For those we lost, We will not forget 09/11/2001 “If the bank loans you a million dollars, the bank has a problem. If the bank loans you a billion dollars, the US government has a problem.”
Mark Steyn, September 17, 2008

“Actually, if the bank loans you a billion dollars, the U.S. Taxpayer has a problem.”
— Perri Nelson, September 17, 2008

The things people will do...

Published Tue, Nov 13 2007 9:37 AM
Technorati Tags: Computers and Internet, Software Development, Annoyances

Things at work have begun to get interesting again. We landed a new project that will take me a couple of weeks to finish, and it's fundamentally different from most of the other projects we've done in the past. Not that it's something we don't know how to do, but we will have to write all of the code for this one pretty much from scratch.

There are a lot of similarities at the same time though. The gating mechanism is similar to a mechanism we use occasionally, but site visitors will be coming from a completely different location, We get to use the same concepts, but the execution will be different.

Security requirements for this site are a lot tougher than they've been for most of our other sites too. Most of the sites we create for our clients simply collect user contact information for our clients and give a way a trial product or a CD that helps users to get more out of a product they already have. Occasionally though we have to collect sensitive information for contests that our clients are running.

This might include things such as customer social security numbers when the client is giving away prizes that are large enough that tax information needs to be supplied to the IRS. When we collect information like that, we have to encrypt it securely, store it separately from our other systems, and destroy it once it has been used to minimize the possibility that it can get into the wrong hands.

This time, we aren't going to be collecting any information of that type, but we have similar security requirements. The product being offered on the site is valuable and expensive, so we have to make sure that not only do we only give out one per authorized customer, but we have to securely encrypt the product keys to prevent anyone from being able to use them if they somehow manage to get access to the server where we're storing them, which will be behind two firewalls.

You'd think that all of this might not be necessary for a site that's only going to be available for a short time. You'd be surprised.

A couple of years ago we produced a pair of sites where users could visit to obtain a trial copy of Microsoft Office 2003, and a product activation key that would allow the user to use the software for 180 days. The only requirement was that the customer had to provide contact information that Microsoft could use for marketing purposes, and the user had to come through one of our gating points.

The site was wildly popular. There were tens of thousands of legitimate visitors to the site every day for a while. Soon though we started to notice a few problems.

One of the things that we build into all of our websites is an error trap. If something fails on the site, say a database connection can't be made or whatever, the site will send a detailed message to the development team letting us know exactly what the error was, and all of the context that is available.

This includes things like the user's IP address, browser type, the HTTP headers, the FORM fields, the query strings, session variables and server variables, and a call stack for where the error occurred. That's a lot of information and it's amazing what you can figure out about an error from it. I use a similar mechanism on this website to let me know when things fail.

Interestingly enough, they did fail on this website this morning. From about 8:47 AM to 8:55 AM PST this morning my site was unavailable. This appeared odd, since I haven't updated the code lately, and that's usually when things go south. This time it turns out that someone had shut down the SQL Server service and re-started it. At least that's what my error message emails told me.

Anyway, back to the Office Download sites… We noticed that we were getting an unusually high volume of error message emails. Within a few days there were several hundred of them an hour. Within a few weeks there were forty to fifty of them a minute!

I was tasked with figuring out what was going on. It didn't take too long but I had to wade through a bunch of those error messages to do it.

Have I told you on this site before that I hate spam? Have I written about the inane things that people try to spew out to get people to buy their products? Of course I have. I've written about the problems with automated filters. I've ridiculed the spammers and whined about the work I have to go through to rescue legitimate comments on my site (it's worth it though).

Well, one of my least favorite forms of e-mail spam are the ones that offer you "free" or "reduced price" software. Second to those are the ones that advertise for "warez" sites.

Apparently that's what had happened to our Office Download site. Some "bright" individual had decided to take advantage of our site that way. He (or she, after all, greed knows no gender) had captured the URL of the site's confirmation page and posted it on a "warez" site. And naturally, greedy and gullible people were flocking to that site in droves, clicking on the link to "free Office Software" and landing on our site's confirmation page. That's the page that presents the user with the product activation key.

The only problem was, the site absolutely required that the user go through the gating mechanism for session data to be set up correctly. It also absolutely required that the user provide the contact information for an order to be set up. Any user that landed on the confirmation page without having gone through that wasn't going to see a product activation key. They were going to see a message indicating that an error had occurred, and that the development team had been notified.

Other people were sending the link around in email to their friends. The HTTP_REFERRER in the error emails told us that. After all, when the referring URL is a yahoo or hotmail mailbox, it's clear what happened. And naturally, those people weren't getting the product key either.

So what's the point of all of this? I guess it's that people are greedy beyond belief. The product we were offering on our site was essentially free, the only real requirement was that the person taking advantage of the offer had to provide contact information. They even had the opportunity to opt out of future contact.

Even so, hundreds of thousands of people wanted something for even less than that, and so they tried to obtain the product without even giving our client the contact information. The Office Download site has been offline now for more than a year, and yet it still receives hits from people trying to get something for nothing.

The fundamental dishonesty of people never ceases to amaze me.

This linkfest is for the 13th of November, 2007.

If you have something interesting you'd like to share, feel free to link it here and leave a trackback.

Just remember the trackback policy.

Get the code for this blogroll Open Trackback Alliance

For the best exposure, go to the blogger's oasis and use the linkfest chooser to choose the posts you'd like to hook up with.

