lj_abuse didn't work out - Abuse of viewall [entries|archive|friends|userinfo]
lj_abuse didn't work out

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Abuse of viewall [Nov. 30th, 2004|02:31 pm]
Previous Entry Share Next Entry

abuse_lj_abuse

[johnbot]
I think we've all been led to believe that the "viewall" tool is given to a certain few people for the purposes of viewing protected/private entries in only the most extreme circumstances, such as finding contact info for a suspected suicide, or in the context of a serious complaint in which a certain post must be accessed for legitimate abuse research purposes.

That said, while everyone was busy making a private post in their journals with their contact info, for use in an emergency, I added an image bug to a private post in mine. Today, after a second post at DramaFiles regarding the abuse policy document, I logged two people accessing this file:



Host: 130.68.51.xxx
Http Code: 404 Date: Nov 30 17:14:26 Http Version: HTTP/1.1 Size in Bytes: 5
Referer: http://www.livejournal.com/users/johnbot/?viewall=1
Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/125.5.5 (KHTML, like Gecko) Safari/125.11

Host: 64.105.162.xxx
Http Code: 404 Date: Nov 30 17:17:02 Http Version: HTTP/1.1 Size in Bytes: 5
Referer: -
Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041111 Firefox/1.0 (Debian package 1.0-2)


Note that the first actually has the viewall URL in the referrer field. I tracked the IPs, and the first hails from Rahaeli's home state of New Jersey. The second is in Seattle.

I'm sure the posts have ticked off a few of the admins, and they have every right to be. But am I out of line to expect that, per the Abuse policy document itself, stuff that happens off-site would not be a legitimate reason to start invading my privacy? Surely the desire to find out who their mole might be would not outweigh the "rights" of an individual users.

Of course I know that they are free to do whatever they want, but in light of the claims we've all heard, I thought that people might want to be aware of this usage.
LinkReply

Comments:
[User Picture]From: e_richard
2004-11-30 10:52 pm (UTC)

(Link)

This is the first time I've heard of the viewall tool, but learning that it's being used in such a fashion is really disappointing.
[User Picture]From: johnbot
2004-11-30 10:58 pm (UTC)

(Link)

Bear in mind as well that they do not tell people when this happens--the only reason I found out is because I had set a trap for any unauthorized access. I have no idea how often they may be using this in the context of personal grudges or other such personal business, but I was startled that they actually did do it. I would have expected to be suspended before they'd actually go through private entries.
[User Picture]From: e_richard
2004-11-30 11:00 pm (UTC)

(Link)

It makes me wonder if I should start doing the same, though I'm sure I'm not eFamous enough. :P
From: pezstar
2004-11-30 11:02 pm (UTC)

(Link)

I'm a little... disgusted.

Absolutely nothing was done to violate the terms of service. At all. you received an email from a source. You posted the contents of that email on a third party website. That's... pretty much it. There's absolutely no cause WHATSOEVER for this to have ANYTHING to do with your LiveJournal account. And it certainly doesn't have anything to do with ANYTHING that would warrant using viewall, a tool that, in the words of LiveJournal employees themselves is used only in extreme situations, and is then logged.

Yep. It was logged alright.

[User Picture]From: leora
2004-11-30 11:41 pm (UTC)

(Link)

I'm not an employee, an abuse team member, or a lawyer, but it seems pretty clear somebody is responsible for a copyright violation.

Now I'm going back to staying out of it, as it's really not something I'm involved in.
[User Picture]From: jameth
2004-11-30 11:08 pm (UTC)

(Link)

hey i'm in seattle
i'll take credit for the viewing
[User Picture]From: pete_diddy
2004-11-30 11:53 pm (UTC)

(Link)

And I'm taking credit for the Jersey one.
[User Picture]From: jameth
2004-11-30 11:17 pm (UTC)

(Link)

p.s. NEWS FLASH:

IT ISN'T YOUR SITE, IT'S THEIR SITE, THEY CAN DO WHATEVER THEY WANT. i think there's a clause saying something along those lines in the TOS.

as for the viewall, this has been going on forever. people have been using image tags in private entries to track views for years. this is exactly why i don't write anything personal on livejournal and assume that anything i type can be read by everyone else

[User Picture]From: johnbot
2004-11-30 11:27 pm (UTC)

(Link)

Which is why, in the last paragraph of my post, I said "Of course I know that they are free to do whatever they want, but in light of the claims we've all heard, I thought that people might want to be aware of this usage."

I'm fully aware they can do whatever the hell they want. That's why I put the bug in that post to begin with. I am just sharing this news with the internet so that others can be aware of actual policy instead of what they claim is policy.
From: elgorgo
2004-11-30 11:25 pm (UTC)

(Link)

not surprised, i've been telling people this for years.
(Deleted comment)
[User Picture]From: johnbot
2004-11-30 11:28 pm (UTC)

(Link)

None, apparently. They closed my abuse request asking about it without a response.
[User Picture]From: e_richard
2004-11-30 11:36 pm (UTC)

(Link)

They did the same shit when I asked them why they erroneously prohibit Flash for security reasons when Flash, without JavaScript, is perfectly safe.
(no subject) - (Anonymous) Expand
(no subject) - (Anonymous) Expand
[User Picture]From: mcfnord
2004-12-01 07:28 am (UTC)

(Link)

THE KING DOES NOT NEED TO RESPOND!
From: cyns
2004-11-30 11:32 pm (UTC)

(Link)

Huh? I'm not an html geek. Maybe explain what viewall does and what the rest of that means for the not so leet internet people.
From: cyns
2004-11-30 11:33 pm (UTC)

(Link)

Nevermind about the viewall, but so what about the rest of stuff?
[User Picture]From: separated
2004-12-01 12:41 am (UTC)

(Link)

Oh, hello ethics
From: ketrien
2004-12-01 04:05 am (UTC)

(Link)

this plus fail-garauntee tables!
boyohboy!
man, just when you think the so-called powers that be might have gotten some clue...
ah well, this is what you get when you give little kids administrative rights on any system.
[User Picture]From: mcfnord
2004-12-01 06:18 am (UTC)

(Link)

This is circumvention of an access control device, in violation of the DMCA, right? Does the ToS specifically grant read-all access to any party? This sort of thing seems to jeopardize safe-harbor status. Yes I know it's part of an internal investigation. But you seem more like Woodward and Bernstein to me.
From: pezstar
2004-12-01 06:43 am (UTC)

(Link)

Enh, not so much. It's not as though we broke into someone's account to get it. It was sent to us, we removed reference to the person who sent it, and John posted it in the spirit of reporting and critique. The DMCA allows that.
[User Picture]From: mcfnord
2004-12-01 06:54 am (UTC)

(Link)

No, I mean the use of the read-all capacity. It circumvents the "private entry" mechanism.
[User Picture]From: killhamster
2004-12-01 07:26 am (UTC)

(Link)

i didn't get one
[User Picture]From: a1icey
2004-12-02 01:21 am (UTC)

(Link)

oh rahaeli. <3.
[User Picture]From: johnbot
2004-12-02 01:30 am (UTC)

(Link)

Rahaeli, a1icey leaked the document. There, I said it. It was a1icey. Please suspend her, thanks.

So how did you find this community? Did your daddy buy it, or did you call the internet and have it delivered?
From: hurbledurble
2004-12-02 05:30 pm (UTC)

(Link)

Yeah, I think I'm going to stop paying for lj.