Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Online Search Engines Lift Cover Of Privacy

timothy posted more than 10 years ago | from the bathwater-around-the-baby dept.

Security 460

Rican writes "MSNBC has an interesting article about how 'Googledorks' are using the powerful search engine to do searches across the web for sensitive and/or private information. Some of this information includes 'Medical records, bank account numbers, students' grades, and the docking locations of 804 U.S. Navy ships, submarines and destroyers.'"

cancel ×

460 comments

Sorry! There are no comments related to the filter you selected.

FLim Flam! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8233441)

Wham Bam!

Re:FLim Flam! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8233476)

Rama Lama Ding Dong!

fp (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8233443)

Teh Goatse Man Says, "Width Does Matter!"
(in Soviet Russia, of course!)

YOU SUCK AT FP (-1, Troll)

Proctal Relapse (467579) | more than 10 years ago | (#8233499)

Re:YOU SUCK AT FP (0, Interesting)

Anonymous Coward | more than 10 years ago | (#8233564)

You suck at making fun of people's sucky FP.

Nothings private (1)

Rodrin (729362) | more than 10 years ago | (#8233462)

Nothing's private anymore anyways. Bleh. What's this world coming to.

Re:Nothings private (4, Interesting)

littlerubberfeet (453565) | more than 10 years ago | (#8233651)

Nothing is private any more. I wholly agree. But:

Anyone else notice that the site is msnbc.msn.com? Isn't Microsoft trying to develop a google competitor?

Am I just another cynical bastard?

Um. (5, Insightful)

Anonymous Coward | more than 10 years ago | (#8233464)

While googlestalking is scary and bad and I'm not condoning it, in this *specific* case, if the docking locations of U.S. naval ships is something that they do not want made public perhaps they should simply not make them public?

Re:Um. (5, Interesting)

Anonymous Coward | more than 10 years ago | (#8233512)

The problem comes when google searches down records in web servers, and using partners such as Opera, will crawl into pages that are normally not publicly accessible!

Here's how it works. Let's say you put a page on your site called

http://yoursite.com/temporary/hidden/dontreadthi s/ private_document.html

And it is not linked to ever.

If you send that URL to someone using Opera with the right settings (but you don't know that) and they read the private document, within minutes GOOGLE WILL CRAWL THAT DOCUMENT!

Nothing is private any more under situations like that. Let's say that private document then links to all your older private documents. Google can then freely crawl it's way in to read the rest.

Who's to blame for this then? not you. You've already ensured you hadn't linked to it. Not the opera user, as they have read the document, and respecting your privacy they've not mentioned it to anyone else

However underhanded tactics like sneaking in a google crawl in this manner is unacceptable to me. My firewall blocks all google crawler bots for this very reason

Re:Um. (5, Insightful)

Anonymous Coward | more than 10 years ago | (#8233573)

Maybe you should use some kind of security instead of just really -hoping- no one crawls/reads/caches your document.

Re:Um. (1)

ethx1 (532391) | more than 10 years ago | (#8233581)

Maybe he wasnt referring to himself but to others (non-techies) that have fallen for this.

Re:Um. (0)

Anonymous Coward | more than 10 years ago | (#8233660)

Maybe he wasnt referring to himself but to others (non-techies) that have fallen for this.

Being a non-techie isn't a good enough excuse anymore. People need to learn to secure their own shit. Losing sensitive data as a result of stupidity is too bad, but maybe it will teach the next dumb fucker not to make the same mistake.

Fuck that shit (4, Insightful)

Anonymous Coward | more than 10 years ago | (#8233646)

Maybe they should just use the fricking robots.txt protocol. That's what it's *FOR*. You can put a little file named robots.txt in the directory you want hidden, put text in it that says "i want this hidden, google", and google will ignore your directory forevermore.

No one has any right to complain if their page is in a search engine unless they followed the robots.txt protocol and the search engine did not.

Re:Um. (4, Informative)

mhesseltine (541806) | more than 10 years ago | (#8233633)

.htaccess anyone?

That, along with an appropriate robots.txt file should be all you would need to prevent a crawl, right?

Re:Um. (4, Informative)

Elwood P Dowd (16933) | more than 10 years ago | (#8233644)

Here's how it works. Let's say you put a page on your site called

http://yoursite.com/temporary/hidden/dontreadthi s/ private_document.html

And it is not linked to ever.


I realize this is redundant, and you were likely trolling, but Google will leave you right the fuck alone, so long as you put another little file at:

http://yoursite.com/robots.txt

That contains the text:

User-agent: *
Disallow: /

I realize this is opt-out rather than opt-in, but there's just one place you have to opt, and there isn't another way that Google could possibly do their job. Everybody else seems to understand that the internet is a publicly accessible network.

So who's to blame? You. You put a sensitive document in a publicly accessible location on the internet, and took no precautions to keep it secure. Not linking to it is not a precaution.

Re:Um. (5, Insightful)

ecalkin (468811) | more than 10 years ago | (#8233658)

documents that should not be available to the general public should be a) behind firewalls where the general public is on the other side, b) stored on web servers that require authentication to read such pages (where the general public does not have username/password), or c) not be stored on a web server!

i think that this is somewhat an issues of bad management and somewhat (maybe more) and issue of the weakness of web service security (compared to something like local novell services).

eric

Kazaa and Gnutella are cooler (5, Interesting)

baryon351 (626717) | more than 10 years ago | (#8233465)

Go into kazaa and gnutella and search for any .doc files. Or some likely sounding names like "resume" or "job application"

It's surprising what people will sit in their kazaa upload directory, using it like a documents dump. Legal papers, company's employee policy documents, employee records, sensitive stuff, medical records.

