Is there a list of the porn sites responsible? Give us that list and we'll DDoS the fucking bastards off the web!

Considering Perl's claim to be the securest form of web programming, this incident doesn't make them look good. Incidentally Google's cache of perl.com still contains the grepblogs stuff at the time of posting this.

The same old shit banner is served by off site company, domain is sold to porn site, porn site ends up where it doesn't belong for a few days. @BKB what does this have to do with Perl at all, try to understand what happened it may happen to you some day. BTW was the porn any good it's just that you know a porn link site might not be the last thing on earth a Perl programmer was looking for just a thought this might be good targeted advertising.

Well that's a shed load of porn sites about to be erased from the net then. Honestly, you don't fuck with the type of lads and lassie using those sites. They are a 100,000 strong vigilante gang, they are tooled up with DDoS nukes and they just might not have anything better to do right now.

If only we could harness their powers for good......

1) @ Dan Goodin:

----quote----

Perl is a popular program among sysadmins, web developers and network programmers. It borrows liberally from languages including C, shell scripting and AWK.

----end quote----

uh was this really necessary? Felt like I was reading an article at cnet. At least you could've thrown [ed we probably should tell them what Perl is] or something so it doesn't look like you think that the average Reg reader needs to know what Perl is.

2) @ By yeah, right

Um, so the way you browse, you couldn't use google maps? You almost had me convinced, but sorry can't limit my browsing that much.

Paris icon because she does know what a Perl Necklace is.

Be careful. At least, here in NY, the Russian Mob controls most of the porn/sex stuff.

Nasty bunch. They know more about DDoS than just about anyone. They also have novel ways of using common garden tools...

As I recall PERL stands for Pathologically Eclectic Rubbish Lister!!

... was that the ads on perl.com were being served by a PHP application (phpAdsNew)

Did some more digging about this late last night and it looks like (when you look at google caches) that the original owners of grepblogs.net (revenuedriver.com) were trying to sell the domain, and either sold it or just let it expire.

So the big question is has anyone talked to revenuedriver.com about the incident?

Jolyon

..."Firefox is getting more and more bloated and buggy with each release, and their bookmark manager sucks farts from dead goats (in 3.0 beta as well damnit)"...

So use Opera. No need to download all these sodding "extensions" to do simple things like blocking ads or JavaScript or iframes etc. etc. either for a site or globally - Its all inbuilt in opera, aloung with ither useful features likes notes, the ability to apply a custom CSS style to a page and a zoom function which actually *works* (allows you to zoom images and controls too, not just text).

Pity so few people use it - personally I've always rated Opera far above the likes of IE, FireFox (which is by no means bad, but I preferred "Phoenix" when it existed) and Safari.

Such is life.

(*Dons fire-retardant clothing and makes a hasty exit* I'm smelling the flames spouting from the nostrils of the hording fanboys already)

Well, do it right then; don't get caught. Otherwise, THEY sue you and YOU end up paying tens of thousands of $$ and some jail time...

RTFM for the quote about Perl being the securest form of web programming. Page 559 of the third edition of "Programming Perl" by Larry Wall et al, as follows: "... making a Perl CGI script more secure than one written in any language without taint checks. (Which as far as we know, is any language other than Perl.)"

Although the problem occurred because of Javascript rather than Perl, regardless of how the bug happened, this doesn't make them look good. If it was National Westminster Bank whose site this had happened to, people would be berating them for their incompetence or even withdrawing their money in a panic, but because it's those lovely Perl people, how dare anyone attack them, right? Just like we all have to say Larry Wall's jokes are funny, and look how lovely the emperor's new clothes are.

Sorry but that doesn't fly with me. Perl.com should be keeping their own house in order.

"Honestly, you don't fuck with the type of lads and lassie using those sites."

Scary!

- "Oooh, the Perl guys are mad at me... I'm so scared! Oooooh, the Germans... Uh oh..."

