Easter Eggs in Web Sites?

cwikla asks: "Back in the .COM days, I worked at eGroups, now owned by a larger Company. During my time I added a couple of easter eggs to the site, which I was reminded of while watching Being John Malkovich this weekend. I checked, and ones sort of still there. If you append malkovich=1 to a message URL it would turn the message into 'malkovich' mode. It sort of still works, but over time I guess the code has been a changin' so it's kind of spotty. Oh, there are others that still are in there, but where's the fun of telling all the secrets? Any other folks done anything equivalent, especially on mainstream sites?"

Yoda

[Gabey]

At the College of Business site I develop for, we used to use a picture of Yoda to scare the folks who wouldn't let us take their pictures. Seems as though most of them prefer a picture of themselves (no matter how horrible they may think it is) to one of Yoda attached to their bios.
In any case, changing the bio's email tag to "yoda" gives the visitor Yoda's (short) bio. There are a few others, but seeing as how nobody has found any of them yet, we gave up on adding them for our own amusement.

-Gabe

Intranet apps

[tshak]

The last company I was at used all web-based customer management tools. If you searched for something like "I like banannas" it forwarded you to a java based tetris game.

Re:Intranet apps

[pete-classic]

Dell's internal employee page has (or at least had) the entire Enterprise D command staff, complete with (very low) badge numbers.

The "supervisor" and "co-workers" links even worked. If you clicked on LaForge's supervisor you got Picard's entry.

-Peter

Re:And?

[Laser_47]

How do you "stumble" across the flight simator in Excel? I've never had the need to do those things on a spreadsheet. The programmers had to tell someone in order to find it.

I've done this before for copyright reasons

I would append a url string like ....cgi?author=who

and the page would parse out my contact info. I would use this for portfolio pieces when demoing new clients. It just proved that you worked on it.

Slashdot Egg

[aardwolf64]

I consider http://apple.slashdot.org/ to be an egg... a lot of people don't know about it.

Re:Slashdot Egg

[kliklik]

How about http://warez.slashdot.org/?

Re:Slashdot.org easter-egg

[cswiii]

Funny, all I got was an alert, "This document contains no data."

Slashdot Easter Egg

[big.ears]

Here's one you can find on slashdot: If your comment consists entirely of "First Post", you get modded down to -1.

Re:Slashdot Easter Egg

[fobbman]

And if you post an article as JonKatz it magically won't show up on 90% of Slashdot readers front pages.

.

Is Jeeves Gay?

[PunchMonkey]

Go on to http://www.ask.com and ask Jeeves if he's gay :-)

This used to result in a funny error message something like:

"Server Error 505 - None of your business".

EEGGS.COM

[webword]

1. Eeggs.com is good site for Easter Eggs in general.

2. You'll find a few web sites with Easter Eggs here.

GoatSe.CX

[clinko]

For "Security" on a friends site he has it redirect to goatse.cx if you try to change strings.

I learned my lesson. I don't try to fuck with his site anymore.

Well, there's Klingon Google:

[Wakko+Warner]

Klingon Google.

Pig Latin Google.

What we need is an xx-askslashdot google. :)

- A.P.

easter egg clients

[brer_rabbit]

I swear my server doesn't have easter eggs, but that doesn't stop some people from trying:

"GET /scripts/..%255c../winnt/system32/cmd.exe?/c +dir HTTP/1.0"
"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/sys tem32/cmd.exe?/c+dir HTTP/1.0"
"GET /_mem_bin/..%255c../..%255c../..%255c../winnt/sys tem32/cmd.exe?/c+dir HTTP/1.0"
"GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..% c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"

Re:easter egg clients

[Quai]

Like this one?

Background Images and Webcams

[Marasmus]

Heh, my favorite was on black-background pages, having a random background image with an embossed super-dark-grey color... so only people in 16bit+ color COULD see it, if the brightness and contrast was high enough.. and once they did see it, it'd still be hard to discern. :)

I remember putting a little easter egg into an undisclosed "mature webcam site" that would bring up the webcam of the NOC... I'm sure that nearly 3 years later it's gone, though... especially considering that the webcam of the NOC has changed IPs. :(

Resume` in Code

[RembrandtX]

When I Decided to leave Comcast@Home I put my resume in the template source code as comments.
[Just in case I needed to prove to potential employers that I was what I said I was.]

It was there for about 3 months before someone caught it.

Oddly enough .. no crank calls .. even for having my phone number out there 'obtainable' as it were.

