Slashdot Mirror
Facebook Breaks Major Websites With Redirection Bug
johnsnails writes "Some of the biggest news sites in the world disappeared yesterday when Facebook took over the internet with a redirection bug. Visitors to sites such as The Washington Post, BuzzFeed, the Gawker network, NBC News and News.com.au were immediately transferred to a Facebook error page upon loading their intended site. It was fixed quickly, and Facebook provided this statement: 'For a short period of time, there was a bug that redirected people logging in with Facebook from third party sites to Facebook.com. The issue was quickly resolved, and Login with Facebook is now working as usual.'"
can we please stop relying on third parties for things *you* should be providing to your users.
If you let others insert scripts into your pages they can steal your visitors.
Maybe it'll make sites think about who they script src from.
...people wonder i some of us block external crap on sites, not just ads.
Serves every one of these websites for being Facebook lemmings.
The fanboy adblock lists include another list you can add which also blocks out all social media badges etc.
Not that it will; but let that be a lesson to you.
How is that possible? If I'm going to a site, I type in the URL into the address bar, or I click on a favorite, or click on a link returned by Google, or another search engine. The URL gets sent to a DNS server, which returns the IP address of the site, and then my browser starts making http requests directly from the site. Facebook is never involved. Unless Facebook has somehow poisoned the root DNS servers, I don't see how this is possible.
When our name is on the back of your car, we're behind you all the way!
The first successful test. Soon every site will redirect to facebook, then... the world!
I was logged into Facebook when I got this redirect.
However, the website I got it from is one I have never placed a Facebook "like" on or written a comment on with my profile.
Does "a bug that redirected people logging in with Facebook from third party sites" mean that the site has my Facebook details?
The URL was this:
https://www.facebook.com/dialog/permissions.request?client_id=__15digitno__&response_type=token%2Csigned_request%2Ccode&display=none&domain=www.website.com&origin=1&redirect_uri=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D18%23cb%3Df28691eaa8%26origin%3Dhttp%253A%252F%252Fwww.website.com%252Ff1c830d484%26domain%3Dwww.website.com%26relation%3Dparent&sdk=joey
Recently we have seen very widespread "single point of failure" issues. Notably with Facebook and Apple who are both so pervasive in society. These firms are constantly doing major and complicated software updates and those updates are propagated either invisibly in the background or introduced through "voluntary" software updates where you don't get major new features unless you do the update and you have to simply live with whatever bugs or feature cripples come along with it.
The fact so many people are dependent on these very small number of very human folks is a large "single point of failure" risk for society and its individual, business, and government segments.
JJ
I've come to the conclusion that social networking is screwed up because the people who use it most are the people who are least invested in reality.
Every time I try to use Facebook, I get driven away by the behavior of its users. Not the Instagram dinner plate updates, or the personal drama, because I've already filtered out those people.
It's the sensitivity. People take anything seriously. I posted an article showing that divorce really screws up kids. I got back a half-dozen replies, all from people who'd had divorces, defending their own decisions. When I said that it wasn't personal, they said they still felt attacked.
There were other instances of similar behavior too. People hover around Facebook, looking for some reason to cause a scene. Why was this, I wondered.
It seems to me that if you have found something worth doing in life, you're mostly doing it. That doesn't mean your job. If your job sucks, you've probably got a project on the side. You're not going to devote your time to screwing around, which is what most people on Facebook do.
This means that social networking including Facebook selects out the people who have any direction in life, and leaves the resentful, bored, unemployed, disabled, upset, insane, teenage, etc. and concentrates them in large numbers. This is why so much of the response is crazy.
I should amend the post title. I used to keep trying to use Facebook (and MySpace, Digg, Reddit, Friendster, Pinterest, etc.). But now, I don't. These aren't places where healthy people hang out.
Futurist Traditionalism
Facebook did not "Break major websites". Instead Facebook users who were logged in to Facebook (and hence working under the auspices of Facebook) were screwed over when they went to third party sites. Sheesh .. even TFS explains that.
