Thursday, January 17, 2008

Don't mess with the geeks

What happens when a clueless US senator pretending to run his own MySpace webpage hires clueless web developers to do the job for him?

In an attempt to prove how 21st century he is, 70-year-old Senator John McCain hired web developers to create his MySpace page. Unfortunately, they hotlinked to the wrong person's files.

When Mike Davidson learnt that McCain was "stealing" his bandwidth, he decided to play a little joke on the Republican senator:

'I think the idea of politicians setting up MySpace pages and pretending to actually use them is a bit disingenuous, so I figured it was time to play a little prank on Johnny Mac.'

Davidson replaced the image referred to in McCain's profile. However, the new image was a lot less prosaic: it described a political about-face by McCain on the subject of gay marriage and a penchant for partnerships between passionate females.

'The only thing necessary to effectively commandeer McCain's page with my own messaging was to simply replace my own sample image on my server with a newly created sample on my server. No server but my own was touched and no laws were broken. The immaculate hack.'

McCain should consider himself lucky that the image wasn't redirected to Goatse Man.

The article is a little sensational, describing it as "the perfect cybercrime" despite admitting that no laws were broken -- except possibly by McCain, who I'm sure had no authorization to use Davidson's computer resources.

Speaking of hotlinking from MySpace, those of you running your own Apache webserver might find this little rewrite rule handy:


RewriteCond %{HTTP_REFERER} ^http://([a-z0-9]+\.)?myspace\.com/ [NC]
RewriteRule (.*) http://collect.myspace.com/index.cfm?fuseaction=signout [redirect,last]


WARNING: I don't run my own webserver, and consequently I haven't actually tested this. No warranty is given. Use at your own risk. If it blows up your computer and eats your dog, don't come crying to me.

No comments: