It's just a fun POC. It's not reliable, efficient or fast enough to be something you'd use daily. I imagine it would be quite easy to filter out (and revoke API keys) if something like this started becoming popular.
...does it benefit Yahoo in any way, if you exploit a currently open loophole to store data that is not an image? No.
Why are you so mean?
It's a dick move because it takes advantage of their systems to do things they clearly don't want you doing.
Any other reading of the situation is based on fantasy.
>Any other reading of the situation is based on fantasy.
Not necessarily. It is possible that Yahoo engineers may actually be amused and supportive of the way their service was remixed.
Except it costs engineering time to fight back against this attack.
Then, someone starts putting the file into the RGB channels.
Then, it costs engineering time to fight back.
Then, someone starts putting the file into the low-order bits... which happens to make the file compress terribly, compared to a normal PNG.
Then, it costs engineering time to fight back.
Second ... you're characterizing it as an "attack"... really? The people who'll try to use it would be people who just want some cheap cloud-storage. And as I said before, they should use at their own risk, else they may wake-up one day and find their account is banned, and the terabyte of data they uploaded (which takes a non-trivial amount of time) will be gone, along with their yahoo mail and anything else yahoo was hosting for them.
Seriously, why the stick up your ass?
I've supported similar services, and people who think they're being clever, to exploit my FREE SERVICE to do things it was never intended to do, really piss me off.
Here's an idea: ASK.
Hey, Flickr, a free TB is awesome! Mind if we store arbitrary files on it?
Yes, it's an attack. It's a classic predator-prey relationship. When you proposed that they prey could exert energy to defend the service, you were merely describing the next single step in that relationship.
> The people who'll try to use it would be people who just want some cheap cloud-storage.
...and they won't pay, and they don't care who they hurt.
Would you defend them, if they each made 100 Flickr accounts, just so they could get some more cheap cloud-storage? 1000? What if Amazon decided to implement their S3 storage on top of this free Flickr storage?
Is your argument that there's nothing inherently wrong with exploiting people who offer you something... only if you REALLY, REALLY exploit it?
How is this a dick move? Get over yourself. They're valuing the company at $1.1 Billion. If you can actually drain any significant amount of their resources then sure it's a dick move, but crazy impressive.
Besides, you really think Yahoo! would be so upset that hackers are using their site for a public CDN? Sure they might make a big fuss, but they probably would think it's cool too. Afterall, flickr started as an online game. Who's to say they won't pivot again?
Further, as much as anyone wants to complain about the downfall of hacker news quality, this has made me more cynical than anyone's nit or snark or trolling.
Flickr also only allows photos, illustrations and screenshots. (and video). Nothing else.
These terms are not spelled out in the ToS but in their community guidelines and faq
There are plenty of examples of people having their accounts closed for not following these rules.
Flickr != Tumblr
Doesn't mean your account won't get suspended. I'm sure the TOS has a "we can do whatever we want to your account" clause somewhere in there.
I'd be interesting in the (computational) detection for that. Of course, if you just encode/decode it, Yahoo could do the same.
If you encrypt the data, they could just check to see how high the entropy is. If it's higher than what's plausible for a real photograph, they'd delete it. (using ent )
Else, you could use good ole stenography. In researching this response I came across the term Steganalysis. Pretty interesting!
Stores versioned files by encoding them in the lower order bits of PNGs in a Flickr set.
Example stored file: http://www.flickr.com/photos/simonwistow/sets/72057594097765...
'Next month we are going to transform all our utf-8 fields into utf-32 and we are going to add some padding to your data, for analytics'.
You would have to cope with that.
Which, honestly, would be a lot of a mess. Distributed mess, also. Something like the proverbial fan & sh*t thing.
Now if someone takes it one step further and creates a Site44 for Flickr: http://www.site44.com/ — we'll truly have it all.
I figured this would happen eventually, obviously yahoo will spend a considerable amount of time trying to detect this and remove it...