Are we now starting to refer to the Internet as teh Facebook???
I am Slashdot. Are you Slashdot as well?
I'd be of the mind that it wasn't a bug, but intentional. But FB? They don't really need the page views....do they? Stock has taken a bit of a dip again since the graph thing came to light...though still high enough that I'm sitting pretty (bought when it was around 19.50 or so).
The guy who said the election was rigged won the presidency with the second-most votes.
can we please stop relying on third parties for things *you* should be providing to your users.
Clearly it has benefits and disadvantages. One of the disadvantages is displayed in this story. I could name a decent amount of benefits though: 1) you don't have to register again and again every time you want to use some site. 2) you don't suffer from password fatigue. 3) you don't have to worry about no talent ass clowns storing your username and password in plaintext (although you do have to worry about facebook being no talent ass clowns about that). 4) if I just want to stand up a quick little site that is nothing more than CRUD associated to users then all that login stuff can be offloaded to facebook or whomever. 5) from a large corporation standpoint, you can now get additional social data about your users from the facebook api (I know, this isn't necessarily an advantage for the end user and is best viewed as double edged).
Are you opposed to openID too?
My work here is dung.
At first I thought I somehow angered facebook and caused my session to get corrupted! Each time I visited a few different news sites after a few seconds It would be redirected to the error page. I ended up having to clear my cache to prevent the annoying redirect. I find facebook is good as a time waster but I find it scary how many sites have access to my logins and can track and control content.
Obviously Facebook is too big to fail, so every time they bork the internet we should give them a billion dollars.
...I got this bug on a website I do *NOT* use Facebook to log into, so the Facebook statement appears incorrect in that regard. (I was logged into Facebook in that browser though.)
paintball
I never use another site to log into a different site. Sure, Facebook is big today, but this is the internet, this is technology. Myspace? Geocities?
What do you do when FB for whatever reason, suddenly stops? All those sites you used to use facebook to log in, you can't get in. You think FB is going to care when their stock is going for pennies?
My suggestion, don't use other sites to handle your log in for you.
My other suggestion: FB is a troll, quit feeding it.
Be seeing you...
Javascript has been putting in security restrictions for a while now. You can't open a new window without a user click. Most browsers now block automatic window popups.
Why are we still allowing something as archaic as a Javascript redirect? We already have meta tags and HTTP header redirects. We don't need browser navigation without a click to exist in Javascript.
Sure, you could blame Facebook - they did put out a bad script, but the fact that this is even possible is really on the browser makers.
Oh, great. Good plan. Completely block Facebook with a hosts file. This only affected logged in Facebook users. People who aren't going to add facebook's scripting domains to their hosts file.
I was getting this yesterday when reading an article on Mashible. I noticed that it stopped doing it by logging out of Facebook. Probably something I should be doing anyway to prevent them from tracking me all over the place
The Anti-Blog
. . . nothing of value was lost.
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
Protecting yourself against weird things Facebook does is actually fairly simple. I sandbox FB in it's own browser. It's all I use Firefox for, that and the occasional browser compatibility test, but I reset cookies/cache/etc before and after. Combine that with a fake name and you're largely safe to post whatever you want. Won't fool, like, law enforcement or whatever if they look specifically at you, but it will confuse whatever automated ad/cross site dossier these companies are compiling on you. I tie it to the dumpster gmail address I use when I know I'm going to get spammed (drop in your biz card, win a free happy hour!) and bam, I don't even think I've ever touched the privacy settings menu.
On all my systems I replace hosts with this nice updated ad/spy/trojan blocking one:
http://winhelp2002.mvps.org/hosts.txt
Can fellow /. readers recommend any other good ones?
I noticed this several times across a span of 9 hours, from first notice to last notice. I would hardly call that "quick".
