REFRESHING SCREENSHOTS AT ALEXA.COM

SUNDAY, OCTOBER 5 2003 @ 11:25 AM

A couple of days ago, I found a feature on Alexa that allowed me to refresh the default screen-shot they display for my site. It only takes 48 hours and is a great thing. But, unlike contact information, it seems like changing the screen-shot contents is not so critical for them, since there is no need for authentication or confirmation via email. So, looking at the screen-shot of Macromedia's old site, I decided to try and refresh theirs too...

And voila! Today the screen-shot features the new look of Macromedia. But what is the big deal would you say. Well, although you can't alter the domain name, you can order a capture from any document at any path within the site. For example, it makes more sense to me to have a screen-shot of my blog rather than my 'main page', which is empty. But that's my personal choice. What is somebody decides to mess up with people's screen-shots by sending orders to capture non existent documents?

I already sent an email to Alexa's people regarding this. I just hope this won't become a big deal, and that Macromedia forgives my intrusion.

Archived under: Miscelanea. | Permalink | google | del.icio.us Is it delicious? | digg Do you digg it?


BRANDON

OCTOBER 6 2003 @ 10:43 AM

i would hope that your "proof of concept" is appreciated. when so much worse could happen they should definitely be thankful that this was brought to their attention. i did have a bad experience when checking sites for sql injection vulnerabilities (even though i didn't change anything - just proved that they were at risk) a couple of them were very pissed. of course the did use my info to fix their holes.

good luck

OSCAR TRELLES

OCTOBER 6 2003 @ 03:37 PM

Yeah, I don't think they would take it as a trangression, or they would have taken actions already. I'm yet to receive an answer from Alexa though.