Join 3,436 readers in helping fund MetaFilter (Hide)


Heather Champ is the Queen of the Known Universe.
July 31, 2002 7:41 AM   Subscribe

Heather Champ is the Queen of the Known Universe. Someone in Brazil really likes some of Heather Champ's photographs. They like them so much that they put them prominently on the top of the main page of their website. But they didn't just put them on the website, they direct linked to them on Heather's server, and this is how Heather found out. So she's done what most webmasters do -- she's replaced the images with new ones. The only thing is, aside from the lack of control one has over access to the original file, isn't direct linking to images (and other content) on servers that aren't your own the whole effing point of the world wide web?!
posted by crunchland (56 comments total)

 
Ok, so maybe I'm playing a little devil's advocate here. Far be it from me to criticize Heather or criticize anyone else who wants to protect their artwork.

But really, isn't the point of the worldwide web so that one can link to things on other servers, and in doing so, create an interlinked network of content, where not everyone has to store everything on their own hard drives?

I know, I know, someone has to pay for the bandwidth. I've looked through my referrer logs for my sites and have seen where plenty of people direct linking to my images, and I admit that it does bother me a little bit, but then I figure the bandwidth theft has always been minimal, so it's really not worth me doing anything about it.

And copyrights are copyrights, and all that. But isn't direct linking, strictly speaking, more copyright friendly than swiping a copy of the image and having your way with it? Doesn't it give the copyright holder control over it - whether it be to update it, modify it, or whatever?

I can see both sides of the fence here. I'd be interested to hear what others think. And what do you think Tim Berners-Lee would say?
posted by crunchland at 7:42 AM on July 31, 2002


There is a difference (which I'm sure you know) between linking (as in [a href="http://foo.com"]check out these cool pictures![/a]) and embedding someone else's stuff in your page and basically representing it as your own ([img src="http://foo.com/pic.gif" alt="Look at MY picture, MINE!"]).

If the images were embedded, but with a caption that said the site they were from, and offered a link to that site, that would be more along the lines of what you are talking about.
posted by malphigian at 7:47 AM on July 31, 2002


Another problem with embedding, as opposed to linking, is that it costs the person hosting the image in terms of bandwidth. Because some of us pay for our bandwidth, embedding an image from our servers on a page that gets a large number of page loads (livejournal users, I'm looking at you) can cost extra money. A lot of extra money.

People who embed images from other servers also tend to not make it very clear that they are embedding an image from another server. That's pretty impolite.

In summary: linking, yay; embedding, boo.
posted by iceberg273 at 7:54 AM on July 31, 2002


My host allows me to enable hotlink protection. I don't get much traffic anyhow, so I don't really care if an image of mine is hotlinked, but I can see where someone with a lot of bandwidth would. I like the creativity she took with addressing it, though...
posted by adampsyche at 7:55 AM on July 31, 2002


I've been having lots of problems with this very thing lately, and although it's kind of a crude way of fixing it, the old graphics switcheroo is sometimes the only way to get people to notice what they're doing is wrong.

This is sort of off-topic, but related to this story in general. I know that Geocities and other sites have some code in place to check referrals, so that they aren't abused anymore for people simply using Geocities sites as image storehouses for auctions. Can anyone point me in the right direction in terms of getting some sort of script on my own site to check the referrals and block calls from outside sites? Geeks? Anyone?

In regards to Crunchlands comment above, I'm all for people linking images that they like, etc, but with the proliferation of web boards and icons and whatnot, I've had times where I would have had thousands of loads of a picture of mine in a month (without any sort of credit) had I not pulled a switcheroo. Thousands of loads = more bandwidth that I have to pay for. Like Iceberg said; linking, yay; embedding, boo.
posted by almostcool at 7:56 AM on July 31, 2002


Ah, looks like she found an .htaccess tutorial to disallow external linking.
posted by adampsyche at 7:57 AM on July 31, 2002


isn't the point of the worldwide web so that one can link to things on other servers, and in doing so, create an interlinked network of content, where not everyone has to store everything on their own hard drives?

There's a big difference between linking to a person's website which features the content/images in the way it was intended to be presented and between direct-linking to an image and trying to pass it off as your own, which I know is obvious. But I much prefer it when "thieves" direct-link images than save them to their own server, as it makes it easier to track where the image is being used & in what context, and provides the opportunity to either put something nasty on someone's page or to simply change the name of the image so that the unauthorized user is left with a sexy broken image.

However, if it's made clear on your website that you don't want people stealing your images, then it's clearly wrong in any context, don'cha think? Or if you clearly direct people to save certain images to their own server if they wish to use them, as many do with things such as linking buttons or banners.
posted by catfood at 7:57 AM on July 31, 2002


Well, as Heather links to these reasons on her site, I'd take them as her reasons also.
posted by Markb at 7:59 AM on July 31, 2002


Also, it is a well-known fact that Heather Champ actually IS the queen of the known universe. I'll join the tribe here: stealing bandwidth bad and punishable by mawling, linking to content good. Cf the NPR hubbub of recent weeks.
posted by RJ Reynolds at 8:00 AM on July 31, 2002


hyper linking, yes. embedding (stealing) someone else's images, no. sorry.
posted by aenemated at 8:03 AM on July 31, 2002


Seems like a lot of people have been having trouble with bandwidth theft recently. Rob Cockerham's image swap was pretty amusing.
posted by rorschach at 8:05 AM on July 31, 2002


Well, as Heather links to these reasons on her site, I'd take them as her reasons also.

Ha, Miguel! You've been outed.
posted by crunchland at 8:07 AM on July 31, 2002


I find that renaming the files is very effective. Nothing like a broken image to destory the continuity of a thieving bastards website.
posted by Jeremy at 8:13 AM on July 31, 2002


no, it isn't
posted by scarabic at 8:20 AM on July 31, 2002


did the popups on the image-appropriating blog exist before all this attention, or is the owner realizing the profit potential of the hullaballoo one causes by ripping off popular folks?
posted by sfz at 8:23 AM on July 31, 2002


Being an engineer, I don't like images linked in from other sites. In most cases it slows down performance, and sooner or later it leads to broken images. And something that is bad engineering is probably immoral in some way or another.
posted by Triplanetary at 8:41 AM on July 31, 2002


I did not see the popups when Heather first posted this happening.
Also at the bottom of the right hand column is a link: copiado descaradamente de harrumph roughly translates to brazenly copied from harrumph.
posted by sailormouth at 8:59 AM on July 31, 2002


Triplanetary:And something that is bad engineering is probably immoral in some way or another.

Very interesting Triplanetary. Maybe you should expand it a bit and make it your first Front Page Post.
posted by anathema at 9:08 AM on July 31, 2002


Hey, I always though the replacing-with-porn-for-a-day thing was funny. My icon on one of the web-boards that I'm on (A very couth image of Calvin picking his nose) was stolen by an AOL-web-chat-kiddie, and the admin of the board replaced it with a pr0n image for a day just for shits and giggles. Bet the chat kiddie was surprised.
posted by SpecialK at 9:28 AM on July 31, 2002


There was a website a few years ago, that dealt with the same thing. Only they replaced the images with images from rotten.com.....ick.
posted by mkelley at 9:40 AM on July 31, 2002


isn't direct linking to images (and other content) on servers that aren't your own the whole effing point of the world wide web?!

I'm surprised nobody has pointed out the obvious, fundamental misunderstanding in this statement. And I think that it might sometimes be the cause of some of these hotlinks, although other times, it's obviously intentional.

The IMG tag doesn't work the same way as the A tag. They're simply not comparable. It's replaced by the referred image and has no representation of its own in the browser*, as opposed to the A tag, which is represented by the text between the opening and closing tags and whose specific purpose is to send you somewhere else(or serve as the destination; still the same concept, though).
Linking represents a connection between two documents. It doesn't take the linked document and stick it inside the other, which would be like someone framing your web page inside their frameset, and is a more proper analogy for this situation.

