digg

Facebook Connect Join Digg About

NETSCAPE HACKED!!!!!

netscape.com I don't know how long it'll be up, but it looks like some crafty diggers had some fun with Netscape's ripoff of Digg. There is a Javascript alert that comes up with a four letter expletive followed by a note that shouts out to all the diggers out there. Note that the URL linked to this story should be www.netscape.com!

Who dugg this? Made popular Jul 26, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

94 Comments

show profanity settings
expand all
  • eplawless, on 10/12/2007, -1/+49I mean, it's not like I did anything illegal. I just submitted a story. It's not my fault that there is a cross site scripting vulnerability; my story should never have been able to go through. I even sent them five messages about it over the past week, which they ignored, and posted a couple news items about it, which they deleted, before I decided to submit the cuteness story. A friend provided the text for the alerts. I apologize that this has gotten out of hand, but they have had ample warning. I mean, AMPLE warning: http://packetstormsecurity.org/0606-exploits/netscapeXSS.txt
  • mrASSMAN, on 10/12/2007, -1/+37I have to ask.. what were you doing at netscape anyway?
  • deanlowe, on 10/12/2007, -1/+17Netscape users actually voted you to the front page? That's awesome!
  • jetsetsteve, on 10/12/2007, -1/+16Note that I couldn't use http://netscape.com as the URL to the story since the Digg submission system detected that URL in use by another story...
  • slimc9999, on 10/12/2007, -0/+12Probably the most traffic netscape's got since it digg'ized.
  • ptrcd003, on 10/12/2007, -0/+11Yeah, all five of them
  • tysonhy, on 10/12/2007, -0/+10LOL... That's awesome! I would like to know who did this.
  • mrASSMAN, on 10/12/2007, -1/+10That's awesome.. you just put the code in the submission, and due to netscape (AOL) habit of ignoring customer feedback, the story makes it to the front page and humiliates them. You rule.
  • cfitz, on 10/12/2007, -1/+9www.tomorrowscoffee.com/netscape1.png
    www.tomorrowscoffee.com/netscape2.png

    Some pictures unless it's taken down.

    +cfitz
  • edwilde, on 10/12/2007, -0/+8First time I have been to the netscape homepage since it digg'ized. I hope the design was hacked too...surely it doesnt always look this bad?!
  • jetsetsteve, on 10/12/2007, -0/+7The other story was from 30 days ago, not about this hacked site right at this moment.
  • mrASSMAN, on 10/12/2007, -3/+10"Defacing websites is silly, stupid and childish." ..and also very satisfying.
  • skwashd, on 10/12/2007, -0/+7It hasn't been "hacked" - someone has taken advantage of lax validation/sanitising of input data. The javascript alerts come from the story titled - "Unbearable Cuteness" it seems that someone included "><script ... in the story url.

    It could have been a lot worse for Netscape, someone could have exploited the vulnerability to conduct a XSS attack against Netscape users. Did anyone do a security audit before launching the site?

    Lets wait and see how long it takes Netscape to pull the story and hack in a fix
  • Joose, on 10/12/2007, -0/+7You did this didn't ya?
  • shikaga, on 10/12/2007, -0/+6So would netscape, I am sure
  • mrASSMAN, on 10/12/2007, -3/+9Calm down man.. did you bring your inhaler?

    just kidding, but really, the apocalypse isn't coming until next year. don't worry.
  • mrASSMAN, on 10/12/2007, -0/+6The digger responsible for this already admitted to it: http://digg.com/tech_news/NETSCAPE_HACKED#c2454491
  • octopi, on 10/12/2007, -1/+7i meant http://digg.com/tech_news/Photo_proof_of_diggers_hacking_netscape_com
  • sapo916, on 10/12/2007, -1/+6Digg is responsible for its users? This isn't a Babysitting service...
  • rodrigo74, on 10/12/2007, -0/+5That could be avoided with a couple of lines by a programmer at Netscape, so the thing wouldn't last long.
  • coldradio, on 10/12/2007, -3/+8you know what else would be good to do

    flood netscape with a bunch of stories, but have all the stories that are sent in link to the digg story about the same story.

