Yep, certainly not Google.

So I recently posted about href="http://www.orkut.com/">Orkut, the new Friendster clone that people
are attributing to Google, but which I think is just the private
project of one Google employee.


A couple of people on #unix joined with fake names to take
a look around and generally get in the way. (One was Jesus Christ.)
To no-one’s surprise both were suspended, but it turns out that
their UIDs were both later reused for new users! As if this
weren’t enough — what if you suspend someone accidentally? — it
turns out their deletion doesn’t work deeply, and those new users
who inherited the suspended accounts’ UIDs also now have the
(offensive!) communities that the #unix guys created attached
permanently to their accounts!


Not a chance that this stuff is directly Google-run.


Also, I just checked the owner of the network that Orkut is located
on — it’s on the /28 Cogent has allocated to href="http://www.wunderground.com">Weather Underground, and not
in the /19 directly allocated to Google.


Even better: You can see in their href="http://uptime.netcraft.com/up/graph/?host=www.orkut.com">Netcraft
entry that the server, which now only returns “orkut”, originally
returned “Orkut’s Palace of Love”. Well, colour me disturbed.

Edit: Some other findings thanks to #unix:

 
  <cstone> fans, interestingly, are tied to username, not uid
  <cstone> when i created another account with my original username, 
                 i got 16 fans instantly

  <Mennonite> I already tested making new accounts with dodgeit
  <Mennonite> You can "recycle" the same invite URL over and over

  <cstone> i'm certainly not going to bother refriending 50 people again
  <cstone> when they reset it briefly all of that state was lost in the 
                 account i took back [from the reused UID]

  <mr_bill> BOFH community (-6 members)

And cstone still has a session open as the UID that was deleted and then recreated, and can change the new user’s password out from under her.

Comments 6