I've noticed this as well. People tend to try to "justify" their lives using lifestyle and/or perceived success. For example, a recent survey of Facebook friends found that almost 3/4 of the profile pictures contained either (a) alcohol or (b) children. It's like saying "See what I have, I'm doing quite well."
I don't think that sort of pre-emptive bragging happens when people are actually happy. Instead, as you've observed, there are signs of misery. Lots of scheming and pseudo-romance. It's creepy.
The dysgenic effects will undoubtedly be felt by future generations. It's as if we're breeding humanity into obese deskbound drama queens that know how to look successful on Facebook, but not succeed at real-life things like happiness and fidelity!
Futurist Traditionalism
$ grep facebook /etc/hosts
127.0.0.1 www.facebook.com
[iconv --from-code=utf-7]
'For a short period of time, there was a bug that redirected people logging in with Facebook from third party sites to Facebook.com. The issue was quickly resolved, and Login with Facebook is now working as usual.'
Yes. Never mind that gitch in the matrix.
The problem yesterday had nothing to do with sites offloading authentication to Facebook. It was simply sites that have a little Facebook ad--like "what's popular on Facebook." I experienced this yesterday, just looking for a store location--there was a Facebook ad on the page that instantly redirected to Facebook.
IF/WHEN the "best you've got" = bogus downmods per my subject-line above on my original post here -> http://it.slashdot.org/comments.pl?sid=3445509&cid=42831677
???
You're making my point above for me, in that you're attempting to HIDE TRUTHS from others that I listed there (& in the link it leads to)!
* Such effete measures as unjustifiable downmods won't work!
(Yes - too bad for you trolls, since most folks here browse well below the default threshhold here on /., & thus, will see my post & what it extolls to their benefit...)
APK
P.S.=> Thanks for proving my points...
... apk
Oh, poor baby, did we get downmodded and cry about it again? Remember what happened last time you started squealing like a stuck pig about this very subject?
Better add this to your list of failures, or you'll lose your place as #1 fruitcake on Slashdot, APK (is that A Pernicious Kook?)
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Per my subject above: They're "foxes guard the henhouse" -> http://it.slashdot.org/comments.pl?sid=3445509&cid=42831613 so you'd have to be a real 'cluck' to use them (pun intended) & AdBlock? Crippled by default & NO LONGER BLOCKS ALL ADS either!
APK
P.S.=> Just some "FYI" that has concrete solid undeniable & verifiable backing from reputable sources in the link above...
... apk
Wow, some more true wisdom from APK, Bringer Of All Knowledge. Wicked pun there, I see your LITERARY WIT OUTSHINES ALL who precede you. Nice of you to point out the pun, though, as the less astute reader might have missed it & lived the rest of their poor, miserable lives BEREFT of your marvellous HUMOUR. I think we all agree that would be a => crying shame.
???
Now, what IS a crying shame is that it looks like you got modded down again my friend. I'm so sorry to see such a travesty visited upon you, it fairly breaks my heart, because as we all know, the whole world is wrong and APK is a GENIUS, genius I tell you. Hmm, almost forgot to add -> an unnecessary link to the post above: http://it.slashdot.org/comments.pl?sid=3445509&cid=42831677
I'd suggest that now is an appropriate moment to post your list again, as this PROVES how amazingly cool you are and how everyone on Slashdot thinks you're totally awesome!
Maybe I better do it for you: sArDaUkAr86 gets the UtTeR DuStInG (did I do that right?) & Has To Eat His Words with The Bitter Taste Of Self Defeat against APK The Mighty Wielder Of Logic And Rational Argument => http://slashdot.org/comments.pl?sid=3417867&cid=42771049
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Did you notice the down-mod on this as well?
Still care to claim your superiority? Note that I don't get downmodded when I post, but you do. What does that say about you? Oh, yes - of course, it says that you Utterly Dusted me. In your nutty little world, I think you really believe it to be true.
Get the hint: you have nothing useful to contribute to Slashdot, so stop acting like such a fucking arsehole. Slink off and learn something about interacting with other humans before you open your fat yap again.
