How We Went From Being Virtually Unknown to 3k Signups a Day in 5 Weeks Part 1 of 3

I’m sitting in my hallmate’s room incessantly refreshing Mashable.com’s homepage on my iPhone. I just noticed that Mashable’s Senior Editor has been idle on his WhereMyFriends.Be profile for the past hour or so. This means a story about us could be close. The people around me are chatting incessantly about some project due tomorrow. I continue nervously mashing the refresh button. Nothing is happening. “They probably won’t post anything,” I say to myself, “Don’t get your hopes up. There’s always another project.” I refresh the page again. A big picture of a Google Map and a headline that says Map Your Facebook Friends In a Few Clicks  pops up on the screen.

HOLY SH*T! I leap off the bed I’m sitting on and dash down the hall an unbelievable surge of adrenaline running through my body. I barge into the room of two of my friends jump in place screaming “We’re on Mashable! We’re on Mashable!” I dash out and run down the hall, grab my laptop, and call Wesley. We were on Mashable after 5 weeks of work together. How did this even happen?

With the large amount of success that WhereMyFriends.Be has enjoyed I think it’s useful to look back on the past month and take stock. 5 weeks ago I didn’t know either Wesley or Ajay. Today we are approaching 20k total signups on our website after being mentioned on both Mashable and CNN. This is the story of how we went from there to here in 5 weeks. This is the story of the beauty of the web. Part 1 of 3. You can find Part 2 here. Part 3 is here.

I was sitting in computer science class when I “met” Wesley. I put met into quotations because he was sitting in front of me in class programming and I was watching him. Whenever someone in front of you is working on a cool project it’s always fun to do a little sly screen-peaking. From my vantage point I deduced that he was working on website called PennMatch.com. I promptly loaded it up on my laptop. It was a cool little project that had gone viral at our school, the University of Pennsylvania, where we are both freshmen. The basic idea of the site is that you login with your Facebook and it shows you two of your friends, one guy and one girl, and you can press “Match” if you think they would make a good couple. Each person gets his/her own page where they can see who they’ve been matched with. “Cool idea,” I thought. Then I went back to paying attention to me class.

I forgot about Wesley and PennMatch for about a week while I was working on releasing another project of mine called OneSmallPage. Then I saw something on my Facebook that said PennMatch is now PleaseMatch.Me. A bunch of people had liked it so I went to the site again. It was the same general concept except they had expanded the site to include all colleges and high schools, not just Penn. Pretty cool. This time I had a little bit of time on my hands so I pressed “View source” on my browser.

That’s when the fun began.

Part of the design of PleaseMatch.Me  made it so that you were only allowed to match guys with girls. I noticed from a quick look at the page’s source code that because of the way they were storing matches in their database  I could hack the site to match a guy with a guy or a girl with a girl. All I would need was the right Facebook oauth_ids. I promptly loaded up Wesley’s oauth_id from Facebook and the oauth_id of one my other friends Natan. I loaded them into the proper get request, sent it off to his server, and voila on Wesley’s page he had been matched with a guy named Natan Lailari one time. Dan: 1. World: 0. I promptly refreshed the get request a few more times for good measure and then Facebook messaged Wesley telling him what I had done and how to fix it.

I half expected him to be pissed at me. Instead, 30 seconds later I got a Facebook message thanking me for exposing the vulnerability and asking me to explain more what was going on. I went to his room later that day to talk to him a little bit more about what I had done. That’s when he introduced me to his best friend Ajay and we decided to work on our first project together….

Look for Part 2 tomorrow!


1 Mar 2011, 6:40pm | 8 comments

 

Never miss a new post



Subscribe!