Simon Willison’s Weblog

3 items tagged “newyorktimes”


Announcing the New York Times Campaign Finance API (via) The New York Times have released their first data API, exposing campaign finance data from the Federal Election Commission. # 15th October 2008, 2:05 pm

Popular Websites Vulnerable to Cross-Site Request Forgery Attacks. Ed Felten and Bill Zeller announce four CSRF holes, in ING Direct, YouTube, MetaFilter and the New York Times. The ING Direct hole allowed transfer of funds out of a user’s bank accounts! The first three were fixed before publication; the New York Times hole still exists (despite being reported a year ago), and allows you to silently steal e-mail addresses by CSRFing the “E-mail this” feature. # 29th September 2008, 1:08 pm


Times to Stop Charging for Parts of Its Web Site. The New York Times finally acknowledges that you can’t be the “paper of record” if no one can link to you. # 18th September 2007, 8:40 am