Slashdot Mirror

← Back to Stories (view on slashdot.org)

4chan Launches '$20 Bug Bounty' After Hackers Ruin moot's Day

Posted by Unknown on from the it-took-this-long? dept.

mask.of.sanity (1228908) writes "4chan's founder Moot has launched a bug bounty for the site after it was hacked, but is offering a meager $20 in 'self-serve ad spend' for all bugs. The bounty program was launched after the website and Moot's Amazon accounts were hacked. The intrusion spelled the end for DrawQuest which was closed after Moot decided it was not worth spending money to ensure the unprofitable but popular drawing platform was secure."

79 comments

  1. /b by Anonymous Coward · · Score: 1, Funny

    b all you can b

    1. Re:/b by Richy_T · · Score: 4, Funny

      b all you can b

      Done.

  2. let me be the first to say by slashmydots · · Score: 0, Flamebait

    Well, he deserved that.

    1. Re:let me be the first to say by i+kan+reed · · Score: 0, Troll

      This poor, virginal loser didn't try to create the internet's most purposefully asinine userbase. He just got it. Anyone can make an anonymous forum. And if 4chan ever goes away, someone else will.

    2. Re:let me be the first to say by Anonymous Coward · · Score: 0

      Rump rankled?

    3. Re:let me be the first to say by Anonymous Coward · · Score: 5, Insightful

      He's dealt with its community with astounding elegance. And never bowed down and cashed out like Slashdot did.

      I'm sure more than one moneyman waved a check at him thinking he had an idea of how to monetize the site. Selling it to a corporation would mean instant death (no corporate structure would deal with such an army of crazy people)

      In any case, who the fuck are you to call him a loser?

    4. Re:let me be the first to say by lagomorpha2 · · Score: 2

      Selling it to a corporation would mean instant death (no corporate structure would deal with such an army of crazy people)

      Actually that's probably prevented many from offering. Being in charge of 4chan would likely be a liability disaster for an actual corporation. Certainly more trouble than it's worth.

    5. Re:let me be the first to say by Anonymous Coward · · Score: 3, Insightful

      Honestly, you have no idea what you're talking about. The whole "HUR 4CHAN IS EVIL" thing is essentially a forced meme among communities of kids like Gamefaqs or Reddit. They act like it's Valley of Defilement from Demon's Souls, in that the second you walk in there's a bunch of once-human monsters covered in toxic goo and their own feces who want nothing more than to club you to death, when really it's nothing like that.

      What I remember 4Chan for are things like Katawa Shoujo, or the group on /vr/ that occasionally translates Game Center CX episodes, the time people from /v/ delivered Gabe Newell a locked crate and charged him $2.50 to open it. 4Chan is exactly what it set out to be - an anonymous imageboard made for the discussion of anime and Japanese culture (and later other things). It's more popular than the board it spun off (2Chan), and hasn't sold its soul to a mega-corporation, ala Slashdot, Gamefaqs, Reddit , and every other forum out there. Moot makes no money off it. Even the donations from 4Chan Passes are used entirely to pay for the servers and upkeep.

      So no, I think a site's userbase is what you make of it. Of course, judging from your post, you're going a long way to making Slashdot's comments section the most asinine userbase on the internet.

    6. Re:let me be the first to say by Anonymous Coward · · Score: 3, Informative

      So, Random Inc, you bought 4chan last week. What does it feel like to support child molesters, beastiality, rape, suicide, and other obscene acts?

      I mean, their choices would be to moderate the community(in which case the community would vanish), or to acknowledge and remain laissez-faire to the fact that 4chan hosts a hoard of illegal content.

    7. Re:let me be the first to say by slashmydots · · Score: 3, Insightful

      Finally, a comment from someone who actually knows something about 4chan.

    8. Re:let me be the first to say by Pope · · Score: 1, Troll

      So, Random Inc, you bought 4chan last week. What does it feel like to support child molesters, beastiality, rape, suicide, and other obscene acts?

      I mean, their choices would be to moderate the community(in which case the community would vanish), or to acknowledge and remain laissez-faire to the fact that 4chan hosts a hoard of illegal content.

      Oh, so Reddit?

