I visited Salon today for the first time in a few weeks, and after reading a few articles without problem clicked on one of the ones listed in the “Most Read” sidebar at left. I did not realize until I’d already clicked it that the links for this sidebar (and as far as I can tell only this sidebar) didn’t go to salon.com but origin.railrode.net. (Not a misspelling, it is railrode and not railroad.) An authentication window popped up and asked me to log in.
A little searching indicates that railrode.net is registered to Salon so that part seems legit, if weird, but why was it asking me to authenticate? I’ve never had that happen on Salon before. Maybe I’m worried about nothing – since Salon is such a popular site I’d expect there to be complaints all over the Internet if they’d been hacked – but it seemed really strange and I’m worried that when I hit “Cancel” in the authentication window I may have unwittingly agreed to the download of something nasty.
I had emailed Salon about this, not really expecting a response, but I got one this evening:
So I guess everything is okay. “That’s just what hackers would say if they’d hacked Salon’s contact email!” was a thought that did briefly cross my mind, but I think that’s just my usual paranoia kicking in.
The domain railrode.net is owned by Salon. I’d guess they probably use it for stats collection, ad click tracking or testing.
Is the login screen an old-fashioned modal dialog box? That would point to a configuration error on their side (their clicktracker returning a HTTP 401 response).
