Slashdot Mirror

← Back to Stories (view on slashdot.org)

Googling Your Way Into Hacking

Posted by CmdrTaco on from the don't-be-stupid-here-people dept.

knifee writes "New scientist is running an article explaining how hackers can use Google's cache to quickly hunt down sensitive pages, for example, by searching the terms "bash history", "temporary" and "password". Might be worth looking at this tutorial about robots.txt if you think you might be at risk." That's pretty amusing.

3 of 431 comments (clear)

  1. Hacker, not cracker? by Phantasmo · · Score: 1, Offtopic

    I find it kind of depressing that even in Slashdot abstracts the word hacker isn't translated into the more correct "cracker".

    In this case, you could argue that using Google's cache to track down information for the purposes of cracking is very clever and is therefore deserving of being called a "hack", making the cracker a hacker.

    --

    The US Army: promoting democracy through unquestioned obedience
  2. script kiddies by y77 · · Score: 0, Offtopic

    I have several methods for password in the other pages. Of course, its content. Now Im really sensitive about it from their cache until Google requesting robots.txt more often than they are dozens of all the deflecction technique in ~/.bash_history? The first thing I disallow /unpub only. That contains su in the a number of google searches. The only 2 history in apaches mod_rewrite to my site map of those two thats how much is a perl script kitty tool as it is a deflecction technique. The next thing I would imagine is that it should work. Is anyone aware of my site? Of course I have a box that is a mistake and wiped it. Everyone must aware of those are who are Unix stupid, so they dont even know what my cat could script, if I say kitty instead of kiddie because even then, it's a webserver!

  3. wrong wrong wrong. by mumblestheclown · · Score: 0, Offtopic
    i suspect i will be modded as a troll. oh well.. i have the karma for it.

    look - i like and use google. and, i fully appreciate that a great number of slashdotters here also like google because while it may be a for-profit closed source entity with very little transparency or accountability, at least a) it's not microsoft, and b) it works.

    however, i think a few lawsuits of google are in order. google can afford the damages, and the net will be better for it.

    as an author of a web page or even a log file, you have the right to publish and de-publish it. just because it's on the net does not give google the right to cache it indefinitely. it is not MY legal responsibility to make sure that I proactively do robots.txt or whatever else the trick of the day is (x-noarchive) - that is the intellectual property equivalent of opt-out.

    if google wants to keep an index of web pages for people to search on, that's fine. heck. even if it keeps the full text internally, that's fine too, as long as it gives people reasonable 'fair use' snippets. but if it caches stuff that an author has removed from the web or that an author has written, say, in order to expose people to a nearby advertisement which google's cache doesn't catch, then google shouldb be guilty of copyright violation. automated or not (ie, the 'napster' excuse doesn't wash here, either)