Log in

No account? Create an account

Previous Entry | Next Entry

#Amazonfail? No, #hackershit

OK, I had a feeling that this was someone making policy by program - ie using the software that drives the site and the searches to de-rank GLBT content by tag or keyword. IOTW, a scripted attack, either from inside or, more likely, outside.

Amazon is not anti GLBT. The attack could just as easily been against books on meat (ala PETA) - raising, slaughtering, cooking, etc.

Amazon runs a huge site. So huge that different 'stores' are run by different groups. They employ over 75 people just to handle its search functions. Think about that. Think about how many thousands of servers they have.

From what I've read, apparently the had an experimental thing to allow stuff to be de-ranked as adult if it got over a certain number of "complaints". This, to anyone familiar with the mail-bombing habits of the religious right, is a recipe for disaster (as we discovered with LJ's own Strikethrough.

But the fundies didn't do it - I watch them, subscribe to some of their mailing list filth (seriously, it makes me feel slimed to read it.)

Somebody with some unix and apache knowledge, and a hate on for gays did. Clumsily, in fact. He, or they (if more than one loser who couldn't get a date was involved), started back in February, with just one or two titles - probably to figure out the threshold of complaints that would get something de-ranked. Then they'd have to figure out how to crawl the site for keywords, and enlist machine capable of running a shell script to make the complaints.

They couldn't use Windows attacks, because big ecommerce sites don't run on Windows (too unstable). The big sites have to use Unix/Linux/BSD, with a ton of load balancing, replication, and fault tolerance. So it took longer, because Linux bots nets just aren't there. They needed friends to help - and that will be their undoing.

Yes, it could have been an inside job, but I don't think anyone in their right mind working for Amazon or its subsidiaries would be dumb enough to torpedo their entire career to get books de-ranked.

You see, Amazon, and its wholly owned subsidiaries, *IS* gay friendly. I ought to know, because I used to work for one of the subsidiaries. It has domestic partner benefits, both at the subsidiaries in California and for the main corporation in Seattle (and elsewhere). No one batted an eyelash when I registered my partner for benefits. I was out at work, and no one ever even got upset. I brought my partner to company picnics and holiday dinners!

They don't much like religion pushers in the corporate culture, either. You see, they want to sell you whatever you want to buy. Seriously, they want to have the biggest, most searchable catalog of stuff that you can imagine. Yeah, they try not to put non-"family friendly" stuff on the main page, but other than that, you can get pretty much anything that is legal to sell in your country. They don't sell alcohol, tobacco, or firearms in the US because of regulation on interstate sale of those items. (You can buy wine vinegar, but not wine.) But they will ship you a dildo or a but plug plus porn videos, with Prime, in an opaque wrapper.

This was targeted on a holiday weekend, when a lot of people were assumed to be out of the office either for Easter or Passover. Believe me, though, there are people working frantically to fix the error in the algorithm, and I'm sure that Bezos has yelled at more than a few people.

Amazon does not like being gamed, whether by hackers, DDOS, merchants, or groups with an agenda. They will be looking at logs, and IP addresses, and then they will call in the FBI.

Yes, you may link to this.



( 6 comments — Leave a comment )
Apr. 13th, 2009 09:59 pm (UTC)
Just musing...what if this was Conficker's real payload?
Apr. 13th, 2009 10:03 pm (UTC)
Conficker is Windows, so I doubt it.
Apr. 14th, 2009 12:06 am (UTC)
Thnak you for this. I am going to be pointing several people towards this.
Apr. 14th, 2009 01:54 am (UTC)
Thank you. (wandered here from Get_Medieval. I must admit your explanation made a good deal of sense.
Apr. 14th, 2009 06:08 am (UTC)
I believe Amazon is gay friendly. I also believe Amazon, like many large corporations, is perfectly willing to sideline huge categories of people if it improves their market share. Pro-gay-people is not the same as pro-gay-content-in-books.

The most recent quasi-explanation involves a French coder who mixed up the concepts "adult" and "erotica" and "sexuality," accidentally tagging thousands of books-about-sex in with books-too-explicit-for-searches. Which really doesn't explain how "Heather Has Two Mommies" got in the mix.

I think this post has one of the best possible real explanations: coding fuckup, followed by massive customer service fail.

For which they get no sympathy whatsoever. Their CS policies are their problem; their code scrambles, ditto. If their unwillingness to be transparent in their business practices leads to both customer and client paranoia... well, that's what they get for trying to pull "trust us; we know better" on people who actually understand how databases and code works.

And knowing some of their other deceitful practices, especially in regards to ebooks and POD, I'm utterly disinclined to cut them any slack for this. If they want to push themselves as THE BEST AND POSSIBLY ONLY online source for books... they get to deal with the fallout when they "accidentally" slight thousands of authors.

I sincerely hope someone sues them for fraud. Or tries to, and gets told "we have the right to list your book anyway we want, or pull it from the listings, with no warning, for any reason or whim"--in a legal setting that allows the quote to be bounced all over the web.
Apr. 14th, 2009 07:11 am (UTC)
De-Ranking any books doesn't increase their market share. They want the biggest catalog of stuff to sell you they can get. No, they're not likely to bend over for fundies wanting to supress gay stuff. Bezos would say "Only if we get to delist your stuff at someone else's request."

I figured it was either a denial of service type thing, or a coding error. More likely a coding error. I know the people who code some of this stuff. They sometimes are a little full of themselves, and neglect to think it through. Some don't grok the difference between testing and production, and think that if the code doesn't crash, it's good for prod.

Customer service fail is easy to believe. The most junior people work the holiday weekends. They don't put pagers on managers.

But there will be blowback about this internally. Trust me, Bezos does not like any interruption of service, period, which this was. Managers get called on the carpet if shit happens. His annual compensation is dependent on making a profit.
( 6 comments — Leave a comment )

Latest Month

January 2019


Powered by LiveJournal.com
Designed by Lilia Ahner