Back in the late 90's when Cnet was really big, they embedded a video -- which was hosted on my server -- into one of their articles.
Without asking.
I found out because my hosting company called me and said I was about to get a huge bill. Bandwidth was super expensive back then and there was no YouTube for free video hosting.
I changed the file to a short clip of hardcore porn.
I know it was mean. But it was funny and somewhat satisfying.
A little backstory: They stole my site (socketstudios.com) which showed up on my analytics as they for got to remove it. They also left the contolling javascript file on my server. I modified it to load images of dogs that have no idea what they are doing.
Using Firefox 12 with NoScript installed, your site is entirely unviewable. Even in its most permissive mode (which works for the vast majority of sites), NoScript does block cross-site scripts that it considers dangerous. On your site, I get this in my Error Console:
I suspect that fixing the error mentioned there would make your site usable to more people (and more secure). But can I put in a plug for web design via progressive enhancement, rather than web design that just gives a blank grey page with a border and a few non-functional buttons if the scripts fail to load?
Sorry, forgive my ignorance (I'm a designer not really a developer) but are you saying I should host all my JS myself?
As for the fall back to a working site should JS be disabled, or the scripts fail to load you're entirely right of course. There is a lot I could still do to the site, but it serves no real purpose and was largely just an experiment so isn't very high on my to-do list at the moment.
You gotta earn epsilon trust to get me to whitelist your site for JS. If your site is 100% broken with JS off? You haven't earned that trust; you've instead told me that you're sloppy. Double points if your site is something that could get its basic functions done with JS - I have seen blogs, sites whose job is present straight text, that completely break with JS off. What that tells me is that I should be deeply suspicious of the technical chops of the people responsible.
It's not like it's hard to earn epsilon trust! Slap in a < noscript > element that says "here's what our site does, please turn on JS" is usually enough. "Please turn on JS" by itself, though, is not.
You don't have to cater to people who have JS turned off - you just have to not give us the middle finger! When site designers let their sites break when JS is off, that tells me that they're not worth my time.
Well, grandpa, it's the age of the rich javascript apps. Backbone and Ember, and all kinds of client-side templating engines are widely used.
Javascript is NOT a huge security vulnerability. There are occasional serious bugs that get patched nearly instantly by all major browsers (except maybe stupid IE).
Javascript IS a right, only 1-2% of users disable it, and I generally don't give a shit about them.
First off, name calling doesn't encourage polite conversation.
Second, progressive enhancement isn't "grandpa" thinking, it's good design, and more important today than ever. (A cursory search turned up .net magazine declaring it the #1 web design trend for 2012.) Skipping it for an experimental prototype is probably fine, but it's essential for serious work.
Third, as I mentioned from the start, the site in question here fails even when browsing with almost all scripts enabled: something essential in its design gets caught even by NoScript's minimal anti-XSS protection. That suggests an actual security risk to me.
And finally, I won't get into an argument about security bugs, but you haven't commented on the privacy issue at all. In its default mode NoScript prevents the vast majority of tracking systems that I've seen, while having a minor and entirely manageable impact on day to day browsing once you've used it for a week or so. You may not like that tradeoff, but it would be nice if you'd give some minimal level of respect to those who do.
When NoScript is in "Allow scripts globally" mode, the only things it blocks are particularly nasty vulnerabilities (its anti-XSS and anti-clickjacking features, mainly). As I said from the start, that mode presents no problem at all for the overwhelming majority of sites (script-heavy or not), so when it renders a site unusable that's probably a sign of a serious design or security problem. I've only seen that happen once or twice, so I figured it would be nice to point out the issue.
Did you try to contact them? (By them, I mean the site owner. I feel like this is a solo operation)
On other notes, there's no stopping you from replacing the content of this area where you tell your own version of their description: (from site via Google Translate) "We have been working since 1999, incorporating technology and knowledge towards the design and communication, both institutional and business."
Tangent: these kind of sites (the site that was stolen from), I'll call them "concept" sites, make me want to throatpunch a baby.
If you are seeking to demonstrate your jQuery/HTML5/CSS3 skillz then do it in a way that has some applicable context. Don't break so far from established usage conventions that users have to invest their the majority of their focus figuring out the site at the expense of examining the content.
After looking at several panels my understanding of what you do is still a guess. But I think you're a designer of some kind. If you are, the problem is that your site told me you care more about cool/flashy/pretty more than ease-of-use/user experience. As someone who engages designers on a weekly basis, that is not a positive differentiator.
> these kind of sites [...] make me want to throatpunch a baby
That's the most viscerally disturbing thing I've ever read on HN. For as popular as HN has gotten, it's still one of the more civil discussion forums on the internet. I'm not a priss, but how about a bit of decorum, please?
I liked it. I also browsed the entire portfolio which is something I rarely do. This site was so effortless, I went through every piece of work on there.
As someone who was a designer, has engaged hundreds of designers in the past, and works closely with designers every day, I say well done. I would definitely ask this designer to pitch if he wasn't full time at another agency. I don't think a designer could ask for much more from a portfolio website.
In conclusion: I don't think you know what you're talking about.