*Let's not quibble over whether the border – which almost everybody turns off, anyway – counts.
posted by Su at 9:40 AM on July 31, 2002


All of which is to say(because I forgot to) that the IMG tag is not a link tag. It's a placeholder.
posted by Su at 9:42 AM on July 31, 2002


In the old days, when anyone would pay for any kind of traffic, I used to slap together websites about whatever was popular, in the interest of getting hits -> cash. So I made Britney Spears sites, NSYNC sites, etc. Lots of chumps couldn't figure out the distinction between taking a copy of an image and hosting it on your own server and directly linking to mine (cutting into my bandwidth allotment). I used the htaccess trick to display a banner showing my url to all pages who managed to show my image, but not from my server's IP address. It was (in the days when internet advertising actually cost or raised money) free advertising.

p.s. I'm not sure if this has been stated clearly enough in the previous messages, but linking to images on other people's servers is considered very bad. If you have a very popular site, you can use much bandwidth on the image's servers and cost the person who originally had the image lots of cash. That tends to make them very, very angry.
posted by websavvy at 9:52 AM on July 31, 2002


1) I tried to implement the .htaccess disallow over the weekend, but it wasn't working quite as expected -- It worked fine from home, but I couldn't see the images on my site from work. I also had email confirming this issue from others. I need to follow up with Dreamhost to find out how the apache servers are configured to enable me to disallow this kind of linking.

2) There's no contact information for the individual on the page, so I contacted envy.nu as I'm sure this behaviour contradicts their terms of service. The response? "I like what you have done with the images he is stealing. I think he will get the message." That's crap. Any service like this worth their salt should toss user off.

3) isn't direct linking to images (and other content) on servers that aren't your own the whole effing point of the world wide web?!

Dave, so let's say I get tired of taking photos and decide that your lovely photos on pencam.org should decorate my pages and I start linking to them without any real credit as to what I'm doing. What do you think about that? I don't think you'd be a happy camper for long. Plus, it's your bandwidth.

While I agree that linking is the whole fucking point, I think that it's linking with permission.

5) The pop ups are increasing so perhaps the joke is on me. I'll have to look. Does anyone have any poop on envy.nu? I can't get traction with them.

6) You're all invited to send images. I'm thinking of this as a gallery opportunity.

7) I am Queen of the Known Universe -- at least in my feeble mind. And if you believe that, I've got some Enron stock you might like to buy.
posted by heather at 9:53 AM on July 31, 2002


I got sick and tired of people direct-linking to images on my site (wasting the web host's bandwidth, as others have noted), so I just created .htaccess files in the image directories whose contents were most often "borrowed." The .htaccess file simply consists of the following lines:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/stolen.gif [R,L]

This will serve up "stolen.gif" in place of the linked-image when the referrer is anything other than my domain. I'm sure this can be easily modified to serve up different images based on unique referrers, but this is good enough for me.
posted by nstop at 9:55 AM on July 31, 2002


Ha, Miguel! You've been outed.

Crunchland, do you know what blog that's from? 9622 or stavrosthewonderchicken's?
posted by ( .)(. ) at 9:55 AM on July 31, 2002


** sarcasm **

Um has anyone explained the difference between this and linking yet???
posted by bitdamaged at 9:57 AM on July 31, 2002


Can anyone point me in the right direction in terms of getting some sort of script on my own site to check the referrals and block calls from outside sites? Geeks? Anyone?

mod_rewrite on Apache can be configured to block inline images.
posted by bravada at 9:58 AM on July 31, 2002


Note, Heather, that you don't have to serve up any image, if you get tired of this game (although I've got to admit, it's pretty fun for a while!).

