pauraque_bk: (his dark materials)
pauraque_bk ([personal profile] pauraque_bk) wrote2004-06-12 09:39 am
  • Add Memory
  • Share This Entry

PSA

There are a couple of destructive memes going around.

If you see a form written in Russian with a bunch of usernames, don't put in yours.

If you see a post with nothing but a link that says "This is very interesting", don't click it.

These memes exploit a hole in LJ security and automatically post to your journal. There's some discussion on closing the hole in [livejournal.com profile] lj_dev here.

If one of these memes already got you, clear your cookies and change your password.

EDIT: Having read a little more about this problem, my advice is not to put in your username anywhere except LJ's own pages until this issue is resolved.
Flat | Top-Level Comments Only
pauraque: bird flying (Default)

[personal profile] pauraque 2004-06-12 03:18 pm (UTC)(link)
Yes, exactly, that's why I changed my advice to "Don't put your name in anywhere or click anything you don't recognize". We've been lucky here on LJ so far, but we need to remember that we're working with open-source code. There are bound to be breaches.

And frankly, I'm not going to be too sad if this results in a decrease of pointless random-result memes. A lot of people habitually don't cut them, and the table code can muck up my friends page layout, which is also tables-based. It's my policy to bite my tongue about this; it's their LJ, I chose to flist it, I can defriend if I want. But I would certainly be pleased to see less of it.
ext_36862: (Default)

[identity profile] muridae-x.livejournal.com 2004-06-12 03:29 pm (UTC)(link)
Being a sad, sad geek who knows HTML I quite often correct the code of the handful of memes that I do cut and paste, so I know what you mean about the iffyness of some of the code. Also, I guess I'm just naturally suspicious.

Incidentally, can I take this opportunity to say how much I adore your current default icon? Darn, Peter's just adorable there. Squeak squeak.
pauraque: bird flying (my heart belongs to wormtail)

[personal profile] pauraque 2004-06-12 06:02 pm (UTC)(link)
Only sad geeks know HTML? Uh-oh, I'm in trouble. :)

And thanks -- he is adorable, isn't he?
ext_36862: (Default)

[identity profile] muridae-x.livejournal.com 2004-06-13 05:22 am (UTC)(link)
Nah. What I mean is that I'm both sad and a geek. :-)

[identity profile] t-winkle725.livejournal.com 2004-06-12 07:17 pm (UTC)(link)
Eeep. Sorry, I had no idea I should be lj-cutting my quiz-results - my knowledge of HTML would fit on the business end of a very, very small teaspoon...:)

Thanks for the virus alert - am thinking up a new password already...
pauraque: bird flying (Default)

[personal profile] pauraque 2004-06-12 08:16 pm (UTC)(link)
Well, "should" is a tricky term on LJ, where the etiquette rules aren't very well established. That's why I make it a point not to tell people what/how they should and shouldn't post on their LJ.

That said, there are a few reasons not to post quiz results without a cut. One is that some fans have A LOT of people on their flists, and seeing the same quiz result over and over is simply irritating.

Another is that they may make some peoples' flist layouts not display properly, either because they're too wide for the column, or because they use poorly-coded HTML tables.

Something else to think about is that when an image is posted without a cut, it ends up wasting the bandwidth of the server it's on, because it's refreshed so often by people checking their flists. It can also waste the time of the people doing the checking -- their connection may be slow, and they may not want to re-load that image every time they check their flist.

Again, I'm not saying people *should* do this or that, just sharing information.
Flat | Top-Level Comments Only