Northwestern University and Evanston's Only Daily News Source Since 1881

The Daily Northwestern

Northwestern University and Evanston's Only Daily News Source Since 1881

The Daily Northwestern

Northwestern University and Evanston's Only Daily News Source Since 1881

The Daily Northwestern


Advertisement
Email Newsletter

Sign up to receive our email newsletter in your inbox.



Advertisement

Advertisement
‘You know absolutely nothing’: Students frustrated with NU’s handling of academic integrity cases
NU’s Summer Class Schedule offers flexibility, opportunities for academic advancement
Community awards, advocacy headline Evanston’s fifth annual Juneteenth parade
Race Against Hate: Ricky Byrdsong’s Legacy
The Week Ahead, June 17-23: Juneteenth, Summer Solstice and Pride Celebrations in Chicagoland
Evanston Environment Board drops fossil fuels divestment, recommends updates to leaf blower ordinance
Derrick Gragg appointed as Northwestern’s vice president for athletic strategy, search for new athletic director begins
Advertisement
Perry: A little humility goes a long way

Brew, Hou, Leung, Pandey: On being scared to tweet and the pressure to market yourself as a student journalist

June 4, 2024

Haner: A love letter to the multimedia room

June 4, 2024

Derrick Gragg appointed as Northwestern’s vice president for athletic strategy, search for new athletic director begins

Lacrosse: Northwestern’s Izzy Scane wins 2024 Honda Sport Award

June 13, 2024

Lacrosse: Northwestern’s Izzy Scane wins 2024 Tewaaraton Award

May 30, 2024

Advertisement

Campus Kitchens fills plates and hearts

NU Declassified: Prof. Barbara Butts teaches leadership through stage management

Everything Evanston: Behind the boba in downtown Evanston

Medill students find vulnerability in The New Yorker magazine’s paywall

Three Medill graduate students are generating buzz in the tech blogosphere with an article on their online magazine’s site that exposed compromising vulnerabilities in The New Yorker magazine’s paywall system.

Jesse Young, the tech brains of the three-man team, discovered a coding flaw in the system meant to protect content from non-subscribers. Young authored the first of two articles, “The New Yorker, or How Not to Set Up a Paywall, Part 1,” published on Oct. 19. One of his co-editors, Kevin Shalvey, wrote the second on Oct. 25.

Flood Magazine is the brainchild of Young, Shalvey and another one of their Medill classmates, Spencer Rinkus. The three started up the online publication as an independent study for course credit in July. It was meant to serve as a venue for experimenting with the kind of writing they weren’t getting to try in their graduate program, Rinkus said.

The magazine has centered its coverage on the convergence of technology and the future of journalism.

“We decided to focus on the media and technology,” Shalvey said. “Not just gadgets but the way people get information and how it’s evolving.”

Young’s discovery came from casually perusing script for the archive login of the The New Yorker, a magazine to which Rinkus said the three students already subscribed.

“It’s pretty common for web developers to look at other websites,” Young said. “It’s similar to writers and journalists looking at other writers’ work.”

He found that a few extra lines of code could circumvent the archive’s paywall, allowing anyone to access the content free of charge.

Paywall systems are gaining traction in online media as print products hemorrhage cash. The Wall Street Journal has made users pay for content since 2008. It has approximately 400,000 subscribers and benefits from readers who have the option of using their subscription as a business write-off. Last winter The New York Times announced it would be instituting a metered content system as well, beginning in January 2011.

Before publishing the paywall story, Flood Magazine editors reached out to The New Yorker about the coding flaw but received no response, according to Rinkus.

“We talked to Prof. Marcel Pacatte, who is the advisor for our magazine. He called the school lawyers, and we edited the story,” Young said.

The first story did not instruct readers explicitly on how to get around the paywall, but it did succeed in attracting the attention of a number of Internet tech personalities and media sites, many of whom have Twitter followings numbering in the hundreds of thousands, Rinkus said.

AdAge.com cited the article as the “best tech writing of the week,” for the week ending Oct. 29.

Though they did not hear back from The New Yorker until this week, Rinkus said as paid subscribers to the magazine’s site, he and the other Flood Editors received a flurry of e-mails the day of publication.

“Every e-mail was kind of frantic,” Rinkus said. “In reaction to our article, we put up a bunch of upset tweets from New Yorker subscribers. Everyone was mad the passwords got changed. They e-mailed everyone new passwords, which isn’t secure. They just kept digging and digging.”

In the second installment of the series, Shalvey compared the discovery to Jon Lech Johansen’s exposure of DVD encryption weakness. But the students avoided specifics in the article to protect themselves from possible litigation, Young said.

The magazine website has steadily gained in popularity and has launched a sister site called Flood Lite. What began as an almost accidental discovery could give the publication the edge it needs as it seeks funding to sustain its future.

Young and Rinkus will be graduating at the end of this quarter but hope to continue working on the site remotely.

“We are happy to do it,” Rinkus said, “to create a space not a lot of people have explored, where writers write about technology and the state of journalism.”

[email protected]

Activate Search
Northwestern University and Evanston's Only Daily News Source Since 1881
Medill students find vulnerability in The New Yorker magazine’s paywall