« Engrish e-mail scam | Main | Comment spammed again! »
Security through obscurity - web style

I found a hilarious example of security through obscurity on a doctors' office web site today. I right clicked a link so I could do Open in New Window, but some javascript caught my right-click and popped this up instead:

rightclicksecurity.png

Not only does this annoy users and look unprofessional, but it protects nothing! You could click View -> Source or open the files from the IE cache if you really wanted to copy some code. I can't even figure out what they think they're protecting since the majority of the javascript on the page is just for popping up that annoying message box.

I was curious to see what kind of web development outfit would use such ridiculous security measures, so I clicked their link at the bottom of the page. I laughed out loud when I saw their web server had apparently been protected about as well as their HTML. Hackers had replaced their homepage with the following message:

hackedwebdevs.png

I'm still chuckling about this one.

Posted by JoshC at June 9, 2004 09:06 PM
Trackbacks
TrackBack URL for this entry:
http://www.joshchristie.com/weblog/mt/mt-tb.cgi/60

Listed below are links to weblogs that reference 'Security through obscurity - web style' from Josh Christie's Weblog.
Comments

haha, classic.

Posted by: at June 10, 2004 10:41 AM

Yea i use this technigue on one of our websites that deals with the construction industry. I told them it doesn't really stop anyone if they know what they are doing but they still wanted the popup because it probably stops 95% of the people accessing our site (mostly construction people). They didn't want people downloading any pictures from the site. Anyways, just wanted to let you know that most of us know how to get around this annoyance but it does have it's place elsewhere.

Posted by: Steve Lineberry at August 26, 2004 10:43 AM
Post a comment









Remember personal info?