AmazonFail

[nostrademons]

So, weev has claimed responsibility for #amazonfail. Clever - he managed to cause massive havoc with about ten lines of code and the cooperation of a few webmasters. I've used similar attacks for more innocuous purposes (eg. I created a page that auto-upvotes itself on Reddit when you visit it), so his method is certainly plausible. Never attribute

Comments

[chinawolf]

So after having seen the code, you believe them?

[nostrademons]

I think it's plausible. I don't think there's any way we could conclusively say "Yes, this guy did it" - plus, it'd be just like him to meta-troll by claiming responsibility for something he didn't do. But the method makes perfect sense, there're known XSRF holes in Amazon.com, he's in a position to have lots of top-1000 webmaster friends, and the shell scripts he used to grab the IDs are basically how I would've done it.

It's certainly a more likely explanation than Amazon.com suddenly deciding to piss off a big segment of their customer base with a completely arbitrary change.