MyBlogLog and Exploits – It Is Easy To Pick On Someone Who Doesn’t Have Hold Of Your Testicles Financially

So Shoe got banned from MyBlogLog and now there is some kind of outcry from people wanting him reinstated. It is actually a great way to grab attention – I think every one of his “exploit” posts has gained more Diggs than the original announcement of the Yahoo MyBlogLog acquisition on the MyBlogLog blog.

It would be quite easy to write similar articles about how you can exploit various monetizing services, including Adsense, either for personal gain or damaging competitors, but that wouldn’t be very smart.

The big difference? MyBlogLog doesn’t issue large checks

MyBlogLog does have a few holes – it is strange how selective Shoe is in which ones he abuses, and which he “outs” in public.

Update: Pascal has some insights into the MyBlogLog story – it seems the latest flaw that was “outed” had been known about for a while, and it is quite likely the fix just hadn’t gone live yet.

One thing that is rarely noted is that as services grow, they become bigger targets and thus testing and fixing exploits takes up more and more resources.

I have also seen in various comments people claiming that the growth of MyBlogLog has slowed down.

MyBlogLog Growth Continues

There are a couple of spikes in the graph, the first being the MBL acquisition, and the second the recent problem with invites to co-publish gaining a lot of attention, but the trend is definitely upwards.

Update 2: Li Evans has a well reasoned post on the banning. For me that is the difference between blogging about this and using it to grab attention.
I wasn’t going to link to Andy Beal, as I think he might have lost some perspective on this, however Eric from MBL made an interesting comment.

That’s like asking Google how confident they are that people can’t game AdSense. I am comfortable saying that no one has ever been able to get to your personal information and that we have instituted a major security improvement to keep people from spoofing cookies. We’re working on reducing spam as explained in our recent blog post and we’re taking steps to reduce the opportunities for clickfraud.

Are we ever going to keep people from making their avatars voluptuous women for marketing purposes? Probably not.

Are we always going to be ahead of SEO-types (sorry) who want to game the system for their own gain? Probably not.

Is this good enough to be on your site? Only you can say. But I respect your decision either way.

Here is a challenge for Shoe – take the same MBL ID exploit and apply it to Google Adsense, see what damage you can cause someone, and then write about it before telling Google.

Liked this post? Follow this blog to get more. Follow


  1. says

    Actually, now that I have read more articles surrounding the issue. I believe Shoe did e-mail them first. I think they could have been doing better job by just simply fixing the holes. Thye should have hired Shoe to help them out. ;)

  2. says

    The French site had emailed them a month before

    There are probably hundreds of bugs, and I am sure that many of them were flagged with a higher priority.
    They were also in the middle of moving to Yahoo offices and servers.

    This is actually very similar to game development, maybe this article will give you a different perspective.

  3. says

    Thanks Andy. I don’t think Shoe exploiting these flaws in a such a public manner should be rewarded. He could have done more good by working on it with MyBlogLog. Clearly it was done in a spirit of “vendetta”.