Well-Known Blogs Hacked

This guy did send out warnings to a few different Webmasters last week. It wasn't talked about much, not publicly if I recall correctly... but it is now, anyway.

I'm thankfully nowhere near any kind of target compared to the folks who got hit to-day, and probably will never be.

One of the developers behind some of the tools I enjoy, Boogybonbon, has posted sites that were just attacked, some of which may not all be back up yet as of this writing.

What's interesting is the hacker says s/he wears a Gray Hat, in the split-personality way: keeps a legit day job but also claims to have an "evil alter ego" which pulled this stunt. Jeckyll-and-Hyde action. Cute, even if unoriginal. That's what our teens / 20somethings are all about though, aye?

Anyway, I've been kind of avoiding talking too much about the whole White Hat / Black Hat thing, or at least putting it off as long as possible, in here. It's not the most interesting thing to discuss, nor is it always the most pleasant or uncomplicated of issues... I see it this way:

1) Some SEOs push the envelope, which takes various forms and can have various downstream effects. Ethics has its place naturally (would you believe some spam profits go to charities?), but less subjective distinctions like risky/safe, easy/hard etc. hold the scene together more.

2) SEO in any form is no crime; true hacking is another matter. Disrupting people's business is way uncool. Sneaking or spamming links into someone's pages is one thing. Taking advantages of some vulnerabilities like that isn't playing nice but it is still technically fair game (even if hosts do shut SEOs down for it so they don't have to hear complaints from blog/guestbook owners). For examples, XSS exploits for link dumping are mischievous and embarrassing to Webmasters but don't fit my definition of hacking. Sending worms through databases that mine and/or crash tons of businesses hosting their sites on a server or network thereof definitely does. Truly defacing (i.e. for the general public to witness it), stealing and/or republishing information that's under copyright and/or other protections is obviously all illegal. Same for cybersquatting, falsifying registration information, domain hijacking, UBE, bots or worms that do anything without permission (altering files, unauthorized adware/spyware etc.), and DDOS attacks. When things go to any criminal areas it's well beyond Black Hat SEO. "Someone pushed me" or "I was bored" etc. are lame excuses. The industry has a larger image problem to think about that pros don't add to, because it's not fair that Black Hat hackers are so respected in security circles whereas Black Hat SEOs are so not in Web Marketing ones. Skills are skills. It's also unfair when people who misunderstand the industry write all SEOs off as troublemakers. On both sides, people should grow up and always keep some things on the down-low.

3) SEOs are always looking for attention in the sense that at the end of the day it's their job; all about getting links for the sites they're working on... Normally it's about getting attention on one's clients and/or project sites, not oneself. It's supposed to work like that, anyway.

4) Skirmishes like this happen, but they aren't the most exciting things that do and they're usually resolved / dealt with swiftly. Sometimes people leak info they're not supposed to and get themselves booted from communities, because it jeopardizes livelihoods. Sometimes someone threatens Webmasters with extortion which plays out one way or another, or not at all. Sometimes someone scrapes someone else's feed and then finds it turned back on them so as to crash their domain. Unpleasantness and/or stunts fizzle up on occasion. More eventful however are other kinds of moments, like when Google Images' adult content filter goes down for a whole weekend, or someone finds a hole in their PDA syndication system that goes unfixed for a whole month, or someone else finds that links (whole new pages, technically) can be created somewhere on highly engine-trusted domains like Harvard's.

5) Normally White Hats and Black Hats play nice. The best ones always do, and sometimes they're even in business together. Even when they're not they don't mess with each other. They keep it all professional and respect each other as peers over beers despite sharp contrasts in their philosophies and politics. By definition White Hats compete with each other whereas Black Hats compete with the engines. So they're all in the jungle, with some shared territory but very different animals and each with their own turfs that they instinctively keep to. Double-agents and/or team-switchers exist but are rare. WH / BH = Better Kharma / Better Cash is a pretty simple equation, so most of us stick to either one end of it or the other, absent special circumstances perhaps like "It's too hard" or "I've grown too poor" etc.

This latest little drama will pass. Kids to-day... Gotta love 'em. They're just like many of the rest of us were, only with better toys (so tread carefully).

Don't get too cocky my boy. No matter how good you are don't ever let them see you coming. That's the gaffe my friend. You gotta keep yourself small. Innocuous. Be the little guy. You know, the nerd... the leper... Look at me. Underestimated from day one. You'd never think I was a master of the universe, now would ya?

- John Milton, The Devil's Advocate

No Comments »


Based out of Northern California, bl.asphemo.us is a bl.og dedicated to the advocacy and study of high-impact, data driven marketing disciplines and related concerns: Analytics and Data Mining, Marketing Automation, Integrated Advertising (targeting, retargeting), Demand Generation and Lead Nurturing, Social Media / Social Engineering (Crowd-hacking) and the new PR, Privacy, Security, CRM, SEO / SEM, CRO, ROI... more TLAs (three letter acronyms) than any sane person's daily lexicon should include.

About the Preacher