- "'Stop it, Burns"

- "The Perl guys are coming after me... Oh, don't let the Perl guys come after me... Oh, the Perl guys are coming after me... No, they're so big and strong... Protect me from the Perl guys! The Perl guys!"

Logic isn't your strong point, is it mate?

1. Perl.com is run by O'Reilly, not Larry Wall or Perl (whomever that is? Do you know C# personally as well?!)

2. Taint mode prevents a script writing to disk - nothing to do with 3rd party Javascript redirects.

3. This was a network problem, not a programming error. Heard of DNS and domain purchasing? The world wide web??

4. Perl hasn't got anyone's money, it's open source. It's not a bank, and why would a bank run 3rd party adverts? Should perl.com get you to log in to see the home page as well?? Perhaps all websites should all add in extra security because they're not banks too...

Hope that helps clear things up for you.

"Though, from the second paragraph, I suspect even if Perl.com had been running on IIS, written in C# talking to a SQL Server back end, you'd still say it was somehow the Perl community's fault."

You are absolutely right, Steve P. If Perl.com was run entirely on Microsoft software instead of Perl, I would say it reflected extremely badly on the Perl people, yes. A little bit like those Linux / Apache servers which Microsoft was alleged to be using at one time. So hats off to you, Sir, for your insightfulness.

Anyway, I should have thought that it would be possible to write a Perl script to check that one's web page hasn't been hijacked by rogue Javascript, too. Perhaps the people at Perl.com are too busy with other activities.

As for iain's remark about Perl.com not having anyone's money, exactly how many copies of Perl related books has O'Reilly sold? I believe that Larry Wall was once a full-time employee of theirs, so they must have a few quid knocking about somewhere.

P.S. as far as I know, taint mode doesn't have anything to do with writing things to discs: what it does is stick a little "taint" sticker on incoming text which has to be removed by using a regular expression match on the text. This is to catch any kind of illegal CGI input, etc.

"Um, so the way you browse, you couldn't use google maps? You almost had me convinced, but sorry can't limit my browsing that much."

With noscript you can allow scripts to run by domain, or can temp allow scripts by domain for 1 session.

so add "maps.google.com" (or .co.uk or whatever) to your allow list and your sorted.

:)

Whether the cause of the issue is related to perl or not is irrelevant in the management (and similar) worlds.

If your company is considering what languages to use for a new website, then the management are likely to type "perl" into google (or similar). Now since they are a company, and not interested in free stuff, they're going to go to the second site that shows up - perl.com - rather than perl.org, especially with a description of "Perl.com: The Source for Perl -- perl development, conferences".

Said manager suddenly gets popups of porn. They're either going to say "YAY, go for it!" or they're going to decide to go with a.n.other language.

So yes, it will reflect badly on "the perl community", regardless of whether that is fair or not.

PS. Apologies for the bad subject line, it's supposed to almost be perl for "to all the people that posted to BKB".

its markup - dont force me to find you and slap you into sense

As the academics pointedly (and pedantically) state:

"HTML is a DECLARATIVE LANGUAGE."

They sure think it's code.

However, they could probably use some sense slapped into them anyway, so how's Saturday night for you at Oxford? They don't get out much during the weekend, so you'll find most of them at home then.

Don't forget the taint!

[/Stewie Griffin]

Your coping a lot of flak but you have a point. As usual a lot of el reg readers are forgetting that not everybody is a knowledgeable as us

Assume I was just starting out in programming and somebody mentioned PERL to me. I think that sounds interesting so I go to PERL.com. I then get a whole bunch of p0rn links and popups.

Getting that from an official site isn't going to do much for my opinion of the language.

Or vinager shot (the most sublime experience in human existence), Pearl Jam and the rest - I would have thought that it was an obscure joke. (And yes, when I heard of PERL, I thought Necklace.) - I'm still surprised that no-one else around me has heard of the expression....

Paris because (you need to ask ?)