Get the word out!

[OutsideBoston]

Go here and post your eggs. Hopefully others will follow. ~N

Re:Get the word out!

[hyyx]

Actually, DON'T go there and post your eggs. Hopefully others will NOT follow. Let me explain...

I think this site is the most inaccurate, stupid, and mismanaged conglomerations of crap out there. Sure, there are a lot of cool and verifiable eggs on site that you will not find anywhere else, but if you actually take a minute to sit down and look closely at the content, you will see that it is often inaccurate and incomplete.

The site maintainers need to set up a system that is more rigid and structured for defining what an egg is and in what manner it gets posted. If you look at most eggs, they are lacking in many important details, such as:

What the egg is.

Exactly how to reproduce the egg.

What hardware/software versions does it work on?

Many of the eggs on the site are simply not eggs. Read the comments in the following egg to see how many people show the egg to be false, but yet the non-egg continue to stay posted:

http://www.eeggs.com/items/16200.html

The webmaster even admits it for this one:

http://www.eeggs.com/items/22634.html

Here is the same exact egg, listed twice (also try reading the comments for some highly intellectual discussion):

http://www.eeggs.com/tree/1243.html

I think the site sucks, because it doing a less than half-ass job. It's not worth doing if you're not going to at least _try_ to do it right.

Slashdot Easter Egg!

[indole]

I've found one:

by appending /~%43%4d%44%52%54%41%43%4f/ after slashdot.org, one can peruse over a collection of megamaniacal ramblings. Scary as this easter egg is, the pure absurdity of the posts is funny enough to keep me laughing (and crying).

Re:Why, yes I did . . . and it's still there

[rayray14]

psstt... what's the url? I promise i won't tell anybody else!

Every site I built from 95-99

[CDWert]

Every site, or more specifically interesting component I built was egged.

I did this for 2 reasons, 1 company I worked at, my MGR had a VERY bad habbit of claiming work was his, he would do a search and replace on Our names with his own....schmuck, SO, I would easter egg a cgi into it for "Author and Verion control"
Lol....It basically said it was built by me when and what cool stuff it did.

The second reason was Job Hunting, nothing like bringing up a killer site and being able to PROVE you were the constructor. Worked like a charm every time. Or if I was a company or two down the road from something of note I built, I could prove it was mine.

I started doing this in the early 90's when a lot of applications we were writing were for exclusive distribution and branding by third parties, who were never going to , or expected to give credit, of course they still graced my resumes....ONCE I had a company get contacted, they claimed it was all written in house, and I was lying about having ever worked on the app, NOW I can actually understand this , it was a finacial app and the thought of eggs or backdoors must have been scarry, I got called on it in my secnd interview. I explained why the company lied about my involvment and promplty offered PROOF of my involvment on particuar modules....I got the job.....:)

I still do it to some extent although not as clandestine or ego-centric. I proved myself to those in the area a loooonnng time ago. But its cool that over half the site I put up are still up in their original form and doing well, most are ecommerce site, and their eggs are still there :) Not backdoors mind you, just "Author Control's" :)

If code goes under the proper review channels, as it should before release this should never happen, funny thing is you have guys in charge of this stuff like me who then add it :)

But then again , on a smaller site that then gets gobbled by a 800lb gorilla you may see this, I guess If Ive done it, the author has done it and as many slashdotters Ive seen have done it .....how many egged sites are out there ?

Eudora had my resume in it

[Wee]

I don't know if this is an Easter Egg, but I built a version of Eudora (it was like the tenth daily build and really late at night on a weekend when I had plans or something -- in other words, typical Qualcomm) which displayed my resume instead of the readme. Heh. Never told anyone that. Nobody reads the release notes anyway.

Oh yeah, when Eudora moved to adware mode and went public beta, me and a guy from tech support put in some ads of our own (accessible only to a small range of IPs, though). We had a Russian brides one, some personal lube ads, Gary Coleman, the usual. We used most of them for testing during the private beta, but one we did add was a picture of a former VP who played a large part in causing the ruination of the Eudora group. It wasn't a flattering ad, and predictably it didn't rotate for very long, but it got seen.

Ahh, the memories...

-B

Easter eggs in my software

[PolyDwarf]

In the software I'm writing (Windows app), we've put in an easter egg that brings up a picture of one of the guy's dog (Yorkshire terrier that he absolutely loves) with an algorithm to animate flames superimposed on the picture, to achieve a burning dog effect.
How did you get there?
Up-Up-Down-Down-Left-Right-Left-Right-B-A- Return

(Up, Down, Left, Right being the arrow keys... No start key, so we had to go with return).

