homemade holiday treats

drmike reports in comments that our old friend Browse Happy (you know, the link Matt refused to take off the WP dashboard even though IE6 is now an unpleasant memory that wordpress.com themes are no longer tested in? and just happened to have affiliate links to Firefox he’d ‘forgotten’ to remove? and that is now pimped in the wordpress.org footer as a one-fingered salute to all those who wanted to take the preciousss away from him? That one.)

The latest piece of propaganda Browse Happy is bringing to the masses is a hidden link in the footer to a page of Christmas recipes. How seasonal! (Sorry, did I say ‘bringing to the masses’? I meant ‘bringing to Google’.)

Of course Matt would never make the elementary mistake of not keeping his code up to date in order to secure it from spammers like the people who did Al Gore’s site, nor would he ever put lucrative hidden links on one of his collection of high-PR domains, so this is very puzzling indeed. Perhaps it is a mass hallucination brought about by a collective desire for homemade holiday treats?

30 Comments »

  1. shep said

    hmm. i don’t see it. maybe it’s been removed already.

  2. options said

    really weird, must’ve been defaced. I’m kinda curious, though, ’bout how?

    now it’s in the SE cache only, btw.

  3. ttancm said

    I’m not much of an artist but you caught me while I was bored.

    http://www.amusedme.com/crap/browseunhappy.jpe
    http://www.amusedme.com/crap/unhappy2.jpe

  4. options said

    2shep: link

    [edited to spare the blushes of the layout: tga]

  5. And it was in all pages on that site; same footer on every page.

  6. Strange though that Google should hallucinate the same thing as the rest of us ;)

  7. options said

    yep, on the front page even. (not only Google, MSFT and probably YHOO are hallucinating too)

    now I’m wandering/hallucinating on how attacker was able to upload 0px GIF? ;-)

    ——————————————
    WWWConnect::Connect(“browsehappy.com”,”80″)
    IP = “207.7.108.189:80″

    REQUEST: **************
    GET /images/dot_clear.gif HTTP/1.1
    Host: browsehappy.com
    Accept: */*

    RESPONSE: **************
    HTTP/1.1 200 OK
    Date: Tue, 18 Dec 2007
    Server: Apache
    Last-Modified: Mon, 19 Nov 2007 19:52:14 GMT
    ETag: “2396ee-2b-7c1ab780″
    Accept-Ranges: bytes
    Content-Length: 43
    X-Powered-By: The blood, sweat and tears of the fine, fine TextDrive staff
    Served-By: TextDrive’s Textpache
    Content-Type: image/gif

    GIF89a

  8. drmike said

    It got removed about 15 minutes after it got mentioned on the wp.org forums.

    What interests me is that if you search for that domain within google, there’s some discussion about it but as a paid link or some form of advertising. I’m wondering if it was a hack….

  9. Andrea said

    Well, if it wasn’t a hack, then it was in there on purpose, and that might be harder to explain…

  10. drmike said

    *chuckle* Almost makes me want to go back to using IE. :)

  11. Well, if you’re hacked you just say so, don’t you? Yes, it’s embarrassing, but these things happen, and it wouldn’t be the first time they’ve had a site compromised. They’d have gone to the forum thread and said something like ‘thanks for telling us about the spam link on that site, sorry about that, we deleted it as soon as we found out and we’ll try to ensure it doesn’t happen again.’

    Instead of addressing the issue, they’re pretending it never existed. You have to admit it doesn’t look good.

  12. drmike said

    We still haven’t really heard anything about the Viet. front page. They tried to pass it off as an issue with the translation file although WordPress translation files do not modify any of the underlying html, just what’s in the links. (Unless they’ve got a different system in there)

    Matt gave us a nonnense response when he pointed out the broken link. It’s not like they’ve never had broken links on pages around here. Oh no, they’ve never had any….

    It’s funny that you mention the “it wouldn’t be the first time they’ve had a site compromised” bit as I was remembering that Matt had mentioned in passing once that only boxes that he himself had setup had been compromised. Maybe Automattic needs to review all of their boxes that he has set up in the past.

  13. I seriously doubt that it was actually put up deliberately. It’s quite new (not in web.archive.org), and it’s been known for quite some time that using paid links will invite swift retribution from Google.

    Still, surprising that they’re not commenting on why it was there; covering up security holes is just going to worry people.

  14. drmike said

    I see it as far back as November 20th.

  15. The first rounds of serious penalties were before then, and Matt Cutts has been warning about it for ages.

    BrowseHappy still has a very high pagerank, so presumably wasn’t punished for the offending link…

  16. Kissing Bandit said

    Er…do you not understand that Automattic is now in the back pocket of Google. Anything they do now, unless it’s stupendously egregious, is not likely to evoke any retribution from Google.

    Just sayin’.

