|
-
April 23rd, 2004, 11:33 PM
#1
Is this legal 0:-)
I'm currently designing a secure online system and had an idea for a defense of sorts,
I would like to send a URL header holding a few javascript lines:
Code:
javascript: var a = 0; do {alert("Access Denied");} while (a == 0);
as a sort of slap for attempting access to the system. The system currently locks accounts if multiple failed attempts occur, this won't be a single line of defense, but is this legal?
A mind full of questions has no room for answers 
-
April 24th, 2004, 04:19 AM
#2
I can see two ways of lloking at this. Those wiser than myself may find other angles that I haven't thought of.
1. Hacking a hacker still is probably against your better interests, or, two wrongs don't make a right.
2. It's only illegal if you get caught.
-
April 24th, 2004, 05:53 AM
#3
The reason i question it is because i'm really not 'doing' anything, i'm just creating a small, easy to fix, annoyance, but an annoyance
A mind full of questions has no room for answers
-
May 7th, 2004, 10:17 PM
#4
I wouldn't have said that it was illegal; not if popup windows are legal, anyhow. I wouldn't do it because I know how annoying something like that would be (it's happened to me a couple of times on some sites), and even though you are going under the assumption that it will only happen to people who are trying to break into your page, or whatever it is, what if a genuine user simply forgets their password or something like that?
You might say that it wouldn't happen, but can you be sure. If this was an important business project and someone from your client used it with the wrong password a couple of times, they'd have all these alerts popping up even though they are a legitimate user.
But if you are worried about the legality of it, you could always claim it was a simple logic error. I doubt that what you are thinking about doing is illegal, but if it was, using the logic error excuse would be pretty weak. I therefore recommend that you simply don't use it.
ac
-
May 8th, 2004, 04:27 AM
#5
what if a genuine user simply forgets their password or something like that?
Wonderful point
thank you
A mind full of questions has no room for answers
-
May 14th, 2004, 10:37 PM
#6
Junior Member
Even though you've decided against it, you could have simplified your code to this:
while(true){alert("SMACKTARD");}
Just so you know. 
I know the moment\'s near and there\'s nothing we can do
look through a faithless eye are you afraid to die?
Websites I coded: www.fsg-uk.com | www.hackus.tk
-
May 15th, 2004, 01:26 AM
#7
Well you can give them 3 tries, e.g Attempt 1/3 failed.....Attempt 2/3 failed....Attempt 3/3 failed\n Access Denied.
WARNING: THIS SIGNATURE IS SHAREWARE PLEASE REGISTER THIS SIGNATURE BY SENDING ME MONEY TO SEE THE COMPLETE SIGNATURE!
-
May 18th, 2004, 12:02 AM
#8
You would think these line of code would be legal, it's not doing any damage and it can be fixed with a simple "end task" with the task manager. But I still wouldn't use it if I were you, for legitament user's sake!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