HTTP header

[lampwick]

One of the sites that I wrote about 7 years ago included this HTTP header line in every response it sent out:

X-Urban-Legend: There's lots of hidden information in HTTP headers.

Re:easter eggs are stupid!

[cpct0]

As computer programmers, me&my friends did quite weird things as easter eggs.

I used to work at a GPS-software company. When in navigation mode, if you typed "where in the world is carmen sandiego?" (actually only the initials and it worked, witwics?), it showed the precise position of my cubicle in the company's office. It was (believe it or not) quite useful to test the software's precision for many functions... I had to remove it though because we were lacking space the hard way and my code took 230 bytes - with 4k of free RAM, 230 bytes is a lot! No one would've found it as it was quite stealthy and precise enough it wouldn't crash anything... but when in monger for space, well, I have a conscience too :P

On a mainstream computer game, we were coding something where buildings could be put in place and under certain conditions, they could be destroyed. Then, sept. 11 arrived... We _HAD_ to make a small aircraft that goes on the buildings and make them crash. It is totally sick but anyways. The mod code and picture is on a CDROM copy somewhere, as it was totally kick-banned from the final code, for obvious reasons (even if almost impossible to find). :)

On the successful ones, I have more than a few hidden credits on my side, I used to comment quite extensively my javascript codes. One thing I found out was that record #0 of many of my databases are never used (sanity check). So I write anything that comes into my mind when creating that record. No one will see it anyways... And it's always selected out from any of my queries.

When creating a easter egg, you must remind yourself of something: it will always be shown somewhere. Don't put yourself in trouble, write "cutsie" thing, not things that you could be taken accountable for. For example, never put pr0n in a child game, don't put sicko things anywhere, don't kick the company in the groin... or else, someone will find it and then, you're in trouble (especially if CVS system is implemented - they can backtrace!)

Other than that, well, have fun, easter eggs are quite fun to do and discover! And they personalize the code too.

Have a nice day
Mike

Marvin the Paranoid Android 404 takeoff

[tevita]

Loved the 404 at http://www.sweweb.net/

Try http://www.sweweb.net/garbage.html for instance.

Re:Marvin the Paranoid Android 404 takeoff

[Scooby+Snacks]

I dunno, I'm kinda partial to this one, myself. :-)

Re:Until you get arrested

[Cutriss]

For reference...2002-03-19 20:37:21 Easter Eggs at the Expense of Resources? (askslashdot,programming) (rejected)

That just got rejected in the last three days.

My comments went something like this - I have a friend who works for a company that does Palm software, and he inserted a tic-tac-toe game in their application. The software he develops is fairly large and robust, and the thought came to mind: Where do you draw the line with Easter Eggs?

The Palm platform, and any other portable/embedded system, deals with small storage and memory footprints. Adding in a hidden extra like this isn't taking up an "infinitesmal" amount of space or resources. Proportionally, it's of significant size. On a PC, this might be different, but for a Palm with 2 MB of memory, I'd personally be a bit disappointed to find out that the software I'm installing is artificially fluffed/bloated because some yahoo decided to have a little fun.

So, where do you draw the line with Easter Eggs? Fun in programming is cool. And I'm not saying that he was wrong for doing it...but what if he decided to put in JezzBall or something larger instead? Or something that wound up being a security/system hazard?

Re:Slashdot.org easter-egg

[neuroticia]

How typical of a guy to be unable to find it. ;)

-Sara

Re:seti@home easter egg

[totallygeek]

Not really a Seti@home easter egg, but funny story none-the-less:

A good friend of mine was sshing to another computer to run seti and it finally got noticed (why is this computer running sluggish?). So, this other guy went to my friend to ask a question and saw that he was watching the seti processes going on about 20 computers. So, he went back to his machine and wrote a program outputting stuff just like seti@home and at the end came up with a message saying something was found and he should call this 800 number immediately. Once it was ready, he rebooted (killing my friend's ssh session) and now the replacement seti was ready to go. So, my friend logs in and runs seti. All is well, and then everyone hears, "Oh my God". He is calling everyone around his computer so that he can speakerphone the historic phone call giving fame and fortune for finding E.T. Click, dial tone, beep, beep....beep, ring, ring -- It was so funny to see his face when it was a sex line number, and not SETI.

Moral: don't jack with others' resources.

PHP4 Easter Egg

[N8F8]

Append "?=PHPE9568F36-D428-11d2-A769-00AA001ACF42" to the end of any php page running PHP$ gives a goofy picture of one of the PHP developers.

Re:DNS txt record easter eggs

[josh+crawley]

Now lets see Mikeysoft's whois.... Now this one is FUNNY.

Server Name: MICROSOFT.COM.WILL.CRASH.IN.6MN.ORG
IP Address: 62.4.22.195
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net

Server Name: MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
IP Address: 202.182.69.39
Registrar: TUCOWS, INC.
Whois Server: whois.opensrs.net
Referral URL: http://www.opensrs.org

Server Name: MICROSOFT.COM.TONY.HAS.SEXUAL.IN.ADEQUACY.ORG
IP Address: 216.254.38.242
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com

Server Name: MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET
IP Address: 207.236.217.177
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net

Server Name: MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M
IP Address: 65.160.248.13
Registrar: G.K. GROUP, L.L.C.
Whois Server: whois.gkg.net
Referral URL: http://www.gkg.net

Server Name: MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
Registrar: TUCOWS, INC.
Whois Server: whois.opensrs.net
Referral URL: http://www.opensrs.org

Server Name: MICROSOFT.COM.OWNED.BY.MAT.HACKSWARE.COM
IP Address: 211.63.57.1
Registrar: TUCOWS, INC.
Whois Server: whois.opensrs.net
Referral URL: http://www.opensrs.org

Server Name: MICROSOFT.COM.MUST.STOP.TAKEDRUGS.ORG
IP Address: 12.5.4.8
Registrar: REGISTER.COM, INC.
Whois Server: whois.register.com
Referral URL: http://www.register.com

Server Name: MICROSOFT.COM.IS.SOON.GOING.TO.THE.DEATHCORPORATIO N.COM
IP Address: 62.92.244.245
Registrar: G.K. GROUP, L.L.C.
Whois Server: whois.gkg.net
Referral URL: http://www.gkg.net

Server Name: MICROSOFT.COM.IS.NOT.SEXYCOOL.ORG
IP Address: 62.4.18.24
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net

Server Name: MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSH IT.NET
IP Address: 63.99.165.11
Registrar: THE NAME IT CORPORATION DBA AITDOMAINS.COM
Whois Server: whois.aitdomains.com
Referral URL: http://www.aitdomains.com

Server Name: MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.COM
IP Address: 209.26.95.44
Registrar: DOTSTER, INC.
Whois Server: whois.dotster.com
Referral URL: http://www.dotster.com/help/whois

Server Name: MICROSOFT.COM.HACKED.BY.HACKSWARE.COM
IP Address: 211.63.57.62
Registrar: TUCOWS, INC.
Whois Server: whois.opensrs.net
Referral URL: http://www.opensrs.org

Server Name: MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
IP Address: 130.58.82.232
Registrar: CRONON AG BERLIN, NIEDERLASSUNG REGENSBURG
Whois Server: whois.tmagnic.net
Referral URL: http://nsi-robo.tmag.de

Server Name: MICROSOFT.COM.EMPLOYEES.CANT.GET.SHAGZ.ORG
IP Address: 198.142.141.98
Registrar: TUCOWS, INC.
Whois Server: whois.opensrs.net
Referral URL: http://www.opensrs.org

Server Name: MICROSOFT.COM.AND.MINDSUCK.BOTH.SUCK.HUGE.ONES.AT. EXEGETE.NET
IP Address: 63.241.136.53
Registrar: DOTSTER, INC.
Whois Server: whois.dotster.com
Referral URL: http://www.dotster.com/help/whois

Server Name: MICROSOFT.COM.AINT.WORTH.SHIT.KLUGE.ORG
IP Address: 216.181.127.195
Registrar: THE NAME IT CORPORATION DBA AITDOMAINS.COM
Whois Server: whois.aitdomains.com
Referral URL: http://www.aitdomains.com

Al Gore's campaign web site

[mikosullivan]

Al Gore's campaign web site for the 2000 election contained some special remarks in comments in the HTML. Basically, Al falls all over himself congratulating you on how smart you are for viewing the source:

Thanks for checking out our source code! I plan to use this space to post special messages to those who are helping to improve our web site -- by making our site the best it can be. The fact that you are peeking behind the scenes at our site means you can make an important difference to this Internet effort. I'm grateful for your help and support in this campaign. Now let's keep working to build the 21st Century of our dreams!

