2012 GNAA Tumblr Ruin

On December 3, 2012, the Gay Nigger Association of America, both legally and effectively, exploited a XSS vulnerability in popular web-blog service tumblr resulting in the complete ruin of thousands of blogs. Utilising nothing but a few lines of javascript, an estimated 14,000 users reblogged the following post:

This caused such an outrage that uncounted numbers of news sources picked up the story. While hundreds of users took to other social networks to cry about the personal violation they had endured, the mainstream media was forced to largely ignore this in favor of awkwardly explaining what GNAA stands for. Showing an impressive lack of understanding of the internet, despite it being the basis of almost all of this year's hot shit news stories in one form or another, news sources have settled on describing GNAA as a "racist anti-blogging group", yet another example of straight old whitey trying to spread misinformation about the proud homosexual gentlemen of colour.

Tumblr is Vuln

File:Tumblrstaff.png

Friendly tumblr staff member Christopher Price

For those of you without a degree in CSIII, a XSS, or cross-site scripting attack is made possible by a website not properly sanitizing input and thus allowing scripts to be executed on the page of a website. This is one of the oldest methods of web penetration, and should be extinct in 2012. Clearly the hard working development team at Tumblr don't feel the need to patch these obvious and frankly retarded vulnerabilities, instead focussing their attention on being very pleased that Tumblr panels are still a thing.

There were numerous XSS vulnerabilities identified on the site, including the video post field, which was exploited this time by the GNAA, the image post field, and every single mobile post field.

Somebody Call the e-Police

File:Iwillsue2.jpg

Tumblr was made aware of the issue two weeks prior to the exploit via direct communication. Clearly the Tumblr staff email was down, as the GNAA did not receive a response after helpfully attempting to assist them in securing their services. As such, there was no option but to demonstrate the vulnerability, because the friendly staff at Tumblr would surely want people to know about the problem as soon as possible so that they could promptly fix the issue.

No accounts or sensitive data were unduly compromised by the uncovering of this security hole, as the "reblog" function was merely utilized. It is best to think of it as a site feature, rather than one of the most popular blogging platforms on the internet showing a startling disregard for the security of its users. It is easier that way. Naturally, the inability of the average Tumblr user to make the distinction between the two has led to many hilarious threats of lolsuits. Good luck with that.

	“	Gary_Niger hey you gave everyone on tumbler a virus I could and should sue you! I would have supported you if you would have not done this!	„
	—This bitch knows the score.

What did Tumblr do to Deserve This?

Tumblr does no more than provide a shield of relevance to bloggers of the worst variety. Bronies sharing pornographic images of animals from children's cartoons, Hot-Topic shoppers showing off their latest Invader Zim piercings, and New York hipsters spending 20% of their free time posting their lunches to Instagram can all be found carelessly grazing on tumblr, waiting for the next biggest happening to reblog and share with all (omg) 200 followers. Disgusting. Not only does this filth exist in the stores, schools, and places of work of the world, but is continuing to populate the gene pool, giving birth to even more abominations of mankind.

Is this truly the future that great visionaries of the past dreamed for?

Lulzy quotes

Tumblr are aware though so it's coo.

Only a few thousand blogs.

“	These domestic terrorists ought to be found and executed. They are as dangerous as AQ and we ought to stop treating them as a mild pain in the rump.	„

“	You mean a masterful destruction of private property. Hopefully, you'll be as amused when someone hacks your paypal/bank account.	„

“	@Gary_Niger OMG I HATE YOU YOU STUPID CUNT PLEASE DIE OMG DIE PAINFULLY I HATE YOU SO MUCH IVE LOST 40 FOLLOWERS BECAUSE OF YOU OMGGGG DIE	„

External Links

2012 GNAA Tumblr Ruin is part of a series on

Social Media

2012 GNAA Tumblr Ruin is part of a series on Tumblr.

[Become triggeredEducate yourself]

	Tumblrfags 16-year-old girls • Bronies • Cash Master • Columbiners • Cumberbitches • Potterheads • Hipsters • Homestucks • I dislike Cis People • Feminists • FanFic Critic • Genderfreaks • Leelah Alcorn • Lifting Blogs • Lil Miss Jay • MechaShockwave • Scene kids • Social Justice Warriors • Sophie Labelle • Special Snowflakes • Tom Preston • Tumbears • Vade • Racistsgettingfired
	Tumblr Memes Assigned Male • Ayy lmao • Cheeky Nando's • Doge • Everyday Sexism Project • Gen Zed • Hufflepuff • It was my privilege • Luigi's Death Stare • Social Justice Sally • Tumblr Panels • What is Air
	Tumblr Drama 2012 GNAA Tumblr Ruin • Ableism • Dashcon • Dear Cis People • Derpy Hooves • Fake Schizophrenia • Independence Day Invasion • Josh Macedo • Nerdy Fandom Gateway Theory • Operation Overlord • Patriarchy • Personal Pronouns • Princess Molestia • SJWiki • The Great /pol/ Social Justice Raid of 2013 • Valentine's Day Massacre

2012 GNAA Tumblr Ruin is part of a series on Web 2.0	Web 2.0 Concepts Social networking • Social networking sites • Blogging • Blogosphere • Hashtag • Memorial Page Tourism • PHP • Hypercube • Podcasting • Wikiing • Ajax • Ruby on Rails • Internet Humanitarianism • X is not your personal army • Unfriending • Unsubscribing • User-generated content • iTunes Store • Verification
	Web 2.0 Sites anonmgur • Answerbag • Bebo • Blingee • Blogtv • Broadcaster • Buzzfeed• ChaCha • Del.icio.us • DeviantART • digg • Dreamhost • DuckDuckGo • eBay • Facebook • Farm Town • Foursquare • Gossip Report • Hawkee • Hulu • Instagram • justin.tv • Klout • last.fm • LiveJournal • LiveVideo • mycrib • MySpace • Newgrounds • Ning • Rap Genius • Reddit • Salon • slashdot • Stickam • Tay • Tumblr • Twitter • Wikipedia • Xanga • Yahoo! Answers • YouTube
	People of Web 2.0 Fast Eddie • Tom Anderson • Steve Chen • Brad Fitzpatrick • Max Goldberg • Michael Crook • Iain Hall • Chad Hurley • Kevin Rose • OMGFacts • Kathy Sierra • Jimmy Wales • You • Mark Zuckerberg