First thing first. I hate these sites meant for so called “socializing”.
Sites like: Orkut, MySpace, etc. Ditto with games like SecondLife.
Heck Man.
Just get out of these places and get a life…. [Be more like Swen, the GBCD ;)]
Anyways. There is this guy who created a, so called, WORM for MySpace.
It was a beautifully written piece of code… all in javascript. What this worm did was, it added Samy as a hero in the profile of every person who visited Samy’s profile.
And that’s not all, it also added Samy as a hero to the visitors who visited ANY affected profile.
He gives a beautiful (and “for-dummies”) writeup:
Story in his own words
Technical details
It created a havoc. Lakhs of profiles were infected in a few hours. MySpace had to take down the site to “repair” it.
The code is so beautifully crafted that it made me smile.
Now, was this wrong?
To a certain extent, YES.
Was it a punishable crime?
mmm… Depends on the extent and type of punishment. [If my views matter… well it’s my blog, so it matters 😉 ]
The recent news is that Samy has been sentenced for three years of probation and 90 hours of community service. He cannot have access to internet during this period. [Though I am not able to understand what it means. He’ll anyways be using ATM etc.] However, this kind of “punishment” doesn’t make a sense to me.
If we really have to punish the “culprits”, why not punish MySpace too?
Why shouldn’t MySpace take the responsibility of the privacy of it’s users?
Why was MySpace stupid to allow DIV tags?
Why shouldn’t iexplorer and safari be sentenced for allowing javascript inside CSS?
These are questions that cannot be answered because the world belongs to the BIG-BAD-BOYS.
What this boy did not really harm anyone. He could have modified the code to steal private information, (the way your gmail book can be stolen).
Moreover, he published the code after MySpace had fixed the problem.
……. and yet he has been SENTENCED.
I am reminded of an incident that Lalit told me about.
There was this guy who informed the site administrator about some loophole in his site and was jailed.
“… but why?”
“Because you are not supposed to peek inside my house, even if the door is open.”
“… and what if I am one of those who have signed up to stay in your house? Isn’t my privacy your responsibility? Shouldn’t I be allowed to check the locks and doors?”
“No. I am a freaking BIG-BAD-BOY. You’ve no right to mess with me. If you even dare, be prepared to be jailed.”
Well…. That makes sense now.
So next time you find a loophole either sit silently or sell it.
That’s all I can conclude.