      --
      It doesn't mean much now, it's built for the future.
    9. Re:let me be the first to say by ultranova · · Score: 1

      This poor, virginal loser didn't try to create the internet's most purposefully asinine userbase.

      "Virgin" is to Internet Tough Guys what "whore" is to fundamentalists: a supposedly devastating insult shaming its victim forever. What neither of you seem to comprehend is that whether one has never had sex or is being paid for it, it's the people who insist on bringing the matter up at otherwise non-sexual contexts who come across as creepy perverts.

      That, or someone got banned.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    10. Re:let me be the first to say by Anonymous Coward · · Score: 4, Insightful

      Pretty much. Reddit literally censors itself from 'controversial' topics, such as Snowden leaks, because they feel it would 'distract' the reader base. I am done with that place, they are only interested in circle jerking pre approved topics and lines of thought. The beauty of 4chan is that there is no moderation at all, you pretty much have to read everyone's crappy opinion, or you can just leave the site. This forces you to take every post rather skeptically, and detaches ego from content, meaning you might actually come across a solid argument, and even learn something or change your mind for the better (or worse) in the process.

    11. Re:let me be the first to say by i+kan+reed · · Score: 1

      I was just being facetious. Didn't take, though. I thought half the point of moot was to mock him.

    12. Re:let me be the first to say by Anonymous Coward · · Score: 0

      4chan is moderated, to varying degrees. And that's good, because you can have moderation without censoring legitimate opinions (no, reposting shit memes and trollbait isn't posting a legitimate opinion.)

    13. Re:let me be the first to say by TangoMargarine · · Score: 4, Insightful

      Free speech is messy. Completely free speech is completely messy.

      Hail Eris

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    14. Re:let me be the first to say by Anonymous Coward · · Score: 0

      4chan's userbase is awful. It's a different level of awful, depending on the board, but none of them are anything at all approaching good. The site was swarmed by idiots and children who take 'internet hate machine' seriously, and that's all you really need to know about the quality of the userbase now.

    15. Re:let me be the first to say by TangoMargarine · · Score: 4, Informative

      Your use of "fagtards" makes me suspect you are yourself a member of the group you're criticizing.

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    16. Re:let me be the first to say by bhcompy · · Score: 1

      Well, more like post-acquisition they were forced to close more or less legal but highly unethical/questionable subreddits because massive media companies like Conde Nast can't be bothered with accusations that they allow things like jailbait photos on their websites.

      It's pretty similar to Fark, as well, since Fark had to make the site safe for work in order to keep advertisers and to get on shows like Jeopardy. Now, Reddit gets on Jeopardy despite having dedicated not safe for work content, but it's basically 10 years later.

    17. Re:let me be the first to say by Anonymous Coward · · Score: 0

      Most of 4chan is shit. The huge chunk of it is ignorable shitposting and trolling, a small part is enjoyable in a guilty pleasure kinda way, a small bit of it is actually offensive to a point where a relatively adjusted person feels legitimately ashamed to be associated with the community, but there are occasionally awesome discussions which happen there that couldn't happen anywhere else.

    18. Re:let me be the first to say by Anonymous Coward · · Score: 0

      At least 4chan occasionally produces something great. Slashdot has been nothing more than a pathetic joke for practically a decade.

    19. Re:let me be the first to say by Anonymous Coward · · Score: 1

      "4chan hosts a hoard of illegal content"

      Doesn't everyone.

      Google probably has fifty thousand times more illegal content on it's servers, but my guess is that it would not apply by volume, then again I could be wrong.

    20. Re:let me be the first to say by Anonymous Coward · · Score: 0

      Asinine, inflated with huge amounts of USI, and boring. I still read Slashdot for the intelligent comments, but the s/n ratio is way down on where it once was. I've read some astoundingly stupid posts here. On the other hand, the 4chan effort to rickroll MTV was kind of fun...

      ^^

    21. Re:let me be the first to say by Anonymous Coward · · Score: 0

      So you've only been on /b, right?

    22. Re:let me be the first to say by Anonymous Coward · · Score: 0

      Neither of you know anything about it, clearly; illegal content can be posted (just like on any other forum without restrictions on who can post images), but it is always deleted fairly quickly by janitors or mods, assuming it is something that is actually illegal (such as the previously mentioned child molesting).

