotlink again, though.

See, I told you it was a trivial rant!

[Revtim]

That's pretty funny.

[Guinastasia]

I heard someone did that with goatsec once-to CNN and a bunch of other news sites. He had a picture of something related to a top story, and every news website and their brother was linking to his picture.

BAM! He changes it to goatsec.

[friedo]

A while ago I patched Apache so it would grab a random porn image any time an image was linked from my server that had an unauthorized referral address. That'll show 'em, said I. And by and large I was right. When reviewing the logs, I noticed that most all instances of hotlinking lasted a very short time.

Then one day after I had long forgotten about it, I added another server behind our load balancer. Because of the way I had set it up, the load balancer ended up accidentally caching the porn images, and 50% of our page hits went out with porn all over the place before anyone noticed anything.

That was embarrassing.

[Lynn Bodoni]

Oh, I'd say that the bandwidth thief pretty much had it coming. Seems like he knew that he was hijacking the graphics. I have no sympathy for him.

[yosemite]

Quote:

Originally Posted by Guinastasia

I heard someone did that with goatsec once-to CNN and a bunch of other news sites. He had a picture of something related to a top story, and every news website and their brother was linking to his picture.

BAM! He changes it to goatsec.

Now, that is funny.

No, I don't really feel sorry for this guy either. Especially since he was too weasely to admit what he'd done. If I'd been ignorant of the workings of bandwidth theft, I would have been left with the impression that he was some hapless victim who was "hijacked" by some malicious "outside entity." When in fact he simply pissed someone off just a little too much.

As a continual victim of bandwidth theft, I haven't gone to "extremely gross" route. What I have done on occasion (got the idea from a fellow Doper) was to put up a tacky picture, or, in a few instances, a graphic that says, "NAMBLA: I molest children and steal bandwidth." That definitely gets the hotlinker's attention.

friedo, oh yeah, it sounds embarrassing! I've had a few graphics that were meant for theives end up on my pages. It's embarrassing too, but usually the graphics say something like "THIEF" or something, so it's not quite as bad as accidentally showing porn!

[Princhester]

Ummm. "goatsec"

[matt_mcl]

Let's just say it involves anuses doing what they are really not supposed to, and then recall who it is who's telling you this.

[Urban Ranger]

Quote:

Originally Posted by friedo

A while ago I patched Apache so it would grab a random porn image any time an image was linked from my server that had an unauthorized referral address.

You patched Apache?

You know about the GPL license, right?

[spinky]

Quote:

Originally Posted by Urban Ranger

You patched Apache?

You know about the GPL license, right?

uh, what? are you under the impression that the GPL disallows that?

PS: nitpick, I know, but: ATM Machine

[Astra]

I've seen a couple people who tried to hotlink to photoshop contest images from Something Awful on another message board. The thread they posted them in was shortly filled with porn images that were probably upwards of 1000x1200.

That had to be embarassing, hehe.

[Jervoise]

Quote:

Originally Posted by Princhester

Ummm. "goatsec"

There's a new discussion on it here. Wikipedia also has a bit of a treatise on the, uhh, phenomenon.

(FWIW, I only heard about this today, too.)

[jovan]

Thank you so much for posting that link, Jervoise. I've quenched my curiosity without compromising too much of my innocence.

[elmwood]

I allow remote hotlinking to graphics from my site as a courtesy to regular users.

However, to those who don't use the site ... I do check the referrer logs from time to time, and surprise those that hotlink without attribution.

See http://www.runevillage.net/ThePub/vi...hlight=#629547 , for example ...

[dylan_73]

Quote:

Originally Posted by Urban Ranger

You patched Apache?

You know about the GPL license, right?

Firstly, the GPL doesn't oblige you to distribute patches. In fact, you don't even have to accept the GPL just to use the software. It only requires that you provide the source for any binary that you distribute.

Secondly, Apache isn't GPL (http://www.apache.org/LICENSE.txt)

[cuauhtemoc]

elmwood, that's hilarious.

Quote:

Originally Posted by yosemitebabe

Now, granted, what this CD site did to him was beyond vile. I can't stand hotlinking but I know that most people do it out of thoughtlessness and ignorance and I can think of more amusing ways to embarrass them than replacing the graphics with porn.

It's important to remember that the site hosting the pictures didn't actively do anything to this guy. It's not like they hacked his server or anything. All they did was fix it so that anyone who tried to leech their bandwidth in this way would be served a different picture from what they were expecting. They're under no obligation to host pictures at all, let alone host them for complete strangers who won't spring for their own webspace.

[dropzone]

Quote:

Originally Posted by matt_mcl

Let's just say it involves anuses doing what they are really not supposed to, and then recall who it is who's telling you this.

(emphasis mine)

That, by itself, leaves me shocked and speechless yet morbidly curious.

(looking at Jervoise's link without bringing up anything that could get me fired with extreme prejudice)

Oh, is THAT all? (shrugging) I've seen nastier Japanese porn.

[Spiff]

Quote:

Originally Posted by dropzone

Oh, is THAT all? (shrugging) I've seen nastier Japanese porn.

Tub Girl!

Well, since we're talking about the most reviled Web images, I just thought I'd contribute number two.

(Get it? Number two?)

