Japanese Police Charge 13-Year-Old Girl For Sharing 'Unclosable Popup' Code Online

"Japanese police have brought in, questioned, and charged a 13-year-old female student from the city of Kariya for sharing [links to] browser exploit code online," writes ZDNet. An anonymous reader shares their report: The code was a mere prank that triggered an infinite loop in JavaScript to show an "unclosable" popup when users accessed a certain link, Japanese news agency NHK reported yesterday. The popup could be closed in some browsers -- such as Edge and Firefox on desktop -- but couldn't be closed in others, such as Chrome on desktop and the majority of mobile browsers.

The popup was hosted in several places online, and police say the teenager helped spread the links... The teenage girl did not create the malicious code, which had been shared on online forums by multiple users for the past few years. NHK reported that police also searched the house of a second suspect, 47-year-old man from Yamaguchi, and are also looking at three other suspects for the same "crime" of sharing the link on internet forums.
Ars Technica found a tweet suggesting that the code was actually written in 2014.

Japanese police, no mention of tentacles?

I call boroshilt.

Wait,what?

The popup could be closed in some browsers -- such as Edge and Firefox on desktop -- but couldn't be closed in others, such as Chrome on desktop and the majority of mobile browsers

Maybe Microsoft should re-think that plan of re-writing Edge to use Chromium instead of their own engine.

Re:Wait,what?

It's a feature, not a bug.
Limiting what javascript can do might hurt Google's tracking code.

Re:Wait,what?

No it didn't. The Ars Technica article includes the code in question, it's just for (;;) { alert("Slashdot hates Unicode"); } with a Japanese message in the alert. It's your standard alert flood that browsers have had mitigations to deal with for years. If you check the Ars comments they confirm that it doesn't break any modern browser, with the exception of (drumroll) Mobile Safari.

If you want to verify that's all it does, the Ars Technica article provides the Archive.org link to the original website and you can confirm (after ignoring all the JavaScript junk Archive.org adds) that's all there is, it's just an infinite loop that calls alert a bunch. Nothing to break the popup implementation, nothing to try and work around it, just an infinite loop/alert one-liner.

It's not a "crime".

It is a crime. Japan has different laws. Deal with it.

Re:It's not a "crime".

[gweihir]

North Korea and historic Nazi Germany also has different laws. Does not mean these laws are sane, moral or acceptable.

Re: It's not a "crime".

[Dunbal]

And tried to get a battleship named after himself.

Bullshit. No one makes battleships anymore, they're obsolete. A cruiser can easily pack enough punch, including SAMs, anti-ship and cruise missiles. Humongous guns are not a thing anymore. For that you just call the flyboys on the carrier.

Re:It's not a "crime".

[HiThere]

It's their country, so they can have their own laws. I happen to think this particular one, or perhaps just their implementation of it, is brain dead.

Re:It's not a "crime".

[dryeo]

Unlike today people back then knew how war is suppose to be waged. Using the very simple strategy of killing all your enemies using any weapons available and dropping bombs until the rubble bounced.

Actually civilians usually weren't purposely targeted before WWII. I believe there were even international agreements about it.
Assuming you're American, laws against attacking civilians go back at least to the Treaty of Guadalupe Hidalgo, signed with Mexico in 1848. Remember, treaties are the second highest laws in the land.
Modern laws of war can be said to start with the Hague conventions, https://en.wikipedia.org/wiki/....
It was also as much the Allies who first started targeting civilians in WWII, carpet bombing, incendiary bombing were western inventions.

Re:It's not a "crime".

[dryeo]

Probably more the implementation then the actual law, not that I've read it or anything.

Re:It's not a "crime".

[ShanghaiBill]

Actually civilians usually weren't purposely targeted before WWII.

You may want to talk to the people of Georgia about General Sherman.

Re:It's not a "crime".

[dryeo]

That only shows that America has a long history of war crimes, in Sherman's case the Lieber Code, https://en.wikipedia.org/wiki/... and he should have been one of the ones (actually two) tried for war crimes. Seems people have been executed for such stuff since at least 1474, https://en.wikipedia.org/wiki/...

Re:It's not a "crime".

[ShanghaiBill]

Sherman was on the winning side. Only losers are tried for war crimes.

