It reminds me of a story that a web developer who found out that other sites were hosting his game by linking back to his website in an iframe and using it to make money off of ads. He made a check that if any calls are being made to the game from an iframe, replace the game with an image of goatse.
why host your own files when someone else can do it for you
Submitted 11 months ago by nave@lemmy.zip to [deleted]
Comments
BEEKAYRANDEE@kbin.social 11 months ago
LinkOpensChest_wav@lemmy.one 11 months ago
This is the best kind of justice
flambonkscious@sh.itjust.works 11 months ago
Fucking glorious!
WindowsEnjoyer@sh.itjust.works 11 months ago
Had to Google what is goatse… 😅
FlyingSquid@lemmy.world 11 months ago
Kids today, not knowing their gaping anuses when they hear about them…
drathvedro@lemm.ee 11 months ago
For those that don’t know
NSFW
\ \ =(🫱🌸🫲)= / /🍆\ \
Korne127@lemmy.world 11 months ago
I didn’t know what goatse was before, but this is so beautiful; thanks for the link!
bfg9k@lemmy.world 11 months ago
There should be fines for doing this, it’s like opening a store inside a public library and getting surprised when people are like ‘stop mooching off a public service’
mypasswordis1234@lemmy.world 11 months ago
Imagine InternetArchive replacing that file with anything else.
For example, the JS code redirecting the user to pornhub 😂
jaybone@lemmy.world 11 months ago
Or grabbing bank account info.
whaleross@lemmy.world 11 months ago
My guess is that at some point some poor web dev or web admin screwed up big time and with a heart rate nearing the colibri fluttered in panic above their laptop in attempts to restore the site, finding great relief that there was a snapshot in the archives and did not have enough presence to fix all the links to get it back online asap.
GoosLife@lemmy.world 11 months ago
…and he didn’t think to download the files and host them properly instead? Surely this must be some kind of fallback or the user is actually browsing the internet archive, no?
bus_factor@lemmy.world 11 months ago
They’re suggesting that they copied the HTML file, but that the archived one had modified references pointing to archive.org, which they did not notice and therefore didn’t change. So now the file fetches resources from the wrong place.
kautau@lemmy.world 11 months ago
Probably the production version of JS broke something on that page, getting the infrastructure team involved in “we now need to host multiple JS versions” was scary, especially if they fucked something up, so easier to modify the code on that page to point to the archive.org snapshot of the JS
InfiniWheel@lemmy.one 11 months ago
Reminds me of that period where most of Wikipedia’s traffic were for an image of a flower because some program used it as a network test
veroxii@lemmy.world 11 months ago
Or when Netgear just randomly picked university of Wisconsin as the NTP server for all it’s cheap routers. pages.cs.wisc.edu/~plonka/netgear-sntp/
JohnnyBGod@lemmy.world 11 months ago
Thanks for that interesting read!
flambonkscious@sh.itjust.works 11 months ago
Wow, really? That’s awful… Software really should come with a bill of materials to assist with inventory and audit. Obviously we’re a long way from that ideal
redcalcium@lemmy.institute 11 months ago
Why would they do such a thing? The wayback machine is not actually that fast.
jmcs@discuss.tchncs.de 11 months ago
It only needs to be downloaded once. I would be more worried about security since this is a bank.
I’m very curious how they got into this situation though. It seems someone copied parts of an archived page.
XEAL@lemm.ee 11 months ago
They archived their own page and are using Internet Archive as a relay?
stown@lemmy.world 11 months ago
Probably at least as fast as a banking site.
bouh@lemmy.world 11 months ago
I’ve seen it used as backup for dead links.
eluvatar@programming.dev 11 months ago
Honestly the archive should rate limit the request based on the Referer, then their website would slow down and become unusable without actually breaking anything.
I also wonder, if they’re this incompetent, could someone… Break their website?
dynamojoe@lemmy.world 11 months ago
Isn’t it appropriate to change the file to something offensive to prevent the leeching?
Borkingheck@lemmy.world 11 months ago
I don’t know what any of this means. Can I get a dumbed down explanation?
_dev_null@lemmy.zxcvn.xyz 11 months ago
A website can be composed of a bunch of files that your browser downloads and then renders to what you see on your device.
One type of file is javascript code, which sometimes can be relatively large, like several megabytes (MB). If a website gets hit by a lot of users, those MBs add up, and can chew through the bandwidth allotted for the given website. Consuming more bandwidth can cost more money for the website operator, who pays a hosting company for the website’s resources (disk space, compute time, network bandwidth).
To help alleviate this, and to also make these downloads faster around the world, Content Distribution Networks(CDN) exist. The idea is that you upload your large files to the CDN, and then have your website link to those big files, and now your website has offloaded the big downloads elsewhere. However, contracting with a CDN costs money too, just maybe not as much as a website’s host charges.
This brings us back to the case in from this post. What the dev did, was choose not to pay for a CDN to link to, but used archive.org’s copy of the large file to link to. So when a user loads the website, all of the big bandwidth hog files are being served for free from archive.org. But it’s really not free from archive.org’s perspective, since they’re the ones ultimately paying for the bandwidth.
aes@lemm.ee 11 months ago
You download a copy of a photo I took on your computer.
I have a website that lets people see the photo, it’s a popular website
Except that photo on my website doesn’t point to a copy of that photo on one of my computers, it points to the copy on yours.
Millions of people visit my website, and each time they do, they download your copy of my photo.
Uploading that photo to millions of computers across the world fucks up your internet service.
Aceticon@lemmy.world 11 months ago
Lets go a little beyond merelly hinting at the security implications:
- The files being hosted by that 3rd party are Javascript, which is code that runs on the browser.
- Barclays is a bank.
So people go to the website of a bank and their browser receives code from a 3rd party with whom the bank has no contract and who have nothing in place to obbey the level of security that is required by a banking site.
Consider the implications of getting the Barclays website to serve (from the point of view of a user) what can easilly be malware…
ChaoticNeutralCzech@feddit.de 11 months ago
This was likely discovered when the file refused to load (perhaps because
archive.org
was blocked by network admins). (Yes, the firewall provider Kernun classifies it as anonymous proxy)lwuy9v5@lemmy.world 11 months ago
God I can’t imagine why anyone would every do that intentionally. What about when you need to update the file…? How do you know which version is served??
CouncilOfFriends@slrpnk.net 11 months ago
My first thought when I read this was of playing with the hinged mirrors of a medicine cabinet and forgetting which reflection is real
ichigo@lemmy.world 11 months ago
xusontha@ls.buckodr.ink 11 months ago
revenue is 30+bilion
Apparently still can’t afford a server…
kSPvhmTOlwvMd7Y7E@lemmy.world 11 months ago
Don’t look for malice, when incompetence is enough!
alienanimals@lemmy.world 11 months ago
Incompetence from a corporation that has an annual revenue of 30 billion dollars could be seen as malice.
jasep@lemmy.world 11 months ago
That is disgusting
chiliedogg@lemmy.world 11 months ago
Or the contractor they hired for the site wasn’t granted the access to the assets they needed, and this hacky workaround for the job done.