

Photobucket Replaced My CEO's Email Signature With a Sleeping Cat - danieljurek

Best practices aside (like NEVER host email images from a 3rd party), this would be hilarious if we weren&#x27;t trending on AngelList. :P<p>My CEO, Brian, uses a picture of himself in his email. The image is hosted here: 
http:&#x2F;&#x2F;i49.tinypic.com&#x2F;2uol63m.png
(tinypic is a Photobucket company)<p>Looks lively, attentive, and friendly... right?<p>Gmail image cache of the image returns a cat: 
https:&#x2F;&#x2F;ci6.googleusercontent.com&#x2F;proxy&#x2F;se_iEEzdxzy1wRbMk8xXJhM7C7jqp2RyINhqPoq8Ybbn4P6yi0FqdB9RXMq-iat9ut2pNofWz7o=s0-d-e1-ft#http:&#x2F;&#x2F;i49.tinypic.com&#x2F;2uol63m.png<p>Not the same person...<p>Now Brian&#x27;s emails (including emails to investors and all previous emails he&#x27;s sent) contain a cat sleeping on a couch instead of a goofy smiling face.<p>Dig into the guts of the problem: When you visit the image (http:&#x2F;&#x2F;i49.tinypic.com&#x2F;2uol63m.png) with a browser, you get Brian&#x27;s smiling face. Download the same image with wget and you get a sleeping cat! Looks like Photobucket&#x2F;tinypic is changing what they return based on headers and Gmail image cache doesn&#x27;t send the same headers as my browser.<p>IT GETS WORSE!!!!<p>Another image in Brian&#x27;s email signature (which used to look like his name signed in cursive), has ALSO been replaced with a selfie containing quite a bit of cleavage!<p>Lesson learned: those &quot;unique&quot; image file name hashes are actually recyclable!
======
patio11
This sounds like an attempt by Photobucket to avoid people abusing their
system in an automated fashion to build scraping sites -- if you get a
psuedorandom photo from their collection every time you use an agent other
than a common browser, that thwarts people's intentions but doesn't raise any
obvious flags until they put a human in the loop. (You can, of course,
circumvent this by having your wget say "No, I'm Chrome! Honest!" or using a
headless chrome instance, but simple tripwires like this cut down script
kiddies by 90%+ in some circumstances.)

This happens to interact quirkily with your boss' decision to use PhotoBucket
as a CDN for his email and Google's recent implementation of the Gmail image
caching feature.

~~~
danieljurek
That would be a pretty awesome way to troll scrapers!

We've had Gmail image caching turned on for a while and these images just
started showing up like this today... it seems like Photobucket/tinypic just
swapped the images out from under us a couple hours ago. Brian has been
sending emails with these images for at least a year.

Also, I feel slightly responsible for not enforcing good practices... never
occurred to me to investigate how he was putting those images in his emails.

In other amusing news, I want to check this out without Google image
caching... but first need to sign up for a non-google hosted email address
since I forgot the password to my Yahoo mail account from all those years
back.

Update:: I used a disposable email box that doesn't do Gmail image caching,
we're getting the same results:

[https://www.dropbox.com/s/arzmt2kcpqovrnd/Screenshot%202014-...](https://www.dropbox.com/s/arzmt2kcpqovrnd/Screenshot%202014-01-09%2020.32.20.png)

------
Brian_Curliss
If anyone has any idea how we can fix this, I'd love to not have to explain to
all the investors/customers why I am messaging them pictures of cleavage..

~~~
patio11
Hiya $FOO,

Just dropping you a quick note to apologize for the image attachments in my
earlier email. Due to a bug with some third party software, you might have
gotten someone else's image attached in lieu of my signature. I'm told some
people saw some images which weren't appropriate in a professional context.
Sorry if that happened to you, too.

We've taken steps to prevent this in the future. If you're interested in the
full details see $URL.

Startups, what an adventure right? Anyhow, would still love to chat about
$REDIRECT_THE_TOPIC if you've got a minute. $CLOSE

Regards,

$YOU

------
k3oni
I can't find the link to his signed name, i think you forgot to add it :).

Anyway, maybe use this link
[http://oi49.tinypic.com/2uol63m.jpg](http://oi49.tinypic.com/2uol63m.jpg) .
Just tried it using wget and i get his pic.

Edit: Just tried wget on the original link and i get his pic fine, not the
cat. This is using wget form a Centos 6+ server.

~~~
danieljurek
I left out the cleavage image because it behaves slightly differently..

wget results:: When requesting the JPG, you get boobs:
[http://i50.tinypic.com/1ddlg.jpg](http://i50.tinypic.com/1ddlg.jpg)

When requesting the PNG you get the signature:
[http://i50.tinypic.com/1ddlg.png](http://i50.tinypic.com/1ddlg.png)

The real problem is that all previous emails sent now display cleavage and a
cat (arguably two of the more popular things on the internet) instead of the
correct signature images we had before we went to dinner. We can fix emails
moving forward, but it's hard to take emails back.

~~~
jackgolding
png just gave me boobs NSFW :(

~~~
danieljurek
Sorry. Everyone should be careful with these. I can't control tinypic... no
idea what they'll return under any circumstances.

~~~
jackgolding
No worries, no harm done mate!

------
danieljurek
Update: The images APPEAR to have flipped back to normal somehow... I'm having
Brian put his images on a server we control from now on (just in case it
happens again). So hopefully we don't risk offending our
partners/customers/investors again. This has been an amusing 16 hours.

------
tvtime15
That cat ISN'T Brian!?

~~~
danieljurek
I used stack things around him while he's sleeping (before we finally got
separate bedrooms)... but he doesn't normally look THAT catlike.

------
mikedmerrill
What the? Why is that?

