(keitai-l) Tricking a server or Tricking yourself. (Long!)

From: Juergen Specht <js_at_nooper.com>
Date: 03/16/01
Message-ID: <10819736649.20010316211740@nooper.com>
> Aww... go on. I won't tell anyone.

Hm. Sometimes I wonder how far can you go...Imagine a
company developes something FOR a mobile phone and has
to fight with the following scenarios:

1) Some people write 'fake' headers to request the content
   outside of mobile phones.

2) Some people make screengrabs of content and publish them
   without a basic knowledge of copyright.

--< point 1 >---------
It's quite common to use scenario 1, but to give the tools
public away (including source code) in a mailing list? Especially
one which target is not (only) developers? I don't know if I like
it too much. What's the big difference between simply faking some
headers and faking some packets (except the skills of diving
deeeeeeeeeeep into TCP)?

If you check for example this link to the Nokia sponsored
site TokyoFoodPage (sorry Robb, but your site is way too
handy NOT to used as an example):
http://202.221.249.3/lifestyle/mymenu/e_index_food.html

and point your browser to the link 'Registration' you see
a lot of parameters which will be send to the host w1m.docomo.ne.jp.

This host is not reachable from outside the I-Mode network, so you
have no luck. But with some nasty tricks and some criminal energy
you can do a lot with this information...you even can get access
to this site (which will be a stupid idea, all this work for a
free site!).

But my point is, that I don't like it too much that information to
avoid access control to sites is too simply available on this list.
This is the Internet. *Nothing* is secure.

--< point 2 >---------
Point 2 is another nasty one...as a (part time) photographer myself,
I hate if people have no idea and really don't care about copyright.
I find my pictures also here and there on the Internet, without my
permission for sure, even screengrabs of my personal I-Mode site are
used in brochures of companys overseas.

In our Showcase http://nooper.co.jp/showcase/ we don't even tried
to make any restrictions, because the time you need to find, sue or
kill the copyright violaters can be spend much better and more creative.

<offtopic>
A good example of making a successful business plan out of copyright
violations is my former project (founded 1995, sold 1998)
http://www.stadtplandienst.de a citymap service for some big cities
in germany. Our partner and the provider of the maps was very picky
about copyright violations. So everytime he found (and still finds)
a copy of the maps from the service, he kicked his lawyer to send out
an invoice for the copyright violation.

Unbelieveable how much people have still no idea that drawn maps are
protected as art (typo, manual redrawing, color...)! But since we got
some percents of all incoming money (he won *every* time!) I can say
that this server paid *very* well our bills (and still pays the
bills of the owners now).
</offtopic>

My point here is, not every screengrab is an allowed one.
Especially not if you faked the headers to get access to a site.

Read the 10 myths about copyright (link stolen from the Keitai-L FAQ):
http://www.templetons.com/brad/copymyths.html

So please guys, not everything which can be done, should be done.

Thanks for reading this rant until the bitter end.

Juergen

PS: This post contains a sublimal message :)



[ Did you check the archives?   http://www.appelsiini.net/keitai-l/ ]
Received on Fri Mar 16 14:09:46 2001