FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Is it ethical to hack a client that didn't pay?





D'Artagnan
As a software developer i've worked before with people who would have ways to "hack" into a system to disable the system in case the client didn't pay for the work. some were flaws in the system, and some would be Skeleton Keys for the systems, the principle is the same.

to which extend is a professional allowed to have control over a product?
or in more simple terms Is it ethical to hack a client that didn't pay?

i'll give my opinion below Smile
Afaceinthematrix
I think that if you are paying good money for something then you expect it to be secure. If I paid you and then found out that there was this flaw or way to be hacked in (because if you can do it, so can someone else) I'd be pissed. However, I would not be angry at someone who was upfront with me. "Hey, I programmed in a slight error that will allow me to hack in and disable your system if you renege on my pay but as soon as you pay I'll go and take out that error" would be a non-issue with me.

Similarly, I've heard of a car company that adds in a GPS tracking device into all their new cars. That way if someone doesn't make the car payment then they have an easy time repossessing it. I generally don't have an issue with this if it's in the contract but since I do respect privacy rights, they should be required to remove the GPS device for free by request once the car is paid off because then they do not have a right to track it anymore.
TheLimey
I think the fact you have to ask this question means you already know the answer
Afaceinthematrix
TheLimey wrote:
I think the fact you have to ask this question means you already know the answer


That is a meaningless response to a question that was asked in order to provide some conversation and discussion. There are two answers: yes and no. You cannot just know the answer because both possible answers have valid reasoning behind them and are open to discussion. In fact, I gave my opinion although I am willing to accept that it is possible for someone to choose the other answer and then convince me that their option is superior to mine.

Questions like this dealing with morality such like this (privacy, protecting yourself, etc.) are not easy; they are tricky. Morality is not completely objective.
Ghost Rider103
For your sake, always include a "deactivating system" incase the client ends up using your product and not paying.

Even inform the client of the system if you'd like. Tell the client you are installing a system in which it will remove itself in "x" amount of days (preferably a period of time much longer after the due payment date unless activated, at which point the purge of the system should reset itself).

If the client fails to pay, activate the system. Only reactive your product once the client fully pays.

If the client does have an issue with this, then you can assume the client wouldn't have been worth your time anyways.

That's probably the best option. It's sort of the same thing, but sounds much more professional than "hacking" the client because he did not pay for whatever reason. This way the client will know about how your system works if they fail to pay and they will know they won't be able to rip you off, in which case they will probably not make a deal with you (which is good in that situation).

This is sort of the same thing I do with my web design clients. After being ripped off a few times, I had my developer develop such a system. Has saved us a lot of trouble on a few projects.
coolclay
I would say it is wrong to actually hack someones system that didn't pay, because that would be illegal. But there are much simpler and legal ways to assure that a person didn't steal your software, especially in these modern days when most computers are networked to the internet 24/7. Just program some code that checks an online database of some sort that documents registered individuals. If it detects an unregistered installation, or it's not online, then inform the customer that he has 60 days to get online so it can check the registration or he can pay for it.

Microsoft has been doing this since XP with their validation program, and I believe it has successfully cut down on piracy significantly.
bluepig83
I think I'd agree with a number of the posters that you have a better ground if it was something you had informed the client ahead of time that a lack of payment would result in the disabling of a system.

Without the stipulations in the contract, hacking into the system you developed may potentially be the same as a building construction manager breaking and entering into a building to plant and set off explosives because a client did not pay the bills.
pauline123
I would agree, inform the client of your intentions be it a way in or someother way to disable their system or program if they do not pay. This way you are later able to defend yourself with the contract instead of getting blacklisted because you were taking care to make sure that you get paid. There is no way that one can install a backdoor access and yet make it so that only they can use it. So let them know that they will need to pay to get the little amount of security removed from their code, or something of the like.
standready
D'Artagnan wrote:
Is it ethical to hack a client that didn't pay?

