'Glitch' or Hacker? Gay Titles Deep-Sixed at Amazon

Mark Probst, author of the gay-themed novel "Filly," said he received an e-mail from an Amazon member services employee, which he posted on his blog, that read: "In consideration of our entire customer base, we exclude 'adult' material from appearing in some searches and best seller lists. Since these lists are generated using sales ranks, adult materials must also be excluded from that feature."

The way in which a book becomes gets dubbed "inappropriate," however, is largely left to the site's users and is therefore susceptible to hacking, according to experts.

Though some authors saw their rankings disappear months ago, public outrage came to a boil over the weekend when Twitter users began alerting one another to missing ratings.

On Monday, just after outrage on the blogosphere reached a boil, a prominent hacker known as Weev claimed on his blog that he had harnessed the power of thousands of inadvertent computer users to flag books with gay descriptions as inappropriate, resulting in their sales rankings getting automatically removed.

On his blog, Weev wrote that by clicking the "report as inappropriate" button at the bottom of each page he was able to get rankings removed "with an insignificant number of votes."

Just a 'Glitch,' Says Amazon

First, he said he wrote a short code that would find books the site had tagged "gay" and "lesbian."

"From here, it was a matter of getting a lot of people to vote for the books," he blogged. Weev claimed he was helped by a friend at a high-traffic site who created an "invisible frame," which allowed users to inadvertently flag books when they were really visiting other unrelated sites. Weev said he "also hired third worlders [sic] to register accounts for me en masse" to target the site.

Weev's claims cannot be ignored, given his online prominence and a recent change to the Amazon Web site that removed the "report as inappropriate" feature. He was included in a New York Times Magazine article last year about "trolls," hackers whose primary goal is to make digital mischief on the Internet.

Weev's real identity was not revealed in the Times story and efforts to discover the person behind the blog were unsuccessful.

Without Amazon confirming if it was in fact hacked, it remains impossible to know for sure. But one computer security expert who examined the code Weev posted said it looked legit.

"It's extremely obvious that it should work," said Robert Graham, CEO of Errata Security, a consulting firm in Atlanta that works to protect computer systems.

"Cross site scripting in an endemic problem with Internet, and every major site is vulnerable, he said. "A post on one site causes something to happen on another site."

Weev, he said, was involved in 4chan, a group of anonymous hackers who "do this kind of thing."

By the end of the day Monday many books that had previously lost their rankings were showing them again, including works by James Baldwin and Gore Vidal.

"Many books have now been fixed and we're in the process of fixing the remainder as quickly as possible, and we intend to implement new measures to make this kind of accident less likely to occur in the future," Smith said in the e-mail.

-- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241. -- This embed didnt make it to copy for story id = 7327241.
Page
  • 1
  • |
  • 2
Join the Discussion
You are using an outdated version of Internet Explorer. Please click here to upgrade your browser in order to comment.
blog comments powered by Disqus
 
You Might Also Like...