Download Unauthorized Script Insertion in Website: Copyright Infringement and Privacy Violation and more Slides Labour Law in PDF only on Docsity! BY EMAIL Flash Network Ltd 7, Sapir Road, P.O.Box 12624, Herzlia 4685211, ISRAEL c/o Solicis Lex A Wing, 6th Floor, Knox Plaza, Behind Inorbit Mall, Next to Hometel Hotel, Off Link Road, Malad (w), Mumbai 400 062 Dear Sir/Madam Ref. No.: VD/AM-‐001-‐ISL I am writing to you on the instructions of my client Mr. Thejesh GN who has received a legal notice sent by you dated 8th June 2015. In your notice you have inter alia averred that my client has violated the copyright of your client Flash Network Ltd. We deny this contention and bring to your attention the following facts and principles in law 1. My client is a reputed software developer for the past twelve years. He is also a reputed blogger and maintains a popular website http://thej.in which is utilized by numerous users. He is also a part of various free software communities and has been involved in research, education and creating awareness about issues related to the internet over the years 2. My client owns an Airtel Postpaid with 3G connection. On the 3rd of June 2015, my client found his website to be very slow on the 3G connection. He proceeded to first check his broadband connection which turned out to be functioning perfectly, and he then checked the site again on his mobile and it was unusally slow. 3. Being an experienced web developer, my client proceeded to debug his website by first checking the souce code of his website http://thej.in on his mobile. He discovered to his astonishment an unusal and unauthorized piece of code including a script called Anchor.js loaded from http://223.224.131.144/scripts/Anchor.js 4. Working on the assumption that someone was trying to hack his website or insert malicious software into it, he examined the source code of his website http://thej.in but did not find anything wrong with it. 5. He then proceeded, as any software professional would, to examine the inserted script and understand what exactly it was doing. This script Anchor.js was exactly three (3) long lines of code consisting of of unreadable code. My client re-‐organized the code to make it readable and called it Anchor_beautified.js which then became a page full of code. Examining the code, my client realized that the inserted javascript was embedding an iframe into http://thej.in and responsible for slowing down his website 6. He discovered that the malicious Anchor.js code was inserting an iframe from the source http://223.224.131.144/l8/Layer8Servlet 7. He proceeded to take screen screenshots of the website showing javascript embeded thej_in_screenshot_from_2015-‐06-‐03_18:49:39.png thej_in_screenshot_from_2015-‐06-‐03_19:01:00.png 8. After this, suspecting that the website belonged to Airtel, he checked who owned the IP address 223.224.131.144 and confirmed that it was indeed an Airtel owned IP address. He then took screenshots of the same to document the details as evidence of violation of privacy and for deficiency of service 9. He then checked the web page http://223.224.131.144 and took a screenhot of the same and called it flashnetworks.png 10. In order to highlight the malicious manner in which this code had been inserted unlawfully into his website, and to educate and inform the general public about it, he proceeded to publish his findings including all the screen shots on GitHub. This is a common practice for anyone