[mhendo]

Just a question for those with websites:

I'm thinking of starting my own website. Nothing big, just some random scribblings and a place to host my digital photographs so that friends from back home in Australia can see them.

Now, i'm not the world's greatest photographer, and i can't imagine that anyone would want my pictures, but if they did, how does one tell that one's graphics have been hijacked in this way? Is there a special way for webmasters to know this stuff?

Sorry if this is a dumb question, but i've never been a website owner, and i want to know how i can trace stuff like this, especially since small sites like the one i plan tend to get charged more by the host based on the amount of bandwidth used each month. I don't want to have my fees jacked up by hijackers.

[Q.E.D.]

Quote:

Originally Posted by mhendo

...how does one tell that one's graphics have been hijacked in this way? Is there a special way for webmasters to know this stuff?

Your account will have a logfile on the server, and possibly a nice viewer to make sorting through all the information easier. This logfile has all the URLs that were accessed on your website, the IP adresses that acessed them, and any URLs those pages were called from. If you see a bunch of accesses of "myphoto.gif" from "www.thiefurl.com", you can be pretty sure that someone at thiefurl is hotlinking to that image.

[mhendo]

Quote:

Originally Posted by Q.E.D.

Your account will have a logfile on the server, and possibly a nice viewer to make sorting through all the information easier. This logfile has all the URLs that were accessed on your website, the IP adresses that acessed them, and any URLs those pages were called from. If you see a bunch of accesses of "myphoto.gif" from "www.thiefurl.com", you can be pretty sure that someone at thiefurl is hotlinking to that image.

Got it! Many thanks.

I'll make sure i have some porn standing by for deployment, although i will be nice enough to warn them first that they should stop hogging my bandwidth.

[friedo]

Quote:

Originally Posted by Urban Ranger

You patched Apache?

You know about the GPL license, right?

Course I do. But Apache isn't GPLed. And the GPL only requires releasing code when you distribute the derived work.

But my pr0n-grabbing patch is out there somewhere. I can't find it though. Anyway, here's a much cooler one I did a while ago for Apache 2.0.

[yosemite]

Elmwood, that is hilarious. I had something similar happen to me. The guy on the forum was quite outraged at first (I had replaced the photo he stole with a graphic that said he was a bandwidth thief). He was puzzled by what had happened to his cute little avatar and cried, "But I'm not a theif!" until someone else on the board set him straight.

Quote:

Originally Posted by cuauhtemoc

t's not like they hacked his server or anything. All they did was fix it so that anyone who tried to leech their bandwidth in this way would be served a different picture from what they were expecting. They're under no obligation to host pictures at all, let alone host them for complete strangers who won't spring for their own webspace.

Oh, I totally agree. I am quite annoyed by bandwidth thieves—especially when my websites have BIG NOTICES saying that I don't want people to use my graphics. One site in particular has text in bold lettering telling people to not leech my bandwidth. And yet they do it anyway. I feel no sympathy if they get embarrassed. However, as pissed as I get by these leeches, I wouldn't replace the pictures with "maximum offensiveness" porn pictures. Usually a graphic declaring that they are a big stinking thief (or the NAMBLA graphic, saying that they molest children and steal graphics) is good enough.

One time I had a church site leech my graphics. I wrote to the webmaster and asked for them to be removed. No reply back, no apology, but one of the graphics was removed. Just one. Then I wrote to the email address of the pastor of the church, explaining what bandwidth theft was, explaining how it is leeching my resources and explaining how I'd already asked for the graphics to be removed and the webmaster had not complied. I got a very polite email back from the pastor saying that it "would be taken care of immediately" and it definitely was!

[MarkofT]

More stories from the frontling of the bandwidth wars are available on Cockeyed.com.

[elmwood]

elmwood has more fun with bandwidth thieves.

Sure, the little graphics they were hotlinking to were only a few hundred bytes, as opposed to the 14K image it gor replaced with. Still, though ... I like the results.

[yosemite]

elmwood, that's a thing of beauty.

One time I replaced a stolen graphic (I think it was on someone's blog—blog users are big bandwidth hogs) with one that was invisible and really, really, really long. Like one pixel high by 2500 pixels wide. So it totally screwed up their table and everyone had to scroll and scroll and scroll and scroll sideways on the page. And yet the graphic was transparent so if the blog owner was clueless (as I think he or she was), then they wouldn't know how to fix it so easily.

Another time a blog owner linked to one of my drawings and claimed that their "cousin in Budapest" did the drawing and that this cousin was famous and all that. I never understood the reasoning behind that bit of thievery. I can't believe for a second that they mistook my artwork for their cousin's. I have no clue what was going on there. Anyway, I replaced the "cousin's" drawing with a big graphic that said that basically this person was a bandwidth-stealing moron and I wasn't their cousin and what the hell?

[Fear Itself]

When this happens in an ebay auction, I replaced the stolen graphic with a notice that the first 10 bidders will receive a 25% rebate on their bid, plus free shipping!

[GaryM]

Quote:

Originally Posted by Fear Itself

When this happens in an ebay auction, I replaced the stolen graphic with a notice that the first 10 bidders will receive a 25% rebate on their bid, plus free shipping!

Hence your user name, right? That's a good punishment.