Is this legal 0:-)
Results 1 to 8 of 8

Thread: Is this legal 0:-)

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Location
    LA, CA
    Posts
    292

    Is this legal 0:-)

    I'm currently designing a secure online system and had an idea for a defense of sorts,
    I would like to send a URL header holding a few javascript lines:
    Code:
    javascript: var a = 0; do {alert("Access Denied");} while (a == 0);
    as a sort of slap for attempting access to the system. The system currently locks accounts if multiple failed attempts occur, this won't be a single line of defense, but is this legal?
    A mind full of questions has no room for answers

  2. #2
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,019
    I can see two ways of lloking at this. Those wiser than myself may find other angles that I haven't thought of.

    1. Hacking a hacker still is probably against your better interests, or, two wrongs don't make a right.

    2. It's only illegal if you get caught.

  3. #3
    Senior Member
    Join Date
    Dec 2003
    Location
    LA, CA
    Posts
    292
    The reason i question it is because i'm really not 'doing' anything, i'm just creating a small, easy to fix, annoyance, but an annoyance
    A mind full of questions has no room for answers

  4. #4
    Custom User
    Join Date
    Oct 2001
    Posts
    503
    I wouldn't have said that it was illegal; not if popup windows are legal, anyhow. I wouldn't do it because I know how annoying something like that would be (it's happened to me a couple of times on some sites), and even though you are going under the assumption that it will only happen to people who are trying to break into your page, or whatever it is, what if a genuine user simply forgets their password or something like that?

    You might say that it wouldn't happen, but can you be sure. If this was an important business project and someone from your client used it with the wrong password a couple of times, they'd have all these alerts popping up even though they are a legitimate user.

    But if you are worried about the legality of it, you could always claim it was a simple logic error. I doubt that what you are thinking about doing is illegal, but if it was, using the logic error excuse would be pretty weak. I therefore recommend that you simply don't use it.

    ac

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    LA, CA
    Posts
    292
    what if a genuine user simply forgets their password or something like that?
    Wonderful point
    thank you
    A mind full of questions has no room for answers

  6. #6
    Junior Member
    Join Date
    May 2004
    Posts
    9
    Even though you've decided against it, you could have simplified your code to this:

    while(true){alert("SMACKTARD");}

    Just so you know.
    I know the moment\'s near and there\'s nothing we can do
    look through a faithless eye are you afraid to die?

    Websites I coded: www.fsg-uk.com | www.hackus.tk

  7. #7
    Senior Member Raion's Avatar
    Join Date
    Dec 2003
    Location
    New York, New York
    Posts
    1,299
    Well you can give them 3 tries, e.g Attempt 1/3 failed.....Attempt 2/3 failed....Attempt 3/3 failed\n Access Denied.
    WARNING: THIS SIGNATURE IS SHAREWARE PLEASE REGISTER THIS SIGNATURE BY SENDING ME MONEY TO SEE THE COMPLETE SIGNATURE!

  8. #8
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    You would think these line of code would be legal, it's not doing any damage and it can be fixed with a simple "end task" with the task manager. But I still wouldn't use it if I were you, for legitament user's sake!
    I am the uber duck!!1
    Proxy Tools

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •