Slashdot Mirror

← Back to Stories (view on slashdot.org)

The NSA's Own Guide To Google Hacking and Other Internet Research

Posted by timothy on from the summer-reading-list dept.

Wired has published a book review of sorts of a freely downloadable book called Untangling the Web: A Guide to Internet Research. If that title came from O'Reilly, Apress, or other big name in tech-publishing, it might be perfectly nice but less interesting. Instead, it was prepared as an internal guide for the NSA, and came to public attention through a FOIA request by MuckRock. (See this video interview with MuckRock's Michael Morisy at this year's SXSW.) The version that's been released is several years old. From Wired's report: "Although the author's name is redacted in the version released by the NSA, Muckrock's FOIA indicates it was written by Robyn Winder and Charlie Speight. A note the NSA added to the book before releasing it under FOIA says that the opinions expressed in it are the authors', and not the agency's. ... Lest you think that none of this is new, that Johnny Long has been talking about this for years at hacker conferences and in his book Google Hacking, you’d be right. In fact, the authors of the NSA book give a shoutout to Johnny, but with the caveat that Johnny’s tips are designed for cracking — breaking into websites and servers. 'That is not something I encourage or advocate,' the author writes." (Hat tip to ThinkGeek's Jacob Rose.)

45 comments

  1. "gave a shoutout to" by Anonymous Coward · · Score: 0, Insightful

    ... is something the NSA would never do.

    1. Re:"gave a shoutout to" by Anonymous Coward · · Score: 0

      They misspelled "shotout".

  2. How about a link to the downloadable book? by Anonymous Coward · · Score: 2, Interesting

    Is that really too much to ask for? Sheesh.

    1. Re:How about a link to the downloadable book? by CanHasDIY · · Score: 5, Informative

      http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
    2. Re:How about a link to the downloadable book? by bogidu · · Score: 0

      Really? You couldn't follow the link in the post to the article and read the first two paragraphs (where there was a link to the pdf???)

    3. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 0

      Why would he want to drive up Wired's page hits?

    4. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 0

      Why would he want to drive up Wired's page hits?

      Because that's how the Internet works?

      Along with rehashing stories from other sites.

      Pretty soon, news site will be like porn sites: click on a link for a video and it takes you to another site with only links to videos and you click on the video you want; which takes you to another site with thumbnails of videos and you click on that thumbnail which takes you back to the site you started at.

    5. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 1

      And to catch tech savvy people who might be problematic simply post an interesting PDF containing a zero day exploit to the nsa website and reference it on popular tech websites.

    6. Re:How about a link to the downloadable book? by Bearhouse · · Score: 1

      Stop moaning...

      Here you go.

      http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf

      40MB but downloads pretty fast.

      Don't expect miracles - a quick peek shows a crappy-quality B&W PDF, (despite the file size). A pretty epub it's not.

    7. Re:How about a link to the downloadable book? by NoNonAlphaCharsHere · · Score: 2

      I didn't say you were paranoid, you must have imagined that.

    8. Re:How about a link to the downloadable book? by Ashenkase · · Score: 2

      Wow, thank you for untangling the porn web.

      You must have done "extensive" research.

    9. Re:How about a link to the downloadable book? by ColdWetDog · · Score: 3, Funny

      Don't expect miracles - a quick peek shows a crappy-quality B&W PDF, (despite the file size). A pretty epub it's not.

      So, it's just like an Amazon Kindle book?

      --
      Faster! Faster! Faster would be better!
    10. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 0

      40MB but downloads pretty fast.

      Don't expect miracles - a quick peek shows a crappy-quality B&W PDF, (despite the file size). A pretty epub it's not.

      In other words 1MB of text and images and 39MB of "undisclosed extra stuff"?

    11. Re:How about a link to the downloadable book? by lister+king+of+smeg · · Score: 1

      how would that work when not everyone uses the same pdf veiwer? a large number of tech savvy people realize that adobe isn't the only provider of pdf rendering software.

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
    12. Re:How about a link to the downloadable book? by X0563511 · · Score: 2

      It's only paranoia if they aren't actually out to get you.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    13. Re:How about a link to the downloadable book? by An+Ominous+Coward · · Score: 5, Funny

      All PDF readers have their exploits, no reason you can't make one document that targets them all. That's why I trained myself to read PDF in binary. Yes, obviously it's a bit challenging but there's something immensely satisfying about being able to visualize the document based on the raw input and, until the NSA gets into wet-ware hacking, it's the one reader technology that's guaranteed to be perfectly sa.... MUST. INFILTRATE. PUTIN. ADMINISTRATION.

    14. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 0

      Wait, you mean actually RTFA? You must be new here...

    15. Re:How about a link to the downloadable book? by Anonymous Coward · · Score: 0

      All PDF readers have their exploits, no reason you can't make one document that targets them all. That's why I trained myself to read PDF in binary. Yes, obviously it's a bit challenging but there's something immensely satisfying about being able to visualize the document based on the raw input and, until the NSA gets into wet-ware hacking, it's the one reader technology that's guaranteed to be perfectly sa.... MUST. INFILTRATE. PUTIN. ADMINISTRATION.

      Neo: Do you always look at it encoded?
      Cypher: Well you have to. The image translators work for the construct program. But there’s way too much information to decode the Matrix. You get used to it. II don’t even see the code. All I see is blonde, brunette, red-head. Hey, you uh want a drink?

  3. Scribd content by kodiaktau · · Score: 1, Informative

    http://www.scribd.com/doc/140287125/Untangling-the-Web-A-Guide-to-Internet-Research

    1. Re:Scribd content by Anonymous Coward · · Score: 0

      http://www.scribd.com/doc/140287125/Untangling-the-Web-A-Guide-to-Internet-Research

      That PDF file is not text-searchable - a great disservice to readers.