While we're on the subject, I found the navigation to be obvious and intuitive, and the site to be beautifully designed. And the portfolio was lovely, too.
It was a 'concept' site largely for my own amusement (and to teach myself a little bit of js). I do have a private portfolio site that shows more of my work and has no javascript in it at all.
I like the aesthetic, but I found the navigation to be confusing. It gives the impression that you're simply navigating a 2D grid because there's no indication that the rows slide independently of each other (and reset after switching to another row). So it was pretty disorienting to get to the end of the top row, go down, and then not be able to go left.
I know you just said it doesn't really matter, but I thought I'd offer something a little more constructive than "it's too flashy".
-seeing the whole picture
- how many items do you have in your portfolio, how can I just find one that looks cool
-nagivating quickly
- i want to go to the bottom of the site but there is 5 seconds of just waiting for the thing to load correctly
-understanding usage
- i go right 3 times then go down, i didn't realize that when i went down it automatically sent me to the left
I am all for cool design styles (nullrecursion.com), but standard conventions are standard because they are good. Get a solid understanding of why they are used before trying to reinvent the wheel
Would be nice though if contact information and info about the company was easier to get to. It is only available on the initial page or after scrolling through the entire portfolio (at least I couldn't find it anywhere else). At least if the site were designed to draw in business, that would be the case. It definitely is not obvious.
What would be interesting is to detect the IP so that whenever the owners access the site, they see it normally, but others see it with the dog images. And put their email so visitors contact them telling them of the "vandalism", but when they access it, the site looks normal.
The problem with doing something like this is that the site owner will probably take it down within 24 hours.
However... if the site owner cannot see it. Well well well.. could be up for days.
Typically the first person to view the page will be the owner. They want to check everything looks alright. Would be interesting to see the results of something like this.
"We had a similar problem at work, but we figured out the IP of the person doing the direct linking and dished out the images they expected to that IP, but the rest of the world saw an ad for our site."
I used to work for a hosting company and one of our customers (a magician of all things) copied our template into his webspace to build his own website - we spotted it and gave him a chance since he was a customer and all. We checked up on him a few months later and he had just done the same thing but to a different hosting provider (while still hosting with us).
Why would a magician need a template that looked like a hosting company?
Back in 2006 some guy ripped off my entire front-end for his ticket selling site in Europe and made the same mistake. I found out when going though my analytics. I blogged about it and actually made it to the front page of Digg (a big deal at the time):
I remember I had a website once where I had a little clock widget that I made in flash. I discovered that some of the traffic to my website was coming from myspace and found out that someone had used my widget on their myspace page. I changed the code in my widget to detect which url it was loaded from and if it wasn't on my website, it would simply crash and back then, flash didn't have the 30 second timeout when a script becomes unresponsive, you really had to kill the browser to exit.
I had a similar thing once. A company ripped off one of our landing page designs, even down to copyrighted material, and kept one of the little flash widgets in the footer. I showed the boss that I could take advantage of that by whiting out their page or replacing their content with whatever message we wanted.I wanted rather mean-spirited and rude messaging since it would appear to come from them. The way I remember it I was doing this by injecting javascript into the page from the SWF.
The boss never let me do it, he decided to sic the lawyers on them instead.
Let's see how long it takes before the offender finds out about this. I'm all for changing the company's description text to tell the full story as well.
You have access to jquery AND your script loads in the head. I think $(document).ready(function () { $('[id*="details_"] .body').html('El propietario del sitio es robar el contenido literal de mi sitio: http://socketstudios.com. Si usted hace negocios con esta persona, usted va a tener un mal momento.'); })
Made me wonder what would happen if some rogue Google engineer decided to replace the CDN hosted jQuery on thousands of sites with script to auto-play a rick-roll.
Once upon a time there was a dude that had the bright idea to hotlink the swf mediaplayer that I was hosting. Besides wasting my bandwidth, it also wasted my time for tracking all the referrals where he used the code. Long story short, he got a flash-based XSS in response. For the lulz.
Ah, I love when you can tell from someone's portfolio that they didn't design their own website. Sorry this keeps happening to you, it's so silly all these copycats come out of the woodwork after your site(s) are profiled on siteinspire/et al, and act like it was a shear coincidence.
Seriously. When I was younger I made a little social network thing for me and my schoolfriends. I didn't figure out how to properly deal with uploaded images (too much hassle), so I allowed you to simply hotlink a profile image. I hotlinked some funny picture at home, and...
At school it was pornography from the site owner intended to stop people hotlinking. I very quickly changed the image.
Copy & Paste any codes without understanding really burn people. Wasn't there a startup that got into trouble for doing the same thing? They later tried to play it off as "A/B" testing. Maybe this guy is A/B testing on how fast he can destroy his reputation by doing Copy & Paste of another site.
haha, i'm not sure if that is sarcasm or not. i'm a designer that dabbles in code and that was my first attempt at JS. it works but i'm sure it is probably a disaster.
Without asking.
I found out because my hosting company called me and said I was about to get a huge bill. Bandwidth was super expensive back then and there was no YouTube for free video hosting.
I changed the file to a short clip of hardcore porn.
I know it was mean. But it was funny and somewhat satisfying.