You can arrange your htaccess to just send nothing to the offending site, which will show up as a broken image on that site. That will save you bandwidth, in case your joke gets listed on some big site, somewhere. If you're interested in how to do this, I can be of help.
posted by websavvy at 10:02 AM on July 31, 2002


websavvy -- i tried this over the weekend, following a couple of web tutorials to create the disallow in the .htaccess file. please see my note above about this not working.

and yes, i could serve nothing, but i'm beginning to think of this as a "feature," not a "bug."
posted by heather at 10:04 AM on July 31, 2002


Tutorials for dealing with image theft...
Here and Here,/a>,.

One thing to keep in mind is that the Apache can be configured in many ways. If I'm correct, it might be possible that your host might not let you mess with .htaccess or mod_rewrite, so you may not be able to do this stuff. But I think most hosts are cool with this. Also remember that, generally, directories inherit the .htaccess attributes of their parent directories, so you may be able to put this .htaccess in you root hosting directory and that would keep any problems from happening in your subdirectories.

I made this stuff work, but it took some trial and error. Keep with it, it's really worth doing.

posted by websavvy at 10:08 AM on July 31, 2002


My husband, some websavvy. Can't even make a link.
posted by websavvy at 10:09 AM on July 31, 2002


Interesting that the photos on Deuce of Clubs that people were "stealing" were obviously press photos and probably belong to someone (else).

I'm interested in where you got the photos for your N*sync and Britney pages, websavvy.
posted by ODiV at 10:19 AM on July 31, 2002


From my bed, obviously.
posted by websavvy at 10:20 AM on July 31, 2002


i can't use the .htaccess disallow for the 20things.org site either, but found this image swap effective:


posted by judith at 10:34 AM on July 31, 2002


nstop: if I wanted to do that for my domain and one or more others, how would that look? I've tried playing with .htaccess before and I'm crap: it never works quite the way I want.

Also, video files are even worse than images for bandwidth theft. I recently had altercations with more than one site which was stealing almost our entire video content and repackaging it in their site without attribution. Quite apart from the bandwidth, this could endanger my agreements with my licensors. We sorted it out by email, as it goes, but that's terribly time-consuming. I'm not against people linking to the html pages which hold the video files, but they don't.
posted by walrus at 11:02 AM on July 31, 2002


heather: I'm hosted on Dreamhost as well, and after some wrangling with the .htaccess, I was able to get it to work. It's actually pretty cool in that you can just have one htaccess file and disallow multiple directories (which is what I wanted to do). If you still want to block, I can send you the code, but it looks like you're having fun with tweaking the gallery.

Before I knew this little trick (thanks to everyone above who suggested it), I would just change the graphic in question to something along the lines of what Judith did with the 20things site. Usually, the graphic would come down within the day, as those who'd ripped it would scramble to cover their butts.

Of course, then they'd just go link somewhat else... sheesh.
posted by almostcool at 11:11 AM on July 31, 2002


.htaccess is a great way to send people from the image they thought they nicked, to an image that you'd rather show them [in the spirit of Heathers perhaps]

however - and bummer - it won't do the same nifty trick for hotlinked films [.mov or .mpeg or .ra or .whatever] as apparently 'the problems are caused because movie players use java and do not send headers and so the server does not track them.'.

this was a huge frustration the day I found that 48 gigabytes of my monthly bill was people hotlinking straight to my commercials collection. Augh! Bad bad bad - illegal - theft - don't! Any solutions to that problem apart from moving all my films once a month [as i now do] would be nice to hear. Cheers.
posted by dabitch at 11:15 AM on July 31, 2002


should have seen it on preview, walrus has the same problem. it's a pain, timeconsuming, and only in lucky cases do people resond to mails. Hotlinking to big fat films is just beyond wrong.
posted by dabitch at 11:18 AM on July 31, 2002


walrus: What you need to do is:

1. First check to see if your web host has the mod_rewrite Apache module installed; if not, ask them to do so.

2. Copy the lines of code from my post above.

3. Save it as a plain text file called ".htaccess"

4. Make the following edits:

a) Line 3 - Change "mydomain.com" to your actual domain name.
b) Line 4 - Change "http://www.mydomain.com/stolen.gif" to the actual URL of the image you want shown whenever someone direct links to your files.