    2. Re:Scribd content by Anonymous Coward · · Score: 2, Insightful

      How is a link to a government document you have to "log in with Facebook" to read "informative"?

    3. Re:Scribd content by Anonymous Coward · · Score: 2, Interesting

      Stop using scribd for fuck's sake. It's a horrible web site.

      Just link to the actual PDF: http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf

  4. Wait, What? by Anonymous Coward · · Score: 0

    The headline- "The NSA's Own Guide To Google Hacking and Other Internet Research"

    The quote from the story- "Lest you think that none of this is new, that Johnny Long has been talking about this for years at hacker conferences and in his book Google Hacking, you’d be right. In fact, the authors of the NSA book give a shoutout to Johnny, but with the caveat that Johnny’s tips are designed for cracking — breaking into websites and servers. 'That is not something I encourage or advocate,' the author writes."

    Google hacking, indeed.

  5. This is not some sort of definitive guide by daveschroeder · · Score: 3, Interesting

    It was a guide for open source research, published by one office from 1997 to 2007, and not updated in the last six years. Remember that before you rail on it.

    1. Re:This is not some sort of definitive guide by ColdWetDog · · Score: 1

      Yes, and it was classified. The mind boggles. What other deep secrets are they hiding? A good recipe for Pud Thai?

      --
      Faster! Faster! Faster would be better!
    2. Re:This is not some sort of definitive guide by cayenne8 · · Score: 1, Funny

      What other deep secrets are they hiding? A good recipe for Pud Thai?

      I tawt I taw a Puddy Thai....

      I DID...I DID...I DID tee a Puddy Thai!!!

      :)

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    3. Re:This is not some sort of definitive guide by Anonymous Coward · · Score: 1

      You can see it on the pdf that it was actually unclassified//for official use only and not classified.

    4. Re:This is not some sort of definitive guide by Juser · · Score: 1

      Yes, and it was classified. The mind boggles. What other deep secrets are they hiding? A good recipe for Pud Thai?

      it says right in the footer "UNCLASSIFIED"

    5. Re:This is not some sort of definitive guide by Mike+Frett · · Score: 1

      I didn't see anything about Open Source. The whole thing is about Searching and finding things that most people wouldn't think of. Even the notes at the beginning of the book are a huge tip off. They say, in their opinion, IE has won the Browser Wars; this was all before Chrome of course. The whole thing revolves around Windows XP. I didn't even find it that useful, considering I already knew about many of the topics discussed.

      Of course, they would have an Interest in Windows after the whole Win2k NSAKEY_, and XP followed after. There was even some type of official site they set up to help people 'secure' XP. Secure it from whom I ask, certainly not from their prying packets. I find it surprising the NSA even needed such a book, even more so that it was classified.

    6. Re:This is not some sort of definitive guide by X0563511 · · Score: 1

      If you're not intimately familiar with classification (I'm not) that seems to imply that it used to be classified.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    7. Re:This is not some sort of definitive guide by Anonymous Coward · · Score: 0

      No; that would be DECLASSIFIED.

    8. Re:This is not some sort of definitive guide by AngryNick · · Score: 1

      Yes, and it was classified. The mind boggles.

      The 651 page, taxpayer-funded version of LMGTFY.

      I can only imagine how long the still-classified document for connecting to an office printer must be.

    9. Re:This is not some sort of definitive guide by Anonymous Coward · · Score: 0

      (At one time, I held a clearance)

      In the intelligence community, 'Open Source' isn't about software. Its a term of art which refers to freely available public information; and includes everything from books and newspapers to the web.

      The document is created 'Unclassified//For Official Use Only, and has had the FOUO marking struck out, apparently on 19 March 2013.

      It was never a controlled classified document.

    10. Re:This is not some sort of definitive guide by daveschroeder · · Score: 1

      No, then it would have a classification marker struck from it. This document was never classified, but it was also never released publicly.

    11. Re:This is not some sort of definitive guide by Roachie · · Score: 1

      I saw a Thai Puddy.

      --
      This sig is not paradoxical or ironic.
    12. Re:This is not some sort of definitive guide by Anonymous Coward · · Score: 0

      I find it surprising the NSA even needed such a book, even more so that it was classified.

      What they don't know, or what they need to learn, or what they are not going to learn because it's missing from material they are learning from, are all important secrets as well.

    13. Re:This is not some sort of definitive guide by Stephen+Gilbert · · Score: 1

      "Open source" means something different in intelligence circles: Open source intelligence.

  6. and if by Anonymous Coward · · Score: 0

    and if i showed you mine id have to kill you your familly your neighbors your community , your city , your state/province/territory your nation , and anyone else i think you might give it too....
    on the flip side the nsa has a few more parts they haven't added and we decided to have a copy anyways ......
    thanks for all the fish...

    p.s. everyone talk like a gangster week has begun.....got it punks

  7. Discontinued in 2007 - coincidence? by Anonymous Coward · · Score: 0

    Google started ruining its search and making it useless in 2008 - and it's only gotten worse sense - now Google's sloppy search results are terrible for anyone trying to find specific information instead of trending pop culture chatter. Is it a coincidence that the NSA stopped updating their guide after 2007?

  8. View it online: http://view.samurajdata.se/ by Anonymous Coward · · Score: 0

    and view this and other PDFs safely at:

    http://view.samurajdata.se/

    this news story was submitted with the PDF linked but it was dumped rather than approved - likely because they wanted to give props to an online geek store rather than an AC.

  9. MOD PARENT UP by nutsy · · Score: 1

    Silly joke, but legitimate link.