Luther Blissett discovers a new way of "inverse hacking"

Dear Invisible Cottage,

A friend of mine who will remain "anonymous" has been comitting a "prank" which exposes the possibilities of legal "inverse hacking" of the web. The friend, who is a "webmaster," managed by luck to acquire the domain "www.graphics.com"...it happens that there is a bug in Netscape that, if you put a ? after any domain, it looks up the domain but converts all the "/graphics/" urls in the page to "www.graphics.com." Therefore, people mistyping urls on many high profile sites has resulted in my friends server getting as many as 18,000 calls for missing graphics a week. To take advantage of this situation, he wrote a custom CGI which returns random graphics...which are all Barbara Kruger-esque slogans. To see what I mean, try some of the urls below:

http://www.corel.ca?
http://www.packardbell.com?
http://www.mindsync.com/timeon.html
http://www.toysrus.com?
http://www.tabson.com/Computerlinks.htm

Many of the travel agent sites hit it, but with time- and user-specific URLs that are impossible to duplicate.

What is so funny about all this is that the corporate domains shouldn't be able to legitimately complain, because in fact, they are responsible for massive "unwanted" trafic on his server, and he should be able to use whatever CGI he wants to respond to legitmate missing images called from his server. I don't know if it would hold up in a court of law, though.

Regards,

Luther Blissett