?

Log in

No Opt In, No Ads
Fueling the resistance
Hijacking affiliate links 
4th-Mar-2010 02:32 pm - Hijacking affiliate links
Skittish Eclipse
I've been given a heads up that has done some excellent sleuthing and investigation into hijacked LJ affiliate links:

What is LJ doing to my links?
What is LJ doing to my links? Part 2
What is LJ doing to my links? Part 3

Expect this post to be update through the day as I find out more and come up with a good summary.

ETA: No good summary, but I feel like I should say code got taken down, etc etc, business as usual.
Comments 
4th-Mar-2010 11:47 pm (UTC)
Um... Let me get this straight.

LJ accepted third party code onto the site. That monitored outbound links from people's journals, that information handed over to a third party. Then those links were altered to direct referral income to that third party. Said third party promising LJ they would correct any issues where someone's link might be overridden. LJ I assume were getting a cut of referral money. LJ also declined to tell it's customers that this was going to happen.

But it's okay, because they're removing the code now?
5th-Mar-2010 02:22 am (UTC)
Oh dear, was it a third party script? Isn't the address of the script coming from l-stat, so LJ itself? But they had control over it, surely? I just don't get it. GREAT MOVE LJ ... NOT. Oh, and by the way, are they pulling the whole script down then, I can't find any information about it, I r confused.

Also, is there any official explanation about what the script was meant to be doing? Other than "The script in question tracks the use of outbound links on entries to certain major commercial web sites." (reply from one of the staff) and what marta said up there, with making them affiliates and whatnot. WHY then, pray tell, was it redirecting people through this dodgy outboundlink.net website? What the shit.
5th-Mar-2010 03:10 am (UTC)
The code was obfuscated (i.e., made intentionally difficult to read) and the same script is being served up by other sites, too. It's definitely from a third party and I doubt if they even looked at what it was doing before dropping it into their production environment.
This page was loaded May 24th 2017, 3:52 pm GMT.