rabidsamfan | If you use LJtoys for your mood icons...

Entry tags:

headdesk,
lj

If you use LJtoys for your mood icons...

Please let me know. I found some very uncomfortable html behind one of their images this morning (it broke the flock for one of the people in my flist) and I would like to avoid them as much as possible.

ETA... hmm. there is a chance I am panicking slightly prematurely about the html part of this... But I still can't explain the image that's so big it gets filtered and then hasn't anything there.

ETA 2: I think I'm definitely panicking about the flock thing. *whew* LJtoys, however, does seem to be putting up a "webbug", a tiny invisible icon linked to a javascript in posts where the user hasn't selected a mood icon (they can count hits from the mood icon directly.) Blocking javascript would disable that or setting your journal to always use your own mood icons even on other people's posts...

ETA 3: I am an idiot! Hooray! The flock thing was me misinterpreting what I was seeing. *whew* As Rosannadanna would say, "Never mind!"

And thank you, fictualities, for straightening me out.

Flat | Top-Level Comments Only

*raises hand*

I use it, but I SWEAR it's not to break open f-locked posts. I'm not even sure that's exactly what it did, actually - as the post RSF is referring to is someone (I have no idea since I haven't yet seen the HTML) who we are BOTH friend's with - so it may have used MY login info - not RSFs (which seems more likely since I'm the LJToys user. To my knowledge, all it's supposed to do is a)host mood icon images (custom) and b0 keep a log of hits to the USERS's journal (who's visited my journal, by ip addy, etc.). I nearly never use the second feature since I'm not e-famous and I can pretty much tell by who's left comments. Please don't panic - at least not yet. I've sent an e-mail to the admin of LJTOYS (who have been operating for at least a couple of years now, so if they were doing anything they shouldn't be, surely it would have come out before now?? I so hope this turns out to be a premature panic. *miserable*

Mmm...that makes sense that because you were both friends with the person that that would be a valid explanation as to why RSF could see the flocked post...I'm not going to panic then -- I will then just attempt to take RSF's advice about the javascript! :-)) (No misery allowed!!! It's Froday! *looks very stern*)

I also may be panicking prematurely. I have to look at this again later when I can figure out the html (at which I am the most amateurish of amateurs.)

But I still don't understand the invisible pictures part...

I was definitely panicking prematurely, and you don't have to worry -- not about the flock anyway. I made a silly mistake and conflated it with a real puzzle. But fictualities has figured out the mess. *whew*

yay, what a relief! *wipes brow*

*hugs* I know it's not you darlin', that's why I didn't name you in the post. And there is something at the top of the html that says "noarchive" but I can't figure out why it exists at all. (Or why it showed my flist and not yours.)

Hmmm. "Noarchive" is part of a standard meta tag that tells search engines not to archive a page. That is what you are telling LJ to insert into your pages when you tell it not to let search engines access your site. It's a standard way of communicating with Google, Yahoo, etc. and asking them to bugger off. Without seeing the code I can't be sure, but "noarchive" might be a perfectly innocent part of your own security.

I also may be looking at the wrong thing with the html, I just realized. *headdesk* I am a complete amateur at computers...

But I still don't know why a gif would be blocked for being too large in my flist and then not have anything in it!

GAAAAHHH!!!

Hmmm. Could be one of those little web bugs I was telling you about. If you insert a hotlink to a single-pixel transparent GIF into someone's journal entry, and the gif is located on a third party server, then the third party server can keep track of hits to the journal entry by counting the number of hits to the gif on its own server. All this without the end user seeing a graphic, because the graphic is invisible.

This may be the way lj-toys does most of its stats collection. Each hit to the embedded invisible gif would tell the lj-toys server a) the referrer, that is, from whose friends' list the journal entry was being read; b) the IP number of the person reading the page, c) the geographical location of the person reading the page (this is deducible from the IP number), and sometimes d) the name and address of the person reading the page (if they have a fixed IP registered to themselves).

No, web bugs are no one's friend. And web counters like LJ toys have the capacity not only to report this information back to their users but to log it, and potentially sell it to marketers and any other interested parties. Don't know if they log their data or not -- it would cost money, for one thing. But any info that's collected can be logged and resold. Best to do everything you can to keep your data from being logged in the first place. (Of course LJ itself collects all this stuff, as does any other web site. You can't go anywhere on line without leaving traces. But it seems like a good idea to limit the logging to companies you've evaluated yourself and decided to do business with, not random third parties that are along for the ride.)

I also may be looking at the source for my own flist page *headdesk headdesk headdesk*

But why is the image that isn't an image popping up? Why? Could it be one of those web-bugs of which you speak?

I *think* (if I understand correctly - and that's a pretty big IF), that ljtoys is, by definition a "webbugs" site...it "bugs" your lj (through your mood icons) so that you can track your hits. Maybe.

Oops! We crossed messages in the ether; I answered this above. In short: yes, probably an invisible gif being used as a web bug. You can block those with NoScript too.

LJ will let you block mood icons that are being used as web bugs -- set LJ to show your own mood icon set on other people's pages. That way you won't be able to see other people's cute mood icons, but, erm, you'll be a little more secure.

"noarchive" might be a perfectly innocent part of your own security.

*prays*

Please, Lord, let it be that...and not that I have unwittingly been compromising LJ security for a very long time. D'oh!

I'm hoping that I'll end up pulling a Rosannadanna and saying "Never Mind..."

LOL - That made me laugh! I'm hoping you do, too.

If what showed up in RSF's html was this:

meta name="robots" content="noindex, nofollow, noarchive"

then it is absolutely nothing to worry about and completely standard operating procedure. It's just LJ telling Google et al not to archive people's friends pages. LJ puts this in themselves; lj-toys has nothing to do with it.

lj-toys does try to run js of some kind, but that could be all about counting hits to people's journals, which can definitely be done without hacking into people's friends-locked posts. RSF, is that what you saw? If so, this is probably a false alarm; I'm not a huge fan of web bugs, but they don't show anyone friends-locked posts.

*goes to look at the html -- finds the right stuff!*

Hooray hooray hooray! I am an idiot! Hoooooorrrraaayyy!!!

Err... thank you.

LOL! I'm so glad you're an idiot!! (j/k!!)

*dances*

I know we've never met but...

*squishes you with a hug*

Thank you for knowing this! I've been miserable most of the day thinking I'd unwittingly unlocked f-locked posts!

*hugs you again*

*hugs back*

Glad to help! And I'm relieved, too -- I know four people on my own flist use LJ-toys, and they're all really nice people. Unknown javascript always makes me anxious, but it looks like they're just letting you know who's reading your LJ -- information that all web sites automatically record anyway, and all you wanted to know. :)

Thank you for being patient and curious enough to help me figure this out. It really had me bothered, because the images that weren't actually there were getting on my nerves. And I will definitely be doing something about javascripts on my home computer, as soon as I get home!

Flat | Top-Level Comments Only

If you use LJtoys for your mood icons...

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject

no subject