    23. Re:let me be the first to say by Impy+the+Impiuos+Imp · · Score: 1

      It's interesting that, out of all the invective he spewed, that is what you focused in on like a laser. Well, a Pavlovian dog with a laser attached to its head, the ringing bell being the word "fag", this decades' tsk-tsk word on the euphamism treadmill. I've lived long enough to see "don't use retard" go through two full cycles now, it first being beaten out of conversation as a casual derrogation in the 1970s before making a comeback 10 years ago.

      It's ironic that a 4channer might reply to him with a message almost identical in content and implication as yours, but with much more florid language, and not as a Pavlovian response, but rather as a trolling one.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    24. Re:let me be the first to say by JudgeFurious · · Score: 1

      We're all just a bunch of "slashfags" anyway. Who are we to criticize? I tried to explain the weird evolution of the word "fag" to a friend and he didn't get it at all. There are people today who use the word in a way that has nothing to do with homosexuality (just as oddly enough it long ago had nothing to do with homosexuality) "oldfag", "newfag", 'bfag" or "btard" more commonly get people all riled up about the rampant homophobia (or political incorrectness where "tard" is concerned) but don't seem to get that the people using them are fine with homosexuality. It's like the actual state of being gay is fine now and culturally got accepts but the words describing them (previously in a derogatory way) didn't..... but people decided to use them for something else anyway.

      --
      Appended to the end of comments you post. 120 chars.
    25. Re:let me be the first to say by locopuyo · · Score: 1

      Reddit is comprised by a very high percentage of emotional young people. Reddit's voting system ensures that every post complies with its emotional teen hive mind. It is rare you find any valuable discussions on Reddit because the voting system turns everything into a circle jerk.

      Visit Reddit if you want to know what the hive mind is thinking,

      --
      The Official Site of 1337 Pwnage
    26. Re:let me be the first to say by slashmydots · · Score: 1

      Well you have a point except for the fact that no it isn't.

    27. Re:let me be the first to say by slashmydots · · Score: 1

      Uhhh no, I'm classier than that. I troll and screw with people in MMOs, okay? Not the garbage pit that is 4Chan. I have standards FFS.

    28. Re:let me be the first to say by slashmydots · · Score: 0

      Yes, out of courtesy, I speak to 4channers in their own language. It's like calling a drag queen "she" while he is in drag even if you don't agree with it. It's proper social conduct, you fagtard.

    29. Re:let me be the first to say by Anonymous Coward · · Score: 1

      r u a moran? They have a shit-ton of janitors now -- CP is non-existent enough I am comfortable browsing /b/ on my work computer.

    30. Re:let me be the first to say by Anonymous Coward · · Score: 0

      4chan: You will never find a more wretched hive of scum and villainy.

      Expect maybe stormfront

    31. Re:let me be the first to say by TangoMargarine · · Score: 1

      I guess my reasoning was that other than "basement-dwelling neckbeard fagtards," all of the other things on the list are actually illegal, not commentary on (condemnation of) someone's law-abiding lifestyle.

      Okay, maybe not being a "weirdo" in reasonable cases...and being an asshole or troll can get you in trouble if you do it in court...but yeah. Taking the Urban Dictionary definition of "doxing" as "when a person is 'doxed', all their personal information is made available for all users to see," I wouldn't imagine that would be illegal in most cases, but probably be a dickish thing to do.

      I've never actually been on 4chan myself, but the idea that it is somewhere where everyone can flagrantly exercise their ability to speak freely sounds like a good bag to me. I might try to point out how your ("you" being generalized Slashdot) arguments are wrong/inconsistent/don't make sense, but I would do nothing to stop you posting them.

      I'll end this by saying I sympathize with your viewpoint, but it seemed quite clear he was using the label as an insult rather than an identifier. And there's the "It's proper social conduct, you fagtard" bit parallel to this post that only reinforces that point.

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    32. Re:let me be the first to say by mythosaz · · Score: 2

      Were the hell do you work?

    33. Re:let me be the first to say by Anonymous Coward · · Score: 0

      The co-worker in the cube next to you doesn't voice concern about your viewing of spread asshole all day long?