5. FTP your new .htaccess file to the one or more directories you want to protect, and chmod it for public access if necessary.
posted by nstop at 11:24 AM on July 31, 2002


Somewhere I have a photo of Adolph Hitler with a little caption that says something about supporting the Nazi party, I used to stick that up when someone was linking an image on a site I had a long time ago. I also enjoyed making images for friends to use in the same way. Like nonsensical rants and pictures of my pets with little thought bubbles (like in garfield) in place of the linked files. I think I also still have the little image that had my cat asking the linker to leave his anus alone and seek therapy, I really like that one.
posted by bargle at 11:55 AM on July 31, 2002


Oops! Sorry, Heather and all the other people I've been stealing from in the last two months - since I learned how to do it. Ignorance is no excuse but, in my case, it's true.

I won't do it again, ever. I feel like a real rube now and it serves me right.
posted by MiguelCardoso at 11:56 AM on July 31, 2002


nstop - got a good way to use the funky rewrite rule in the cases of video files and films too?
the link that I posted above gives a similar .htaccess, but alas, some browsers [mainly IE on PC , also Opera on Linux as far as i know] simply don't send their headers when requesting films/mpegs/ra, and then the whole .htaccess file rewrite rule is out the window.
posted by dabitch at 12:07 PM on July 31, 2002


dabitch: I use real format. I was thinking of protecting the .ram files, but not the .rm, and then using a straight hyperlink to the protected ram file from the webpage. This wouldn't totally close the gap, but it would deter all but the most determined, and I'm willing to take it to their host providers (or somewhere upstream) if they won't talk to me. Looking at my referrer logs, I think I always get a url for a .ram request. Perhaps I'm just not looking hard enough for exceptions. I can see realplayer failing to give the url, but I suppose I can live with ppl having to click the link on the page again, rather than just refreshing it in realplayer.

Thanks nstop. I was wondering more though, how the htaccess file might look if I wanted to allow an additional domain to link to the files (a friend of mine, for instance). Should work it out for myself really, but inept. Anyway, email me if you like (it's on my profile page).
posted by walrus at 12:17 PM on July 31, 2002


walrus, the latter is easy, just feed the 'accepted friends' URL into your .htaccess like so:

RewriteCond %{HTTP_REFERER} !^http://www.yoursite.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yourbuddies.com/.*$ [NC]

then both those would be ok referers.
posted by dabitch at 12:27 PM on July 31, 2002


Hmm. Maybe one more post. I believe any browser should behave the same when requesting the object of any hyperlink, regardless of what the file type is. I can't for the life of me understand why Opera would be programmed to do something different for different file types, unless it was programmed by inept lunatics. IE on the PC is fine. So are Mozilla and Netscape. I know realplayer doesn't give the URL, but it only asks me for .rm files unless someone presses play after watching the video through, in which case it asks for the .ram. So I think my above solution could help with real media. I haven't got the foggiest about other formats. All I know is that this whole thing is melting my brain. And thanks for the htaccess examples. I'll give 'em a go later.
posted by walrus at 12:52 PM on July 31, 2002


Echoing what everyone has been saying. The best switcheroo is the eBay auction posting swap.

I remember some bozo hotlinking to a movie poster design I had done in an eBay auction. It was annoying for many reasons:

1. It was a unused poster concept, not actual key art.

2. He was using the poster image as "graphics" for an unrelated product in his auction. (I.E. He wasn't selling a poster from the same film, etc.)

3. He wouldn't cancel/revise the auction once I emailed him asking him to stop.

So good ole porn swap, to the rescue - followed by an "anonymous" email to eBay asking why they allowed pornography in an auction NOT in the "mature area". Problem solved.