    -KB

  17. Kissing Bandit said

    P.S. Wank, you may want to edit that super long URL a few comments up b/c it’s throwing your theme all out of whack and stuff. (Guess the designer though overflow: hidden; is overrated.)

    -KB

  18. They tried to pass it off as an issue with the translation file although WordPress translation files do not modify any of the underlying html, just what’s in the links. (Unless they’ve got a different system in there)

    I poked around the translation system last night and it does look like the link is included in the strings (so, instead of translating ‘support’ we are invited to translate <a href="/support/" title="Support and discussion forums.">Support</a>).

  19. drmike said

    Well then they got a different system in there.

    But then it comes down to not double checking what’s been inputted. With all those times errors in the translations have been brought up in the forums, you would think that at least someone from Automattic would be at least scanning the list out the input of multiple translators would be used and their responces compared to each other.

    And then, why are translation volunteers being asked to translate an actual link anyway? Any support link should be put into place by a staff member. Drivers aren’t modifing street signs, are they?

  20. drmike said

    Are you looking at this?

    [a href="/support/" title="Support and discussion forums."]Support[/a]

    Comparing what’s in that general area, that looks like to be a wp.org link. I see links to the codex near by as well.

    Looking further, I see a number of terms that would be found in regular wordpress and not as wp.com. For example, there’s a line for “my-hacks.php (legacy hacks support)” I don’t recall seeing that oveer here at wp.com.

    In addition and going back to that “A staff member needs to be checking those translations.” bit of mine up there, flipping through the French translation, I see translations that are marked as approved. So someone’s checking them. Does that mean that someone blew through some translations without actually checking them?

    It just doesn’t add up to me.

  21. drmike said

    But hey, there’s more important things to worry about. Jamie Lynn’s preggie and that screw’s up mommie’s book.

    That’s more important than a silly pair of links and how they got there. :)

  22. drmike said

    *sigh*

    wank. akismet. thanks.

  23. I’m not sure that anyone with no knowledge of the language in question ought to be in the position of moderating translations. But then, nor should you be approving translations if you’re not staff. I have no idea whether somebody on staff approved that string without looking at it because hey, it’s Vietnamese, not like they know whether it’s appropriate or not anyway, or whether they’ve appointed a corrupt or lazy native speaker to do the moderating for them. There is no transparency whatsoever. I did find one obvious typo in the Welsh translation (‘Akisment’ for ‘Akismet’) which does indicate that whatever checking does go on isn’t particularly rigorous. Some strings aren’t even correct English (‘The follow products are due to expire’?!?)

    The wp.org strings are weird, because isn’t .org localization handled on a language-by-language basis by volunteers anyway? Unless of course such local teams have too much power for Automattic’s liking and they’re aiming to bring all translation work under central control. I vaguely remember a debate on wp-hackers about whether local releases ought to be allowed to bundle plugins that weren’t in the default download. Having separate sites with separate downloads could be seen as diluting the Brand.

  24. drmike said

    Wank, can you email me please? I need to mention two things about your site and I would rather not do it in comments.

    Actually it has wordpress.org as in the site links and content for the actual wordpress.org site, not just the regular wordpress software. Looking at the wp.org source, there is a “language guess” javascript being loaded.

    *shrug* I guess that’s a good thing. Not sure if folks not being told what specifically they’re translating is ethical though. They’ve been told that it’s for the wp.com site.

    Is it overkill though? Most languages have “offical” or at least recognized language files linked to out of the codex. Is there a need to dupe the efforts of the wp.org volunteers who have already done these translations?

    And is it me or does the Vietnamese translation list look rather empty? I’m wondering if the old list of translated phrases got dumped?

  25. No, wp.com translation is completely independent from those translation available in codex. wp.com does not reuse any string from latter party, even though most translation in codex is hosted on Automattic. Indeed that’s their decision anyway, and they have right to control how things are done.

  26. drmike said

    That’s not the point being raised here though. The translations being done here at wp.com contain material from both the wordpress.org site (the actual site) as well as code only found within the regular wordpress code.

    The problem with what is occuring is that Automattic has stated that the translations being done are only for the use here at wp.com. If that is true, why are the extra phrases in there?

  27. Kissing Bandit said

    Just dropping in to offer a belated Christmas (if you observe it) greeting and wish you a happy new year.

    -KB

  28. [...] hacked again? oh, noes, it appears our old fella browsehappy.com is hacked again! O, NOES — HAKID EGAN! [...]

  29. [...] free beer fundamentalists, megalomania, wank It’s really unfortunate that BrowseHappy keeps getting hacked in this way, isn’t it? I suppose its artifically enhanced pagerank, along with its [...]

  30. Everything is very open with a really clear clarification of the issues.
    It was really informative. Your website is useful. Thank you for sharing!

RSS feed for comments on this post · TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s