dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1197

Smokey Bear
veritas odium parit
Premium Member
join:2008-03-15
Annie's Pub

Smokey Bear

Premium Member

Web designers admit to trashing client's Web site

said by ComputerWorld :

Executives from a Seattle-area consulting company are facing prison time after pleading guilty to charges that they wiped a client's Web site off the Internet following a contract dispute.

Minecode, in Bellevue, Wash., had built the online gift shop for wine retailer Vinado, but things soured in late 2006, according to a statement released Thursday by the U.S. Department of Justice. In December, Minecode President and CEO Pradyumna Samal ordered Sandeep Verma, a project manager at the company, to disable the Web site's gift shop. The next month, Samal "caused commands to be transmitted to Vinado's Web site that resulted in the deletion of Vinado's Web site, e-mail server and database in its entirety," the DOJ said.

Samal and Minecode pleaded guilty Thursday to two misdemeanor counts of computer intrusion. The project manager, Verma, has pleaded guilty to one count of the same charge. The two men face up to a year in prison on each count and fines of up to $100,000. They are set to be sentenced on April 8 at the U.S. District Court for the Western District of Washington.

"Computer intrusion is a serious crime," the DOJ said. "Whether it is a hacker seeking to harm our citizens or misguided businessmen using technology to escalate a dispute, these crimes will be investigated and prosecuted."
Full article: »www.computerworld.com/ac ··· =9125560
Smokey Bear

Smokey Bear

Premium Member

Click for full size
Minecode's Patented Invincible Web site, e-mail server and database Crusher

JohnQPublic6
Premium Member
join:2002-03-22
Xanadu

1 edit

JohnQPublic6 to Smokey Bear

Premium Member

to Smokey Bear
Moral of the story: Don't piss off the Web developer.

Note to self: Mail story to all my clients.

Smokey Bear
veritas odium parit
Premium Member
join:2008-03-15
Annie's Pub

Smokey Bear

Premium Member

said by JohnQPublic6:

Moral of the story: Don't piss off the Web developer.
Right you are!

Stem Bolt
Ancient Astronaut Theorist
Premium Member
join:2002-11-08
Metropolis

Stem Bolt to Smokey Bear

Premium Member

to Smokey Bear
The point I got from the story would be to hire an ethical Web developer next time.
PrntRhd
Premium Member
join:2004-11-03
Fairfield, CA

PrntRhd to Smokey Bear

Premium Member

to Smokey Bear
They are facing some darned serious charges, extortion might be another charge piled on. This is a case where a
it is real good practice for the client to sign a contract with the developer explaining the work to be performed and the terms of completion, but wiping out the customer's business is not acceptable behavior. Period.

La Luna
Fly With The Angels My Beloved Son Chris
Premium Member
join:2001-07-12
New Port Richey, FL

La Luna to Stem Bolt

Premium Member

to Stem Bolt
said by Stem Bolt:

The point I got from the story would be to hire an ethical Web developer next time.
What about the clients who apparently didn't abide by the contract they signed (probably didn't pay for services rendered)? Maybe a background check on prospective clients might be in order to make sure they aren't dead beats.

VikingBob
Go Jets Go!
Premium Member
join:2004-06-05
MB Canada

1 edit

1 recommendation

VikingBob to Smokey Bear

Premium Member

to Smokey Bear
Taking the customer's shop offline is one thing. Deleting everything entirely is another matter. Minecode should have realized that was not too bright... I'm with PrntRhd on that. Even if the client didn't fulfill his part, that's still a no-no.

Edited to add this afterthought - Impounding your car for unpaid parking tickets is acceptable. Sending your car to the crusher, no. Same thing here.

Stem Bolt
Ancient Astronaut Theorist
Premium Member
join:2002-11-08
Metropolis

2 edits

Stem Bolt to La Luna

Premium Member

to La Luna
said by La Luna:
said by Stem Bolt:

The point I got from the story would be to hire an ethical Web developer next time.
What about the clients who apparently didn't abide by the contract they signed (probably didn't pay for services rendered)? Maybe a background check on prospective clients might be in order to make sure they aren't dead beats.
Things could have been addressed in a court of law. If the client was cheating the developer, they could have hired a lawyer or took it to some form of mediation. The developer employs 500 people, I think they could have afforded to hire an attorney. Deleting the clients website was to say the least, unprofessional.

WeenieBoy
join:2003-06-25
Pasadena, MD

WeenieBoy to Smokey Bear

Member

to Smokey Bear
So I would take it that the Web developer planted a backdoor for this if I take the orignal post at face value.

"The next month, Samal "caused commands to be transmitted to Vinado's Web site that resulted in the deletion of Vinado's Web site, e-mail server and database in its entirety," the DOJ said."

Thus I would conclude he built in this "feature" just for what purpose ? Did the customer ask for it ? You draw your conclusions.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by WeenieBoy:

So I would take it that the Web developer planted a backdoor for this if I take the orignal post at face value.

"The next month, Samal "caused commands to be transmitted to Vinado's Web site that resulted in the deletion of Vinado's Web site, e-mail server and database in its entirety," the DOJ said."

Thus I would conclude he built in this "feature" just for what purpose ? Did the customer ask for it ? You draw your conclusions.
No back door is needed, only ftp or telnet access to the web server (which the developer would have in order to do normal maintenance). The ftp or telnet client would send the commands to the server.
NetFixer

1 recommendation

NetFixer to VikingBob

Premium Member

to VikingBob
said by VikingBob:

Taking the customer's shop offline is one thing. Deleting everything entirely is another matter. Minecode should have realized that was not too bright... I'm with PrntRhd on that. Even if the client didn't fulfill his part, that's still a no-no.

Edited to add this afterthought - Impounding your car for unpaid parking tickets is acceptable. Sending your car to the crusher, no. Same thing here.
Expanding the car analogy, the traditional mechanic's lien is designed expressly to force a recalcitrant client to pay the bill. The web server equivalent would be to redirect traffic to a "temporarily out of service" page until the bill is paid. I have been forced by client inaction to use variations of this myself on a few occasions. I have also had to negotiate with web hosting services and domain registrars on behalf of clients who have had their web site taken off-line because of billing disputes.

Actually deleting the site was certainly not a smart move, and sounds more like revenge than a debt collection tactic.