Absolutely not! Granted client is a thief if they do not pay. That is what contracts and courts are for. I think the best solution is to provide customer with trial "time out' software to ensure payment and their satisfaction before final payment.
pll
Yeah the best solution would be to launch an ultimatum to your client. So this way, you would get paid or go in court with the client. I hope you had a written contract.
johans
pll wrote:
Yeah the best solution would be to launch an ultimatum to your client. So this way, you would get paid or go in court with the client. I hope you had a written contract.


processing in court is a legal way but to still you need to invest money and time for the hearings and trials..

For me personally; you invest more time on developing and then you are not paid.. well, we all know we work for good but if someone not paid us then i will agree to hack it.. but still this is the last resort..

By developing something you should put this in mind make sure your codes could no be cracked or jailbreak before selling.. but with the tools available in the internet this is hard to do it..

I believe to give the client more notification and warning before you do the last resort..

Very Happy
Navigator
Of course it's not ethical. That would be seeking revenge, not justice (haven't you watched Batman Begins?)
Insanity
Two wrongs don't make a right. In this case, it's also illegal. Very illegal. This can have disastrous consequences that isn't worth the revenge.
D'Artagnan
Insanity wrote:
Two wrongs don't make a right. In this case, it's also illegal. Very illegal. This can have disastrous consequences that isn't worth the revenge.


once again it depends from where you are, don't take your neighborhood for the world
D'Artagnan
my opinion is quite clear, leaving a hole in a system just so you can control is clearly unethical - because you are giving false information and allowing others to access the system.
in the case of software you have 2 good options to go around possible unpaying clients without having to go to formal justice.

1) you should make it clear that you have the means to manage the system from the toplevel, and you are selling the rights to use the system and not the system itself.

2) you will only provide the test system or hold control of the system until the last payment

i've done both and they are get legal (at least here) ways to guarantee both ends are happy
pll
I'd agree with it D'artagnan
tahayassen
Just put in a system letting your buyer know that you can deactivate it if he doesn't pay.
menino
I don't think it is ethical or legal to hack a client that does not pay.

I think the client should know that the system has the capability of it being disabled or has a backdoor (which is mainly for remote administration / support purposes), upon agreement terms, which you'll should sign off, as part of a business deal.

But in order to ensure payments, shouldn't you, as a software developer, put in checks in the system, so that the software will not work, unless payments are made, after which a code is then put in to activate the system?
That would be the best way to go... at least for the future customers.
nguyenvulong
Ethical or NOT sometimes depends on you conscience . They didn't pay, as my mood I will get angry and give them a big attack for what they did hehe Cool
bukaida
In general, in any kind of professional project, there is a legal contract between the parties. Who ever breaks the contract is subject to legal action. In case of non-payment, the opposite party is liable to claim the amount with damage and interest via the law of the land.
Similarly, a client is expected to get a secured software without any backdoor. If the client can prove that the developer has left a deliberate loop hole in the software, then s/he can claim the full amount back which was paid as advance or whatsoever. No one can take the law in his/her own hand. it is a punishable offense from both the side and completely UN-ethical.

However the scenario is quite different for a free lance developer developing the project over Internet and getting paid online. In that case s/he does not have proper contract in paper and has no option but to take the principle " Tit for Tat".
subhan1
It's not ethical ! Its REVENGE xD
manfer
bukaida wrote:
In general, in any kind of professional project, there is a legal contract between the parties. Who ever breaks the contract is subject to legal action. In case of non-payment, the opposite party is liable to claim the amount with damage and interest via the law of the land.
Similarly, a client is expected to get a secured software without any backdoor. If the client can prove that the developer has left a deliberate loop hole in the software, then s/he can claim the full amount back which was paid as advance or whatsoever. No one can take the law in his/her own hand. it is a punishable offense from both the side and completely UN-ethical.


I totally agree with this.

bukaida wrote:

However the scenario is quite different for a free lance developer developing the project over Internet and getting paid online. In that case s/he does not have proper contract in paper and has no option but to take the principle " Tit for Tat".


