Talk about having a postmodern moment!
This screen grab of my blog entry features an ad from one of the organizations that I was mocking…..
As predicted, Russia Today continues to promote 9/11 Conspiracy Theories on the 8th Anniversary of 9/11
|| 9/14/2009 || 11:09 pm || + Render A Comment || ||
As I predicted last week, Russia Today continued their somewhat unusual promotion of the 9/11 Truth Movement during the 8th anniversary of 9/11. Instead of producing one or two news reports, which I expected (specifically one about the Van Jones resignation), the news organization produced no less than seven in the last week. On the flip side, there wasn’t many other articles or videos produced by any of the major news organizations in the same period that address the questions surrounding the world changing event. As I posited last week, I am still curious as to why Russia Today continues to be the only news organization covering this contentious topic. Does the Russian government believe in the conspiracy theory? Does the Russian government hope to destabilize America by producing propaganda that makes American’s question the official story? I still don’t know, but I think its important to understand why no other news organization, privately owned or state sponsored, is aggressively reporting this issue as much as Russia Today.
Back in December of last year I found that there had been a page added to my website by a malicious robot and had some fun exploiting the fact that hundreds of people were clicking on fraudulent search engine results. Sure enough, last night it happened again, but unlike last time, I found out WHY it happened.
Unknown to me, on three different websites of mine, there were folders that had incorrect file permissions. Generally speaking, each file and folder on a website has its own set of permissions which allow different users different levels of access. Nearly all of my files and folders have their permissions set to 755, which allows me, and only me, the ability to change the contents of the folders on my website. However, today I discovered that three folders on three different websites had their permissions set 777, which means that ANYONE could write files to these folders. The result was that a malicious robot exploited this lack of security and wrote their own files to my websites.
I found out about this from a random person who informed me that there was a page on my website that was sending people to a page that forces people to download a fake virus scanner that I can assume was rouge malware. I contacted my hosting provider thinking that my website passwords were compromised and the tech support responded with a listing of all the folders on all my websites that contained 777 file permissions.
From there, I went to each of these folders and looked around for the newly added malicious files. Instead of merely deleting the files, I opted to do what I did last time, and replace the malicious code with my own basic HTML file. The result so far has been over a 2,000 people clicking on the fake search results and being brought to a landing page like the one above telling them they should try searching again.
I must say that their hack is pretty simple, but also rather sophisticated. I would not have realized that I was being used to help spread malware unless that person had notified me. They work by using a HUGE list of basic words, then they dynamically create hundreds of new pages that feature the keywords. Finally, Google’s own robots visit the page and enters the hundreds of fake entries into their database. The beauty of this process is that evil geniuses behind the code use one PHP file to dynamically generate hundreds of fake pages that all draw people to their webpage— and now they are coming to my website instead.
Throughout this week I am going to continue to monitor this discovery and analyze the code that was used to generate these pages.
Here is an example of a bad search result from Google:
My page just so happened to be the only page on the Internet with those exact words.
The Geospatial Art FAIL Landing Page
|| 12/14/2008 || 2:20 pm || Comments Off on The Geospatial Art FAIL Landing Page || ||
In continuance of my previous entry related to finding and exploiting a flaw in search engine aggregation algorithms, I decided to modify the landing page slightly. So instead of displaying a random foreground graphic, like my splash page, it only displays the text FAIL. Its an attempt to poke fun at the humorous FAIL Blog by extending the meme to failed search results. The title of the page says “Nikolas Schiller thinks you should try searching again,” and when you hover your mouse over the FAIL text the title text says “You clicked on a bogus search result.”