Implementing a 'kill switch', ethically dubious question!

[eluser]tolyx[/eluser]
Hi all,

Sorry to have to ask this, but I'm in the middle of a small project for which I suspect I might not be paid. As such I want to implement a kill switch which will effectively disable the website, without having access to the FTP or database on which it will be hosted.

So in the case that he doesn't pay, can you think of an appropriate way that the site can be disabled such that the user will not be able to bring the site back online without some very specific technical knowledge of the underlying code?

Thanks!

[eluser]Bogdan Tanase[/eluser]
I'm not sure about ethics but here's my idea:

A simple get request:

http://badsite.com/controller/function/kill_me -- change this to something not that obvious

then put the kill condition in the controller. You may want to hide it well along with useful controllers/functions and use some innocent names. Maybe add the kill logic in CI core files for more obscurity...

Then, you can wipe the database each time you run the kill condition.

[eluser]Daniel H[/eluser]
You could do this via some sort of written/db key which is read by a hook?

[eluser]tolyx[/eluser]
Yeah I'm not into the idea of wiping data, so a hook/key combo might work. Any other bright ideas about how I could do this?

[eluser]jedd[/eluser]
Really, this is not a technical problem but a legal one. Attempting to solve non-technical problems with technical solutions is an easy trap.

If you are in doubt about your client's ability to pay you, discuss this with your client. If you are in doubt regarding their intent to pay you (a big difference) then you should refer to your contract. Absent a contract you are in especially tricky territory if you go down the path of intentionally damaging their business in an attempt to extort money, or seek revenge. Neither are looked upon favourably by the law, and it would be unfortunate if your legal recourse was jeopardised by your own actions.

[eluser]Bogdan Tanase[/eluser]
hooks are even nicer!

Wipe was just the example action, not the recommended one Once you get access to the DB you can do anything.

LE: jedd, you are of course very right!

[eluser]tolyx[/eluser]
Yeah you're right Jedd, but since it's a small project and a small client, going down the enforceable contract route will just make things more awkward than they are already.

And ultimately a non-payment of an agreed piece of work is worse than temporarily disabling a website that hasn't been paid for?

[eluser]jedd[/eluser]
[quote author="tolyx" date="1238524276"]Yeah you're right Jedd, but since it's a small project and a small client, going down the enforceable contract route will just make things more awkward than they are already.[/quote]

If you are contemplating this, and indeed if you ever implemented and utilised a break-in-and-destroy software component, then things would be way more awkward than discussing this with your client now. If you think it's adversarial already, then just get out - it'll cost you much less in the long term.

I'm getting the impression that you have no contract at all.

And ultimately a non-payment of an agreed piece of work is worse than temporarily disabling a website that hasn't been paid for?

A verbal contract isn't worth the paper it's written on.

But more importantly, what do you mean by 'worse'? This sounds like an ethical judgement, which whilst being debatable (in a good, sunny afternoon down at the pub kind of way) is completely irrelevant (in an expensive, legal kind of way).

Consider what would happen if you did this thing. Or worse, you implemented it, and it is accidentally initiated by someone else. You are now arguably liable. Up until that point you had little or no responsibility - best effort stuff, basically - but this action will put you in a particularly vulnerable legal position.

Think about what can happen under the two scenarios - (re-)negotiating a contract / walking away now, OR wantonly destroying this client's web site.

Under the former you may lose some money and/or time. Your client will be annoyed, particularly if they did intend to pay you and therefore cannot understand why you broke the contract. If your assessment is correct, they'll be grumpy but would, even if they did not acknowledge it to you, understand your reasons.

Under the latter your client can sue you for damages to their business. It is likely that they could make a case that these damages are way greater than the income you are expecting. Heck, if you are in EU/AU/US/UK (etc) your legal costs alone are likely to be greater than your expected income. At the end of this arduous and soul-destroying process you will have removed any chance of compensation from that client, you will be out of pocket, and you are likely to have so much mud thrown at you that you risk engaging future clients.

[eluser]tolyx[/eluser]
Absolutely agree with you Jedd, I'll have to think this through. But I should stress that I am not contemplating destroying a website - simply disabling it on a temporary basis, leaving a polite "Currently offline" message.

[eluser]johnwbaxter[/eluser]
Show them the whole site on your own web space and put it on theirs minus a few critical functions and tell them that you'll upload the rest of the functions on full or part payment.

Seems fair to me.