Linkfest Haven, the Blogger's Oasis

Trackback URI for this post: http://perrinelson.com/track.aspx?postid=1070
Permalink URI for this post: http://perrinelson.com/2007/11/13/1070.aspx

Conservative Cat trackbacked with "It's All My Fault, and I'm Sorry"

On the front page of today's Drudge Report you can find the following little item about the upcoming Democrat debate. CNN's Wolf Blitzer has been warned not to focus Thursday's Dem debate on Hillary. 'This campaign is about issues, not...

Big Dogs Weblog trackbacked with "Why is the Media Good to Hillary?"

When a politician is named Clinton he can usually be assured of good press, or no press at all if there is something bad going on. The same press that can't wait to run to press with our nation's secrets is much more respecting of the wishes of the Cl...

CommonSenseAmerica trackbacked with "State of Georgia turns to God"

Out of answers and out of water, the Governor of Georgia, Sonny Perdue called for public prayer today to ask our Heavenly Father for much needed rain for his state. As Georgia descends deeper into drought, Gov. Sonny Perdue has ordered water restrictio...

universityupdate.com trackbacked with "The things people will do..."

Public Domain Clip Art trackbacked with "A Christmas Carol Charles Dickens"

A Christmas Carol in Prose, Being a Ghost Story of Christmas was first published in 1843. The story met with instant success, selling six thousand copies within a week. Originally written as a potboiler to enable Dickens to pay off a debt, the tale h...

Pirate's Cove trackbacked with "Those Wacky Iranians Get Their Gay On"

Yes, it seems that once again, the Iranians are telling us exactly what they believe. Will the Left listen, or just chalk it up to a misunderstand, as when Mahmoud said he wanted to wipe Israel off the map? Homosexuals deserve to be executed or torture...

Planck's Constant trackbacked with "The Arab Contribution to Civilization: Nothing Lately"

under Islam, Arabs have not advanced for the past one thousand years

123beta trackbacked with "Feel Good Story Of The Week"

Patrick Hughes was born blind and unable to walk. Yet, today, the determined young man 'marches' in the University of Louisville's marching band ...

Right Voices trackbacked with "U.S. prosecutors: Illegal immigrant worked for FBI, CIA, stole info"

And that’s not all: The sister-in-law of the indicted fugitive owner of the La Shish restaurant chain got sensitive jobs at the FBI and CIA, despite being an illegal immigrant, federal prosecutors said in court documents unsealed today in Detroit...

Planck's Constant trackbacked with "The Difference Between Jews and Muslims"

Therefore there should be prizes for innovative techniques for Sex with Goats, How to Molest female infants, the theory and practise of honor killing of wives and daughters and the efficient slaughtering of innocent infidels and even fellow Muslims.

Blue Star Chronicles trackbacked with "Now I Know Why I'm So Smart!!!!"

Good News!!! Curvy figures equal smarter women who have smarter children!! Now I know why Im so smart and so are my kids! ~~~ heh ~~~

Blue Star Chronicles trackbacked with "George Clooney Says Liberals Would Have Saved Sale"

The 40th anniversary issue of Rolling Stone interviewed several top actors on their political views. One of the interviewees was Meryl Streep who did the usual leftist rant about conservatives being Nazis.

Woman Honor Thyself trackbacked with "SaY NO to ThanksGivinG!"

Thanksgiving is a day to give thanks. Not to commemorate the atrocities committed by White Europeans. ...

THE MIDNIGHT SUN trackbacked with "DR EHRENFELD FIGHTS FOR 2ND AMENDMENT RIGHTS TOMORROW"

Is the U.K. beginning to become a key player in global law enforcement due to their E.U. sympathetic repressive justice system? Will Muslim-friendly law in the U.K. be able to reach citizens of other countries, like yours, for example? Dr Rachel Ehren...

THE MIDNIGHT SUN trackbacked with "INTERNET COMPANIES TARGET ANTI-JIHAD BLOG"

A campaign of harassment has been carried out against the excellent anti-jihadi blog, The Religion of Peace with the help of several internet companies. A shadowy character calling himself ‘Rev. Jim Sutter’ (a pseudonym) has lied, harassed...

Pirate's Cove trackbacked with "WTW: The War On Christmas Has Started Begins Early"

Good morning, infidels. Prophet Sallami Sallami Mohammed is in the house on this وهتي ترسه وإدنسداي (White Trash Wednesday.) Its been awhile since I made an appearence. Been doing some of that jihad stuff, working to convince your gull...

Big Dogs Weblog trackbacked with "The Unreported Crime of Illegal Immigration"

The City of San Francisco has decided to give ID cards to residents including those who are here ILLEGALLY. On Tuesday the Board of Supervisors voted to issue municipal ID cards to residents regardless of their immigration status. As with all these f...

Right Truth trackbacked with "Race to the Moon, Again."

No lofty statements by presidents or leaders of nations this time, but the race is on for the moon, again. From 1961 to 1969 the USSR and the United States were locked in a history-making race to land the first

Leaning Straight Up trackbacked with "2 post Veteran’s day stories"

First up is a story about a flag memorial for the fallen in Iraq.  The memorial was placed by an person who does not support the war, but wants to memorialize the troops fallen.   To those who preach that you cannot oppose the war a...

Adam's Blog trackbacked with "A Sneak Preview of Socialism"

Thoughts on Fred Thompson’s big endorsement and the next big fundraiser…Venezuela gets a preview of Socialism: people scrambling to get food…while the country’s enjoying an oil boom…Also the power of earmarks to influence ...
Subscribe to this entry's comment feed. (Atom)

Angel responded with:

dishonesty Perri?..ah yes...........disheartening aint it!:)

Comments to this entry are closed.

View Perri Nelson's profile on LinkedIn I'm a proud friend of Israel! Are you? Republican National Committee