Before there was Robert’); DROP TABLE Students;–, there was Laura’s blog.
A little background. Staying with me as a temporary roommate is my friend, Laura. We’ve known each other for 20 years. We met online. We were 2 girls in Georgia with similar likes and issues.
We were going down memory lane last night online. We found our old web pages we made from the early Aughts. We were just talking about the good times, when Laura mentioned her blog.
Oh Laura’s Blog, you still live on in the deep archives of the Internet. And Blogrolling.com, I still miss you.
What happened was, in the early Aughts, before Twitter, Facebook, and yes, MySpace, people had blogs like this one I have. There was this service, called Blogrolling.com. It was a website people used to have a centralized list of other blogs they recommended.
November 17, 2003 was the date the entire world using Blogrolling.com was hit by a bug. A critical bug that I happened to be the poor person to find. However, Laura took the brunt of the abuse.
I was editing my Blogroll that morning. I was modifying a link. At the time, you could embed some HTML into a link on Blogrolling. I was modifying the HTML on a link and Blogrolling went nuts on me. All of my Blogroll was of this one link. I went back to fix it, and I modified Laura’s link to her blog. It did the same thing. So, I sent in a request to Blogrolling help explaining what happened.
And then Laura left me a message saying she was getting a lot of e-mails and comments on her blog from other people for hacking Blogrolling. It was the main topic of the day. There was a MetaFilter discussion: Did Laura hack Blogrolling.com? WordPress wrote an entry about it: Blogrolling Hack Illustrates Need for Decentralization.
Here are some samples of what people were saying on that day:
Either Blogrolling.com is having serious technical difficulties, or it’s been hacked. Either would explain not being able to get to its homepage, and, instead, getting endless entries for “Laura’s Blog” in the blogroll. Not surprisingly, Laura’s Blog is slow to respond …
– Dave Does The Blog
It seems as tho Blogrolling got hacked. Everyone who has a blog roll using the service has had their roll(s) replaced with repetitive instances of “Laura’s Blog.” I am not even going to link to the site. This is pathetic. Now I have to recreate my blogroll. I know I won’t remember all of them. Maybe I should just forgo the service all together and go back to the old way of writing the HTML myself for my links list. After today it makes me think I should.
– Breaking Windows
It looks like Blogrolling has been hacked. Every entry in my blogroll is for some site called Laura’s Blog. Update: If you go to that site it looks like Laura herself is an innocent victim here. She hardly seems like some super hacker.
– Right-Thinking from the Left Coast
And our favorite one:
And then a funny thing happened; Blogrolling got hacked. All of their blogrolls pointed to Laura’s blog. Laura happens to be the sister of Dave, a friend of mine already listed in MY blogroll.
– Mostly Muppet
If only I could look up just “Laura’s Blog Blogrolling” on the Internet Archive at the moment. I’m sure there are some doozies there.
Laura ended up the most hate person in the blogosphere that day. People kept calling it a hack and wanted to harm the hacker. They wanted to harm Laura!
I was mortified. I was doing everything I could to let people know this was an honest mistake.
Finally, Jason, the owner of the site, left a comment on my blog at the time exonerating me:
You folks wanna yell at someone yell at me. There was a 1 in a million bug that Shawn found and screwed up the system. It was my fault for not plugging the hole and I apologize.
He had my e-mails, in the midst of 3,000 other angry e-mails, about the issue. I had explained to him what happened and the logs and back-end code backed my story. I had inadvertently found a defect in the Blogrolling system. Just happened to be a HUGE one. One all of the Internet saw that day.
In the 14 years since, I’ve gone on to get a degree in IT and work with SQL code all the time. Did so just today. Now, I don’t know what the issue was in original back-end code, but I remember my issue dealt with forgetting a \ when coding that HTML. Looking back on it now, what I have must have done was akin to a SQL injection. Basically, I had Robert’); DROP TABLE Students;– Blogrolling.com. This time, it just happened to change all links to Laura’s Blog. It was finally when I was in college learning about SQL did I realize what had happened.
So, all you SQL coders out there, sanitize your inputs in your system code before it’s put on the tables before you get another Laura’s Blog or Little Bobby Tables!