Alt Headline

[DalM]

"13 year old girl in Japan discover's simple browser exploit. Authorities react by arresting her."

Re:Alt Headline

[Krishnoid]

As with all stories, the details are a little more nuanced. She acted on her own agency in good faith, but finally submitted to and received the corporal punishment she was due for her actions.

Heh.

When I was a kid I had javascript on my homepage that would open your CD drive. I'd probably be looking at 10-20 these days, eh?

Re:Heh.

[dissy]

When I was a kid I had javascript on my homepage that would open your CD drive. I'd probably be looking at 10-20 these days, eh?

When I was a kid it was:
20 GOTO 10

Can you imagine the conversation in the prison cell?
"What are you in for?"
"Javascript popup, you?"
"A goto command in basic"
"Goto?! you monster!"

Re: Heh.

[c6gunner]

No you didn't. Maybe vbscript.

Re:Heh.

[angel'o'sphere]

Oh ... I always thought it was a cup holder?

Re:Heh.

\\classmate_computer_network_name\C:\con\con

Re:Heh.

[dryeo]

" Mother rapers. Father stabbers. Father rapers! Father rapers sitting right there on the bench next to me! And they was mean and nasty and ugly and horrible crime-type guys sitting on the bench next to me. And the meanest, ugliest, nastiest one, the meanest father raper of them all, was coming over to me and he was mean and ugly and nasty and horrible and all kind of things and he sat down next to me and said, "Kid, what did you do"? I answered "a goto command in basic" and they all moved away from me "

Re:Heh.

[grep+-v+'.*'+*]

Can you imagine the conversation in the prison cell?
"What are you in for?"
"Javascript popup, you?"
"A goto command in basic"
"Goto?! you monster!"

And they all moved away from me on the bench there, with the hairy eyeball,
And all kinds of mean, nasty things, till I said, "And creatin' a nuisance",
And they all came back, shook my hand, and we had a great time on the bench talking about crime, ...

Re:Heh.

[sysrammer]

20 GOTO 10

Can you imagine the conversation in the prison cell?
"What are you in for?"
"Javascript popup, you?"
"A goto command in basic"
"Goto?! you monster!"

You think *you* had it bad. I was an ALTER boy!

Re: Heh.

[c6gunner]

JavaScript has never had the ability to access local files when running in a browser. If it did that would be a massive security issue. You've just further demonstrated that you're full of shit.

Matter of perspective.

They might be insane and immoral...to you. To them it it is quite sane and moral. Sanity and morality is what the group decides. The fact that it is not the same as yours means that is YOUR problem. You don't like it? Don't go there. That group has decided to make their own rules as to what is what. For you to attempt to impose your own beliefs is the height of entitlement.

Re: Matter of perspective.

[c6gunner]

Ah, good old moral relativism! Who are we to tell Nazis that it's wrong to kill all their Jewish citizens? That's the height of entitlement! They're allowed to have their own rules!

Re: Matter of perspective.

[dryeo]

Well, we didn't declare war on them until they invaded Poland and America waited until Germany declared war on them.
As for the Jews, first they tried to get rid of them. When no one would take them, they tried to create a homeland in Madagascar for them. When that failed, they came up with the final solution.
If the rest of the world cared, they could have let those refugee ships full of Jews land.
After the war, the Jews did get a big PR campaign going to lay down the guilt. Notice how little the Nazi's genocide of the Roma is talked about.
Most of the genocides that have happened since WWII also haven't resulted in military intervention.

Re:Matter of perspective.

[ShanghaiBill]

Sanity and morality is what the group decides.

Ethics are decided by the group. Morality is up to the individual.

You don't like it? Don't go there.

She was born there. So she didn't have a choice.

Freedom of expression is a universal right. We should speak out if it is denied anywhere.

Re: Matter of perspective.

https://en.wikipedia.org/wiki/...

The "Madagascar Plan" was never a realistic plan to move Jews to a safe place. The plan was to turn Madagascar into a police state run by the SS that would accept 4 million Jews over 4 years.

The Polish government determined that Madagascar could only support 5,000 to 7,000 families.

Without the resources to support so many people the vast majority would die due to the harsh conditions.

The Nazis were basically trying to turn Madagascar into a giant concentration camp.