So don't work without a contract. Getting a job using Internet as the way to get in touch with the employer doesn't mean you have to work a different way you would do if you get a job by phone as or in person. Make a contract and send it to employer so they sign it and they return it to you (or viceversa, sign a contract sended to you by employer).

There isn't any difference about the ethics, in this situation it is still UN-ethical.

Don't work without contract. Don't deliver work without payment... Just share demos or mockups of work. Anything but setting a backdoor in a project without employer knowledge.
bukaida
manfer wrote:

bukaida wrote:

However the scenario is quite different for a free lance developer developing the project over Internet and getting paid online. In that case s/he does not have proper contract in paper and has no option but to take the principle " Tit for Tat".


So don't work without a contract. Getting a job using Internet as the way to get in touch with the employer doesn't mean you have to work a different way you would do if you get a job by phone as or in person. Make a contract and send it to employer so they sign it and they return it to you (or viceversa, sign a contract sended to you by employer).

There isn't any difference about the ethics, in this situation it is still UN-ethical.



Correct, but it is very difficult to claim damage if any party breaks the contract for the projects over the internet ( specially if it involves multiple countries ). Often the legal action ( if at all can be taken) takes both time and money for the complainer. So very few people wish to pursue it. Moreover the contract breakers take advantages of non uniform cyber laws across the countries.
crystalkey
Do you commit a crime because someone did not honoring a legal obligation? This is the stuff that day-time TV is made for.
kmr_mukund
I think it is wrong to hach those client who doesnot pay fo that software. i think there is number of way to solve this problem so that unpayee user cant use that software...
Insanity
Two wrongs don't make a right...
bukaida
Insanity wrote:
Two wrongs don't make a right...


Absolutely. But then there will be no terminology called "Revenge". Every kind of revenge tries to balance something wrong with another wrong. Revenge (was/is/will be) there in human. The person who does not have it, is a Saint.
darthrevan
Afaceinthematrix wrote:
I think that if you are paying good money for something then you expect it to be secure. If I paid you and then found out that there was this flaw or way to be hacked in (because if you can do it, so can someone else) I'd be pissed. However, I would not be angry at someone who was upfront with me. "Hey, I programmed in a slight error that will allow me to hack in and disable your system if you renege on my pay but as soon as you pay I'll go and take out that error" would be a non-issue with me.

Similarly, I've heard of a car company that adds in a GPS tracking device into all their new cars. That way if someone doesn't make the car payment then they have an easy time repossessing it. I generally don't have an issue with this if it's in the contract but since I do respect privacy rights, they should be required to remove the GPS device for free by request once the car is paid off because then they do not have a right to track it anymore.


I guess I could go with the "if you pay I will take out that 'flaw'" aspect. Though I still wouldn't be fond of a flaw in it in the first place. There are always two sides of a story. So each has its pros and cons. You gotta think to, these days there is a lot of spyware too that people didn't want and sometimes unknowingly accept. So I guess maybe a backdoor MIGHT not be too bad, especially if it is taken away.
iyepes
I don't think so it's ethical, you should use the normal ways to ask for you money in a legal way. It's a client, deal it like a business issue.

If your client notices you hacked the system, your reputation could be compromised with other clients, I think it could be more adverse to you than losing some money in this case.
crazyfffan
No.
Privacy can't be breached to compromise dishonoring behaviors.
Not paying is a business problem, Hacking is unlawful crime.
Related topics
Windows Vista Official Thread
Want to know if LOVE is real?
Do you code HTML or do you use wysiwyg editors?
SEO techniques
[MySQL] Client does not support authentication protocol
PHP image uploads with progress bar AND resizing? [Resolved]
Man Fails to Pay for Gas; Owner Shoots
Muisc/ Video PIRACY, is it right?
why did "god" create "satan"
CS Hacking
pay rise?
Who Hosting a Website
A real-world moral analysis
Hosting business is a good idea?
Reply to topic    Frihost Forum Index -> Lifestyle and News -> Jobs and Learning

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.