this could involve hacking and phone phreaking (which the BBS i ran for so long was dedicated too) or this could involve illegal porn or online financial fraud or identity theft or (you name it, really) any number of other types of abuse of the internet.
however, i still do, on occasion, take the random side project as a means of supplemental income.
that said and considering the facts made public in jbhFILE.com, it's a pretty serious event when i decide to take on a contract project involving web development. especially since the investigation discussed in jbhfile.com wishes to bring attention/charges to me involving computer crime.
i have to walk with a light and very public step when approaching such opportunities.
...
today saw the initial client meeting of just such a new project.
i met with representatives of a certain company to discuss the beginning steps towards completing a rather small web presence project for them.
we discussed initial starting content, project cost and a very loose deadline.
...
this blog entry simply makes public that such a project has been initiated and that it will not include any criminal actions on my part.
...
it's rather funny reading this, i know ... but if you read my main site, you'll understand why such a frank and, well, rather strange public statement must be made.
the types of criminal activity possible when dealing with client/server projects on the internet are simply enormous.
for instance, since i'm doing this development work, i will be privy to this companies internal web server login name and password.
this means that should any criminal activity arise around this companies web server in the future, i would be the main person approached for initial questioning.
that's why, as a matter of course, i am stipulating with all such companies that i am not at all interested in an ongoing website support role and that i simply would like to get their project done and then hand the updating resonsibility off to another person who is a full time member of the company.
furthermore, after my role is complete, it will be my habit to brief the company representatives on the wisdom of changing their login password so that i (or any other developer they may be working with, will not be privy to their private data).
regarding how such a server could be mis-used? the possibilities are endless.
here's just a few examples:
a person with said companies log in creditials and with the appropriate technological knowledge could easily acheive the following:
- set up a hidden FTP server where other users could log on to download pirated software or other digital content such as pornographic images or otherwise.
- install trojans or other malware within server directories to launch hack attacks against other computers on the internet (denial of service attacks, etc.)
- use the server storage space as an archive location (again, FTP, but on a more personal note) for various sorts of contraband that said person might not want on his/her local computer (porn, stolen intellectual property, etc.)
and the list could go on and on.
...
and so, for the record ... i simply need to make a daily note that this initial meeting took place.
i'll update this blog as the project nears completion.
-------------------------------------------------------
this post is intended to be supplemental to the facts made public in my main website, www.jbhFILE.com; it probably will not make much sense to you if you have not already made yourself aware of the legal and personal efforts discussed in that site. please see www.jbhfile.com for a necessary introduction into why this blog exists. or, if you just like reading wierd stuff, then don't. and, enjoy.
-------------------------------------------------------
jbh.
-------------------------------------------------------