    forced piggybacking
  • jetsetsteve, on 10/12/2007, -1/+6Someone posted a screenshot: http://www.flickr.com/photos/karmagrrrl/198698314/
  • inactive, on 10/12/2007, -3/+8*****.
    Its funny!
  • mrASSMAN, on 10/12/2007, -1/+6Kevin did it.
  • rodrigo74, on 10/12/2007, -0/+4It's gone already.
  • JasonL, on 10/12/2007, -1/+5heh, it would be so funny for someone to put inject a window.location='http://digg.com'; :)
  • yoja, on 10/12/2007, -2/+6The war has begun!!
  • octopi, on 10/12/2007, -2/+6Digg this for screenshots before this goes away or go here for them.

    And to this being "silly" or "stupid," I think shikaga nailed it on the head in his complaint. This is a "geek" news place, or "tech" news, I prefer. And how do geeks/techies respond to blantant ripoffs and jabs at their reputation? Hacking is a way.
  • dunnduggit, on 10/12/2007, -0/+3Is it the 2 at the end that makes it better?
  • deanlowe, on 10/12/2007, -2/+5Who here thinks Jason did this to milk more attention for Netscape?
  • dylanrjones, on 10/12/2007, -3/+6The 'a' is silent. Learn your nerdspeak!
  • B0SS, on 10/12/2007, -0/+3*cheers everyone* so first they copy digg.. now they like declare war on digg.com.. Netscape is gay.. well done for those who did it :)
  • 3recurring, on 10/12/2007, -1/+3F-Secure just posted about this on their blog...

    http://www.f-secure.com/weblog/archives/archive-072006.html#00000927
  • kimzor, on 10/12/2007, -0/+2HAHAH Awesome!
  • inactive, on 10/12/2007, -2/+4And its not 'netscape', its 'netscrape'.
  • MrSunshine, on 10/12/2007, -0/+2> and how?

    With the knife in the library.
  • Phantom76, on 10/12/2007, -0/+2The only way you can drive some traffic to netscape.com these days is to feature it on the front page of digg.
  • inactive, on 10/12/2007, -0/+2Looks like they have the problem fixed.

    Oh well. It was amusing while it lasted!!
  • Cannon13, on 10/12/2007, -0/+2http://news.netscape.com
    Wasn't me, just posting it.
  • EBFoxbat, on 10/12/2007, -0/+2Netscape pawned. I love it.
  • akira117, on 10/12/2007, -0/+2Not really a war......more like everyone laughing at Netscape for their lack of ideas.
  • sapo916, on 10/12/2007, -1/+3Good to know you bought a domain for a site that no one will visit, why comment there when we have the almighty digg site to use.
  • rodrigo74, on 10/12/2007, -1/+3I hope the coders @ digg.com are smart enough to have some basic cross-scripting blocking in place already (I guess they do)
  • jaken, on 10/12/2007, -5/+7HAHAHAHAHAHA
    HAHAHAHAHAHA
    HAHAHAHAHAHAH
    HAHAHAHAHHA

    Begun the clone war has!!
  • mrASSMAN, on 10/12/2007, -1/+3that's actually a pretty hilarious idea.. hmmm...
  • systemghost, on 10/12/2007, -0/+2Yep, they fixed it. Made for an amusingly simple exploit and in hand, one hell of a pathetic bug.
  • akira117, on 10/12/2007, -0/+1Not many people use Netscape, plain and simple......
  • jromz03, on 10/12/2007, -0/+1"four letter expletive"

    Oh I know!

    DIGG!

    I kid, I kid.
  • iNoles, on 10/12/2007, -0/+1http://search.netscape.com/ns/search?query=%3Cscript%3Ealert(%22MajorSecurity%22)%3C/script%3E

    Thanks to Firefox urlencode by default...
  • hudef, on 10/12/2007, -0/+1It's interesting to compare the comments about this hacking event on both websites. But act quick because it looks like Netscape is pulling the postings about this hack off it's site, one by one.
  • Fetching more discussions...
    Show 51 - 95 of 95 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.