Also, with regards to the mods to .htaccess to prevent hot-linking. All the methods described work, but you will also lock out certain valid traffic to your site - no way around that.
posted by jca at 2:12 PM on July 31, 2002


Completely off topic, but awesome site jca!

I'm getting into editing, but having taken multimedia design courses am very interested in movie posters, CD covers and the like.
posted by ODiV at 3:44 PM on July 31, 2002


Weirdly coincidental - I happened across a thread at Comicon's Message Boards only today which was basically one of those "What's your favourite [fill in the blank] ever?" threads, in this case the 'blank' being comicbook cover. Each page was huge because of the number of called-in images from other people's sites. (I'm not going to link it because that would cause additional bandwidth use for the people whose images were being used.)

I did post up a question to the effect that "isn't this bandwidth theft?" and the response from one of the posters was to cite the site he was lifting the images from and say that somehow this therefore wasn't theft.

Someone else beat me to the point that it actually is, and courtesy of that other site's T&Cs that it was also breach of copyright, but it made me realise that in the world of the discussion board in particular, there seems to be a whole community of people blind to issues of either intellectual property or simple resource appropriation.
posted by jonpollard at 4:26 PM on July 31, 2002


Also, with regards to the mods to .htaccess to prevent hot-linking. All the methods described work, but you will also lock out certain valid traffic to your site - no way around that.

Not if you allow blank referrers as well as referrers from your own domains as the original .htaccess does. Technically you should probably allow anything that doesn't start with http:// or does contain one of your domains, since some people are behind firewalls that block their referrers and replace them with text strings such as "Blocked by Norton." We can let these guys through. ;)
posted by kindall at 4:32 PM on July 31, 2002


It would seem that one could use the .htaccess Rewrite rule to send not just a substitute image, but any url...

So that when someone hotlinks to an image that is protected by the .htaccess file, they instead get a JavaScript program that traps their page in an infinite loop (or contains some other noxious trap).

Possible?
posted by mikewas at 7:10 AM on August 1, 2002


Thanks kindall. Also, you don't have to have T&Cs for someone to be breaching your copyright. Copyright subsists in any original work as soon as it is captured in a tangible medium (proving you own it may be more complex). Unless you have permission to use it, you can't. Conversely, anyone who doesn't mind you using it will give you permission.
posted by walrus at 7:15 AM on August 1, 2002


True, walrus - I just meant to indicate that this was the particular approach that seemed to work for the perpetrator in question, but yes, it's definitely worth the world at large being more aware that copyright doesn't even need to be asserted in order to exist.
posted by jonpollard at 7:27 AM on August 1, 2002


Mike, I believe the browser has to be aware that it's a script before it will execute. A script in place of an image will be discarded as gobbledegook. You can't make an IMG SRC tag into a browser-side include -- or in principle, bugs aside, browsers shouldn't.
posted by dhartung at 7:40 AM on August 1, 2002


Last year some frat boy was using one of my photos on a group blog he shared with his frat-boy friends. I asked him to remove it and got no response. So I swapped it out for an image that looked like a blog entry requesting... the performance of a sexual favor. It got noticed very quickly.

Unfortunately I had neglected to republish the relevant archive page on my site, so the fake blog entry was on display there until someone wrote in to tell me about it. Oops.

I sometimes don't mind this kind of thing if the image is properly credited and there's a link back to my site. Not-quite-free advertising.
posted by davidfg at 8:53 AM on August 1, 2002


For whatever it's worth, either due to the sys admins of envy.nu finally taking Heather's emails seriously, or from the slew of traffic this thread caused, the site that was using Heather's photos has mysteriously gone offline. (I suggest you just take my word for it though, because even though the site has gone offline, the popups have doubled.)
posted by crunchland at 9:27 AM on August 1, 2002


« Older White House acts to shed arrogant image. ...  |  "The national security of the ... Newer »


This thread has been archived and is closed to new comments