    34. Re:let me be the first to say by Anonymous Coward · · Score: 0

      4chan's userbase is awful.

      Yeah, not like good 'ol Slashdot. Where groupthink and neckbeard opinion still reigns supreme. Not like the past 15 years I've been on Slashdot, but find the vapid and pathetic opinions of washed out idiots posted over and over, like some gigantic echo chamber. No sir.

      I'd rather read /diy/ twice than a day than Slashdot. Sounds like you visited /b/ once and got all upset once. Good. Stay here and wallow.

    35. Re:let me be the first to say by Anonymous Coward · · Score: 0

      4chan isn't unmoderated, they just can't meaningfully or equitably address real problems like trolls and astroturfers steering threads off-course, all the while mods and janitors shut down any discussion that they don't personally like. There is actually more moderation now than ever, and this seems to be the impetus behind the hacking.

      Ideally, mods should only focus on illegal content and spam, and let the board prune itself of pointless threads. But current mods and janitors feel differently, and have actively tried to shape the culture of the boards.

    36. Re:let me be the first to say by Anonymous Coward · · Score: 0

      >browsing /b/
      >at work
      >mfw

      Where the hell do you work that you're going on red boards without worry?
      Seriously.

      The rest of 4chan other than /b/ is surprisingly reasonable (like /v/, /g/, /vr/, /m/, etc) -- but /b/ is effectively unmoderated (unless the content is so illegal that you can't ignore it).

    37. Re:let me be the first to say by Anonymous Coward · · Score: 0

      What IP does ypur host file point 4chan to? Because you've obviously never been there.

  3. Surprised it didn't happen sooner by Anonymous Coward · · Score: 0

    Although one might argue that the original "4chan.hta" script/virus was the first proper hack of 4chan.

  4. Details of hack? by marcello_dl · · Score: 4, Funny

    Login: moot
    Password: umad?

    --
    ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
    1. Re:Details of hack? by Anonymous Coward · · Score: 0

      &loggedin=false

      What could possibly go wrong!

    2. Re:Details of hack? by holostarr · · Score: 3, Informative

      If anyone is interested, here are the details: http://chrishateswriting.com/

    3. Re:Details of hack? by Anonymous Coward · · Score: 1

      That's not his password! Everyone knows moot's password is "Ep8pui8Vw2"!

    4. Re:Details of hack? by Anonymous Coward · · Score: 0

      In summary: SQL injection

  5. Bug bounty by Anonymous Coward · · Score: 0

    It should be a can of soup, not $20.

  6. I'm surprised by GoCrazy · · Score: 3, Interesting

    That he's providing a monetary incentive at all. People would probably do it for free.

    --
    No beer and no TV make Homer something something
    1. Re:I'm surprised by Darinbob · · Score: 1

      It doesn't seem monetary though. I can't figure out what the rewards really are because I don't speak that language. "Advertisement credits"? What the heck is that? Or 4chan subscription for a year, I had assumed it was free.

    2. Re:I'm surprised by Anonymous Coward · · Score: 0

      /sp/ plz don't let your persecution complex spill over to slashdot too

    3. Re:I'm surprised by Anonymous Coward · · Score: 0

      while 4chan is a free site, posting requires completing a recaptcha. a 4chan pass allows you to bypass this requirement. it costs $20/year.

      as for "advertisement credits," 4chan has small banner ads on each page. you can pay to have an "advertisement" displayed on 4chan.

  7. Offer Coupons by Anonymous Coward · · Score: 0

    How about a coupon for a cheese pizza?

  8. sql injection by Anonymous Coward · · Score: 0

    How can you leave errors exposed in production version of the site, and not escape sql queries? :o

    1. Re:sql injection by abirdman · · Score: 1

      According to the description I read on a link above, the unescaped sql (and hence the injection vector) was a one-off administration page the intruder found by poking around on the disk. A mistake, but not quite as bad as leaving the error on a published page.

