In the last year I have found many little holes in applications and with networks like Google, Microsoft, Firefox and ect… I shoot them a email with what I find and they email me back and its fixed. I was doing this with the MyBlogLog people but now that they are owned by the man it seems they would rather out things publicly and try to embarrass people rather then email so lets just get these out in the open then shall we.
One of the first examples I saw of this is TechCrunches hosted Mybloglog community page (a special deal they have with mybloglog to host it on the techcrunch.com domain) that shows the #1 link on his site is pornotube. But wait… Michael Arrington doe not link to pornotube does he? How the crap does that work? So I started doing some investigating…
Well this one is pretty simple… I don’t even think its worth calling a exploit.
Check out Andreas site. Notice the Free Ringtones link in her top visited links?
How did that happen? She does not even have a link on her site for Free Ringtones?
Click on the link then back as many times as you think needed to appear #1 then watch the next day as your free targeted traffic rolls in. If you run live headers you should be able to find a even easier way to do this…..
Its amazing that this works really… there is no checking of unique ip addresses or referrers… Should be pretty easy to fix.
(O ya sorry andrea for using your site as a guinea pig) <3