Is there a legitimate use for such things

[140Mandak262Jamuna]

So some language feature is being misused by the some app. But the OS should have some sort of intervention to cut in and terminate the errant application. So why is that not possible?

Re:For a loop?

Not life, just 10 to 20

OMFG she's a time traveller from 1996

[future+assassin]

hail the JS trickster from 1996.

Glad I grew up 30-40 years ago

[Snotnose]

Back then the fun hack was to edit someone's .login file so the first line was logout. Back in the days of VT-100 tubes connected to VAXen running Unix.

Half the shit we did back then would get us tossed in jail for 10+ years now.

Re:Glad I grew up 30-40 years ago

[mapkinase]

One thing is the group is 100 people strong. Another thing is when it is 100 million strong.

Re:Juvenile criminal records

[Luckyo]

No shortage of murdering kids in the country where there's a massive shortage of murders in general? Have you seen then murder numbers?

Citation or crawl back under your bridge on the "lack of shortage of child murderers in Japan".

Shots fired

[jargonburn]

Google and other search engines should pay attention to this. Obviously, linking criminal math is a crime!

Re:Juvenile criminal records

one example is not a citation backing up 'no shortage of murdering kids'

Unclosable? Innovative?

[CustomSolvers2]

I have been seeing annoying (theoretically-)impossible-to-close, uncaught-by-blockers pop-ups for years when accessing certain (cough) sites. The "fix" is easy: kill the browser and/or the given popups. On Windows, some browsers even allow you to close unclosable-otherwise windows by right clicking on the task-bar icon and selecting the window you want (I guess that this has its own thread, unlikely the top closing button on the popup windows). To not mention the tiny issue that this is about JavaScript and well... you could just disable it!

Firstly, creating infinite loops is one of the simplest actions you can perform in programming; actually, it is usually an error or the result of a bad approach in general or in that case. Freezing an application with an infinite loop is one of the most trivial things anyone can do (why publicly releasing a very simple piece of code is relevant at all?!). On the other hand, if an infinite loop can freeze a given GUI, it would mean that the creators of that piece of software haven't done a particularly good multi-threading work (and I am say that despite not being precisely a GUI expert myself). Secondly and as explained above, there is nothing innovative about this thing. And thirdly and more importantly, presenting charges against anyone of any age and with any intention for something so ridiculously inoffensive says a lot (about the ignorance) of the given administration/administrator.

I guess that the we are now in a world where just a word ("exploit") and a baseless-assumption (e.g., young people know how to do stuff with computers) is enough to invent a non-existing something. On the bright side, this seems a win-win situation. The administrator/administration (unmotivatedly) gets an image of zero-tolerance with cyber-criminals. The girl gets her 15 minutes of fame, likely to be very positive, mainly lately and by bearing in mind that we are talking about a young female in a men-dominated field who is (slightly-) against the system.

Re:Unclosable? Innovative?

[CustomSolvers2]

not a single week that goes by wherein I don't accidentally discover yet another way to lock up a web browser

Even if you did it intentionally, making a given piece of software or part of it irresponsive isn't malicious in most of scenarios. It might be the consequence of a bad implementation or even an implicit security measure (e.g., in case of doubt, get blocked).

Crappy

[AndyKron]

In other news Japanese police arrest man for wearing a bow tie.

Re:There are more than two arthropods

[dkman]

I have no intention to read the article (just being honest), but it seems dumb to punish a person for pointing people there and doing nothing about the sites hosting the content.If the page wan't there people would just get a 404 error, not an unclosable popup. And can't those affected just close the app?

wow

[sad_]

if that stuff already is cause for police questioning, what the hell...

this is a prank, you know, like the one where you say 'press alt-f4 for admin rights' in a chat channel, no harm was done, chill out.

Re:Juvenile criminal records

[Luckyo]

You provided excellent evidence for my point. Not only did you show no evidence for high number of child murderers, but you had to dig thirty years back into the past just to find a single murder case.

Re: Juvenile criminal records

[Luckyo]

The difference between modern civil societies and barbarism is that even in event that this was your daughter, if you're a decent human being, you will be able to say something among the lines of:

"This was an abhorrent crime, but we have a justice system and I'll let that manage the response".

Not that I'd expect a sociopath such as yourself to understand.