      --
      Everything I've ever learned the hard way was based on a statistically invalid sample.
  9. Parameterized by tepples · · Score: 4, Informative

    In the vast majority of cases, escaping is not the best solution to prevent a Bobby Tables attack. Instead, switch to a database API that supports prepared statements with named parameters. For example, in PHP, switch from the deprecated original MySQL extension (no prepared statements) or MySQLi (positional parameters only, variadic binding difficult) to PDO (named parameters, variadic binding easy).

  10. Bestiality is the BEST iality by Anonymous Coward · · Score: 0

    Hi Anonymous Coward. We at Random Inc. will use our complete disregard for human life to better serve the child molesters, bestiality, rape, suicide, and other obscene acts market. About the allegedly illegal content, our legal team assures you it will be solved in a matter of days. It will be hosted under a different company name in Antarctica.

    AC, Random Inc spokesman.

  11. Is 4chan really unprofitable? Sounds like a myth by mTor · · Score: 1

    Recent hack, the one that has prompted this change in policy and security issues reward process, revealed that 4chan sold about 12740 passes this year. At the price of $20 per pass, that's about $254,800 so far. And there's also a lot of revenue coming in from advertising.

    If 4chan was truly unprofitable, it would have closed years ago. Seems to me that this is just an image that the owner is trying to project.

  12. Re:Is 4chan really unprofitable? Sounds like a myt by Anonymous Coward · · Score: 2, Interesting

    Passes went on sale in Fall 2012, so it's been around 1.5 years for 12740 sales. Additionally, he's done a lot of 50-75% off sales (cyber monday, etc) so the actual income from passes is somewhere south of $254k. I'd guess between $100-200k, assuming the 12k sales is correct.

    Then there's the processing fees and CC fees and whatnot, so maybe it's a few % less than that.

    Then he has the server expenses. How much does it cost per month to run a site like 4chan? How much does cloudflare cost on a site like that? Amazon VMs? 4chan is still a top ~1000(ish) site on the net, which probably costs a fair amount.

  13. Re:Is 4chan really unprofitable? Sounds like a myt by mTor · · Score: 3

    Good points on pricing! But like I mentioned, advertising is bringing in a lot of funds as well. Bandwidth is cheaper than ever these days and a lot of it is "subsidized" by Cloudflare which don't charge for bandwidth. 4chan also doesn't run on AWS/VMs (you can find pics of 4chan servers on 4chan blog). And we can tell how much Cloudflare costs: http://www.cloudflare.com/plan...

    So I still don't see why, after all this revenue, the site would be unprofitable. It's not like moot has a large dev team behind it.

  14. Re:Is 4chan really unprofitable? Sounds like a myt by Anonymous Coward · · Score: 0

    advertising is bringing in a lot of funds as well.

    /b/tards use adblock, fagggot.

    Even 200k in 4 years is about 50k a year (wow, I'm a math genius), not counting expenses. That is nowhere near enough money to feed mootykins cocaine and hooker needs. It isn't like keeping the site up requires no manpower/littlegirlpower, so if you don't value mootykins time at zero the website shouldn't make him much money.

  15. Re:Is 4chan really unprofitable? Sounds like a myt by Lehk228 · · Score: 2

    the draw program was unprofitable, not 4chan itself.

    --
    Snowden and Manning are heroes.
  16. Re:Is 4chan really unprofitable? Sounds like a myt by Impy+the+Impiuos+Imp · · Score: 1

    It's a far cry from that amount to hundreds of millions of dollars, which any other web site with that kind of hit total would be trying to monetize.

    But given the porn and rude-centric nature of most of the posting, it must be hard to sell advertising lest stockholders or journalists looking to muckrake open their yappers questioning why company XYZ is buying ads on "that site".

    Did you ever notice when Howard Stern was on broadcast radio, as popular as he was, his ads tended to be things like lawyers and bail bondsmen?

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  17. Re:Is 4chan really unprofitable? Sounds like a myt by Anonymous Coward · · Score: 0

    It said the drawing program was unprofitable, you illiterate piece of shit.

  18. /mlp/ was here by ButchDeLoria · · Score: 0

    Homestuck a shit

  19. well let's be honest here by Anonymous Coward · · Score: 0

    when regular people say 4chan they mostly mean /b/ which isn't exactly known as the nicest place on earth...

    1. Re:well let's be honest here by Anonymous Coward · · Score: 0

      Thank god!