Don't forget to post your list again, yes - the one that proves you are Teh AweSoME - to conclude my argument for me by showing yourself up as an ignorant fool, a fifty-year-old man with the mind of a snotty brat of a child.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Once again you fail, your argument is repetitious and annoying (regardless of their technical merit). Everyone who has responded to you so far has been modded up; you have not. Do you still choose to see this as evidence to you of your awesomity?
Face it, APK, people aren't interested in what you have to say. They don't care that you might be right; they've correctly determined that reading your posts is a waste of their time.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
"Now - I truly KNOW this post will no doubt be downmodded, because Advertisers do NOT want this type of information getting out en-masse to enlighten users - they bought out Ghostery, crippled Adblock, but TRY THAT with a local hosts file (good luck!) especially one a user builds himself!" - Myself, FROM -> http://it.slashdot.org/comments.pl?sid=3445509&cid=42831613 AND FROM -> http://it.slashdot.org/comments.pl?sid=3445509&cid=42831729
Making my "predictions" come true in BOTH posts, just as I said they would be... & more importantly, why I suspect WHY as well!
APK
P.S.=>
"I just wanted to say that these posts are amazing. I thought everyone that knew what they were talking about left slashdot long ago. It's been years since I read a comment that made me go and learn more, or that challenged long held assumptions. In short...thank you." - by Anonymous Coward on Saturday February 09, @02:16AM (#42841687)
You're welcome, & glad you liked them!
However - It seems that the advertisers (no doubt), & others that downmodded my posts (see links above in the 1st quote of myself), didn't!
"Gee, I wonder WHY?"... (lol, NOT!).
Perhaps since they told the truth with backing verifiable & undeniable data from reputable sources?
... apk
You pathetic prick, why don't you get some more AC accounts to 'back you up'? You've done it so often in the past. It's not surprising for you to be using this tactic once again.
Face it, APK, you are nothing and nobody gives a shit what you have to say.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Waaaah! Waaaah!
APK: My whiny post got modded down just as it deserved!
Better call the WAAAAAmbulance, we've got a real crybaby on our hands this time!
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
lol, a "Run, Forrest: RUN!!!" evasion & you're left "EATING MY DUST" in the end
You're a real treasure-trove, aren't you APK? Yeah, you totally smoked them, they're EATING YOUR DUST as we speak, they're cursing your name, FOILED by that wily APK!!
What a villain you are, what a dastardly foe to come up against! Oh noes, how will we ever defend ourselves from the master of the pen?
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"
Jesus Christ, I don't think I've seen a more retarded post all year. How fucking immature are you, Captain APK?
You are a fifty year old man for goodness sake, look at the drivel you are posting! This is just pathetic. When are you going to grow up, manchild?
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Waaaaah! Waaaah!
Hint: you got downmodded because your post was FUCKING TERRIBLE. Is that so hard to understand?
Prove you are mentally ill APK! Claim this is a conspiracy to BURY your TRUTH from the world.
Oh.. wait.. you already did.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Not Adblock fans, fuckwit, people who are FED UP WITH YOUR SHITTY POSTS! When are you going to wake up, you fucking stupid cunt?
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Which, of course, PROVES YOU CAN'T DISPROVE MY POINTS, & instead opt to attempt to hide them from others!
... apk
No, fuckwit, you are the one who can't disprove points. You run from them, in exactly the same manner you like to accuse others of.
You suck.
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
Waaaah! Waaah!
APK: People think I suck! Waaah! Waaah!
Yup, they do. Who do you have to blame, arsehole?
That's right! Somebody else!
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?
APK: Blubber blubber! Waaah Waaah! I can't believe anyone would dispute APK as Master Of The Universe! Waaah! Waaah!
I want my 'mommy'!
..Mullah or Pope, Preacher or Poet, who was it wrote: "Give any one species too much rope and they'll fuck it up"?