http://simonwillison.net/2009-04-14T08:32:40+00:00Simon Willison2009-04-14T08:32:40+00:002009-04-14T08:32:40+00:00https://simonwillison.net/2009/Apr/14/amazon/#atom-tag

<p><strong><a href="http://www.pcworld.com/businesscenter/article/163042/amazon_says_listing_problem_was_an_error_not_a_hack.html">Amazon Says Listing Problem Was an Error, Not a Hack</a></strong></p> “A friend within the company told him that someone working on Amazon’s French site mistagged a number of keyword categories, including the ’Gay and Lesbian’ category, as pornographic, using what’s known internally as the Browse Nodes tool. Soon the mistake affected Amazon sites worldwide.” <p><small></small>Via <a href="http://simonwillison.net/2009/Apr/13/amazonfail/#c44124">Chris Shiflett</a></small></p> <p>Tags: <a href="https://simonwillison.net/tags/amazon">amazon</a>, <a href="https://simonwillison.net/tags/amazonfail">amazonfail</a>, <a href="https://simonwillison.net/tags/csrf">csrf</a>, <a href="https://simonwillison.net/tags/security">security</a></p>

2009-04-13T19:48:53+00:002009-04-13T19:48:53+00:00https://simonwillison.net/2009/Apr/13/amazonfail/#atom-tag

<p><strong><a href="http://community.livejournal.com/brutal_honesty/3168992.html">How to cause moral outrage from the entire Internet in ten lines of code</a></strong></p> Looks legit—the author claims to have sparked this weekend’s #amazonfail moral outrage (where Amazon where accused of removing Gay and Lesbian books from their best seller rankings) by exploiting a CSRF hole in Amazon’s “report as inappropriate” feature to trigger automatic takedowns. EDIT: His claim is disputed elsewhere (see comments) <p>Tags: <a href="https://simonwillison.net/tags/amazon">amazon</a>, <a href="https://simonwillison.net/tags/amazonfail">amazonfail</a>, <a href="https://simonwillison.net/tags/csrf">csrf</a>, <a href="https://simonwillison.net/tags/prdisaster">prdisaster</a>, <a href="https://simonwillison.net/tags/security">security</a></p>