Profile picture
Michał and his terrible jokes @ WWDC @justMaku
, 11 tweets, 3 min read Read on Twitter
Thread: Since @amazon have fixed this let me tell you a story how they’ve been leaking unreleased books for god knows how long. A proper blog post will be coming later this week, but here’s a small “preview”.
As you might be aware of, Amazon has a nice feature where they allow you to preview a small portion of the book you’re about the buy before the purchase. It looks something like this:
If you look closely you will also notice the search bar on the right side. Under that search bar you will see the list of results. The result I’m getting is from page 73 that according to the nice warning message in the middle shouldn’t be accesible. With a small excerpt. Nice.
With a crude Ruby script I was able to automate this API call and in under an hour I had almost 3mb of these excerpts from the book. I’ve started with a fairly small list of unique keywords and then whatever result I got, I divided in half and searched for that phrase.
That gave me both some extra words before and after the searched phrase. This gave me a list of search results of overlapping phrases as such:
The actual stitching the individual lines together was the hardest part (which in the end turned out to be trivial) . Using an LCS algorithm I was able to combine them into a readable text:
Here’s a comparision with the real page from Amazon: close, isn’t it?
Few things to note: there was no rate limiting on this API endpoint so at one point I had over 400 threads making few requests per second. Sometimes a request would fail, but I could just reply it and it would work just fine.
Amazon treated this very seriously, under a week from the initial contact to the final fix. First hotfixes started appearing under 12 hours. Overall their security team is A+ but…
Amazon has no bug bounty program. So even if this saved their ass, I didn’t even get a lousy t-shirt. Upon learning that I considering releasing this without prior report to Amazon. Unfortunately this vulnerability would mostly hurt the authors and not the actual culprit.
Also, this thread is full of typos and grammar errors, it’s morning, don’t @ me.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Michał and his terrible jokes @ WWDC
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related threads

Profile picture
#THREAD

Yesterday's indictment is a major signal that we're nearing the end of the #TrumpRussia prologue.

I interviewed @Mimirocah1 about the story which she said indicates that "prosecutors are putting the pieces together."

I agree.

Here's my $0.02.

washingtonpress.com/2019/01/08/a-m…
Why is Natalia Veselnitskaya's link to the Kremlin so important?

1 - SDNY provides Mueller with apolitical evidence sent from the target that predates all investigations.
2 - Proves Don Jr. met a Kremlin Agent
3 - Burns the Russian prosecution against @Billbrowder

2/
Natalia Veselnitskaya had been working on the Prevezon case for years, but in 2014 she involved herself drafting of the official response to the DoJ's invocation of a treaty for legal assistance.

She sent the evidence that she worked with the Kremlin to SDNY prosecutors.

3/
Read 15 tweets
Profile picture
A Night in Helltown Story #Thread
I was a freelance photographer, freelance portrait artist, freelance writer, and a professional gamer. Well, I was actually rolling in money, but still lived a private and secluded life, loved by many, friend to none, and it just had to be that way if I still wanted to cohabit
peacefully with others.
I was born with a curse, one that some call a ‘unique gift’. Where the normal human sense would pick up the strange smell of burning rubber and sulphur in unusual places, I could see the demon itself, yeah! I could see and hear angels, demons, and ghosts
Read 50 tweets
Profile picture
Making a thread of makers & entrepreneurs who inspired me, and what they taught me.
#thread
👇
Strong marketing game, super hard work, can stream for 24 hours and currently leading a new streamer movement with the #24hrstartup challenge.
Make it bigger than yourself.
👉 @thepatwalls
Made the awesome getcssscan.com which works perfectly and saved me hours and hours.
Make a simple, helpful product.
👉 @gvrizzo
Read 21 tweets
Profile picture
How To Judge A Book (or Course or Training) You Pay For

#Thread.

In 2009, a friend of mine made =N=1.4 million selling a 5 page ebook he had written.

It showed how one could get a laptop for =N=15,000 . Laptops sold for =N=70/80,000 back then so it was a draw and it was real.
He ran an ad, explaining the specs of said laptop and how you could buy his ebook and learn the strategy (a form of MLM).

Anyways, I was speaking at an event last year and shared the story. A member of the audience who bought that met me and said he didnt use the info because...
the ebook was just 5 pages. In his words, "why would he charge so much for 5 pages"? (it sold for =N=3,000).

It made me laugh because as I said to him, "Who cares how pages it is as long as it achieves for you the real reason why you bought it" it was clear to me this guy...
Read 12 tweets
Profile picture
OK my @medium account got "caught in the spam filter" & has been restored so let me try this #thread again. I've been working for several months on a series of blogs explaining trolling & botting tactics used by 4chan during the election. #ContentWarning: medium.com/@erin_gallaghe…
Several months ago @elimisteve from @PursuanceProj found a series of pastebins and sent them to me. 4chan trolls studied learned graphic design software to make memes, memetic warfare and botting to troll the election. medium.com/@erin_gallaghe…
The 1st part is an 8chan thread by someone who claimed to have worked in the marketing & advertising industry. The explain various components of effective graphic design & instructions for /pol/ to “normalize” their message to blend in with the normies. medium.com/@erin_gallaghe…
Read 36 tweets
Profile picture
Thread:
Let's talk about volatility.

Volatility is defined as a statistical measure of the dispersion of returns for a given security or market index. In a sense, you can think about volatility as a measurement for the "speed" of the market.
Here's the first ever implied volatility (IV) vs Bitcoin price graph.

A few takeaways:

As you can see in early 2017 IV and bitcoin's price was not correlated.
In late 2017, as the market matures we see that IV actually seems to have a positive correlation with Bitcoin's price.
There are a couple explanations for this relationship in $BTC markets, such as improved liquidity, market maturity and increased volume.

This relationship is important to understand, because in traditional markets IV tends to go DOWN when the price moves upwards (VIX/SPX).
Read 8 tweets

Trending hashtags

#FemaleReporters #Australia #CommonDataModel #DworkinReport #EUcitizensChampion #TLDR #Manorama #Jews #cryptocurrency #MSDyn365 #TakeTheRedPill #CustomerService #NJDay5 #blockchain #Prophecy #KeralaFloods #TrumpTrain #FieldService #ContentWarning #dataviz #MSDyn365CE #IOKIYAR #tribulation #sunuMbay #Khazars

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!