Al Gore

Hidden Easter eggs = Bad, Bad.

[Smarmy_1]

I've helped create a number of easter eggs in the past, but these days, I've had a serious change in thinking about them.

This may sound extreme, but if a coder added an easter egg to a project that I was running, they would get in serious trouble, maybe even fired. Now, before you think that is just being too serious or flame-bait, here's my reasoning:

Simply put, easter eggs are for the developers, not for the customers, and they don't belong in commericial software developement. The risk almost always outweighs the benefits, especially in a project like a public site! That is incredibly dangerous.

One of the biggest problems with easter eggs is they almost always bypass the QA process. Think about that for a minute. The developers are writing code that hasn't been tested, and the QA department doesn't even know it exists! Granted, this isn't always true, but most of the time, it is. Bad, bad. Like potentially company-ruining-bad if the dev uses some bad judgement (gee, that never happens, late at night, at the end of a project, does it?).

The best course of action is that the devs know ahead of time that easter eggs are not tolerated unless they are totally above-board in the development cycle. Save your humorous inside jokes for internal little apps you give to your mates, and you and your company will be a lot better off. They're usually inside jokes, anyways, so putting them in a public software project is just a totally unecessary risk, IMO. A few yuk-yuks is not worth your company or your project being compromised by bad code or a PR hit from an embarassing easter egg.

Re:seti@home easter egg

[Anonvmous+Coward]

Heh I love pranks like that.

My company asked me to put a demo of our technology up on our website. So I created a blank web page with a windows error message in the center that read: "The radiation shielding on your monitor has failed, please do not sit directly in front of your computer."

Then, I did something really sneaky: Using FrontPage (there really is a use for it :P) I downloaded a CNN Health page and wrote up a fictional health warning about the 'Microwave Virus'. Heh It was a silly idea: A virus floats around people's machines and increases the power of UV guns in your monitor by 400%. Eventually it burns out some of the shielding and exposes people to radiation. Common symptoms included drowsiness, irritability, and other stuff you typically feel at work.

I renamed my computer on the network to 'www.cnn-news.com' and set up MS's Personal Web server on my computer to host that fake web page I created. Except for the domain, the URL looked exactly like one of CNN's pages. I even corrected all the links to go to other areas of CNN's site. (It seems like a lot of trouble, but like I said, FrontPage made it real easy.) Of course, I sent out a 'virus advisory'.... Anybody on our network was able to visit 'www.cnn-news.com' (with the address stuff at the end) to hit that page.

So what happened was first a few people opened my message about the new demo, and they got the 'Radiation Shielding has Failed' message. They ignored that (they work too hard), then they read my advisory of the 'Microwave Virus' and put the two together.

When I got to work, several of the women in the office were standing around asking each other if they should go to their doctor. The System Administrator about died laughing when I let him on it. (He had to put up with strange questions about radiation shielding all morning. Heh.)

Not sure if that quite qualifies as an easter egg, but a fun story nonetheless. :)

Slashdot, was Re:HTTP header

[babbage]

% lwp-request -m HEAD http://slashdot.org/ | grep '^X-'
X-Fry: I'm never gonna get used to the thirty-first century. Caffeinated bacon?
X-Powered-By: Slash 2.003000

% lwp-request -m HEAD http://slashdot.org/ | grep '^X-'
X-Bender: Bite my shiny, metal ass!
X-Powered-By: Slash 2.003000

% lwp-request -m HEAD http://slashdot.org/ | grep '^X-'
X-Bender: Like most of life's problems, this one can be solved with bending.
X-Powered-By: Slash 2.003000

% lwp-request -m HEAD http://slashdot.org/ | grep '^X-'
X-Bender: There's nothing wrong with murder, just as long as you let Bender whet his beak.
X-Powered-By: Slash 2.003000

% lwp-request -m HEAD http://slashdot.org/ | grep '^X-'
X-Fry: No, no, I was just picking my nose.
X-Powered-By: Slash 2.003000

Is this a Slashdot specific hack, or does the publically available version of it do the same thing?

DANGER GIRL MODEL

[caferace]

Only cute chicks need apply

For a company on its way out, this is still amusing....

Re:my favorite easter egg

[jamie]

You mean /comments.pl!

(without the leading slash, your link was going to the wrong place on our static .shtml page... we've gotten a ton of 404s in our error log :)

Oh, and don't forget the other easter egg, /comments.pl?op=user_created_index