Taken straight from people's HDs, no hacking, cracking or other media-unfriendly terms needed, just the ignorance of the people who leave this stuff open is needed.

Re:Kazaa and Gnutella are cooler (1)

maliabu (665176) | more than 10 years ago | (#8233503)

will those .doc files be traps to run macro vb scripts once opened?

Re:Kazaa and Gnutella are cooler (1, Informative)

baryon351 (626717) | more than 10 years ago | (#8233546)

They don't seem to be, although many could. There's just too many unique ones out there IMHO.

Then again I don't have a WP that'll run those scripts.

Re:Kazaa and Gnutella are cooler (1)

Elwood P Dowd (16933) | more than 10 years ago | (#8233557)

No problems in in TextEdit.app

Re:Kazaa and Gnutella are cooler (0)

Anonymous Coward | more than 10 years ago | (#8233595)

Some may but as another poster mentioned, there are .pdf files too. I just did a quick search and found .doc, .txt, .pdf and .wps files, all with mildly sensitive info. At the very least people's names addresses and phone numbers.

Re:Kazaa and Gnutella are cooler (4, Interesting)

sunrein (580805) | more than 10 years ago | (#8233544)

No kidding. I did a search using Poisoned (kazaa, gnutella, etc.) to find some tax software. Some colossal moron had left a copy of his tax papers in pdf format in his upload directory. Good thing I'm a kind soul and let him know about it. That would've been easy pickings for someone looking to do some identity theft.

Re:Kazaa and Gnutella are cooler (1)

FlipmodePlaya (719010) | more than 10 years ago | (#8233587)

I'm always amazed when looking through peoples' DC shares. I'd guess that about a quarter of those I look through contain peoples' 'My Documents' folder, including things like school projects and documents with titles like 'eBay', 'PayPal', or 'Amazon'. I can only assume the latter contain records of purchases, and perhaps CC #s.

Re:Kazaa and Gnutella are cooler (0)

Anonymous Coward | more than 10 years ago | (#8233621)

> I can only assume the latter contain records of purchases, and perhaps CC #s.

Not often. I look through those files whenever I come across them, and mostly it's just receipts of what people have bought, screen captures of the screen, or saved .html files of the final screen. There's the odd one with password and CC info, but it's not as common as finding out the user at 204.14.180.234 has saved the receipt for ordering BIG ANAL VOLUME 6

Re:Kazaa and Gnutella are cooler (5, Informative)

tsvk (624784) | more than 10 years ago | (#8233664)

Go into kazaa and gnutella and search for any .doc files. Or some likely sounding names like "resume" or "job application".

Other examples are ".dbx", the file name extension for mail folders in Outlook Express. Or ".pwl", the Windows 9x system password file (supposedly easily crackable with the correct tool).

There are unfortunately clueless users who share their whole hard drive. File sharing programs have however started getting better in discouraging or preventing the users from doing this.

Dorks being found, not finding. (0)

Anonymous Coward | more than 10 years ago | (#8233466)

Actually, the GoogleDorks are the ones being FOUND using google.

Hardc0re hax0r. (2, Insightful)

monstroyer (748389) | more than 10 years ago | (#8233467)

That googledorsk link... You're telling me if i put the word "googledorks" on my website and wait a few months i will be one because it appears in a google search?

Is googledorks a real hacker movement or just some random key word any one with a high ranking web page can abuse?

On another note, the best thing i found that was supposed to be hidden was with the query "quality hentai" This was last year. It has since been secured (by being taken offline).

What have you found?

Re:Hardc0re hax0r. (1, Funny)

Anonymous Coward | more than 10 years ago | (#8233584)

Googledorks. What is it all about... is it good, or is it whack?

Cover of "Privacy" (5, Insightful)

mobiGeek (201274) | more than 10 years ago | (#8233468)

What "privacy"? The information is posted on the WORLD WIDE Web...

Re:Cover of "Privacy" (1)

Safety Cap (253500) | more than 10 years ago | (#8233576)

Ignorant people think that if they put a page on the web without any (obvious) links to it, then it is secret forever.

That's how the Harry Potter Azkaban trailer got released to the world...

Re:Cover of "Privacy" (2, Interesting)

LostCluster (625375) | more than 10 years ago | (#8233578)

What "privacy"? The information is posted on the WORLD WIDE Web... One person's blog topic is another's secret sometimes. There's a big diference to information to give to your family and information you should be leaving within view of Google... but some people don't realize that yet.

I've heard of "cow orkers"... (5, Funny)

Black Parrot (19622) | more than 10 years ago | (#8233469)


...but what the heck are "googled orks"?

Re:I've heard of "cow orkers"... (4, Funny)

Snad (719864) | more than 10 years ago | (#8233572)

...but what the heck are "googled orks"?

It's the technical term for searching the web for the name of an extra in the big fight scenes in The Lord of the Rings movies.

This is a very popular pass time in New Zealand, where 95% of the country's population was used in the Minas Tirith scene.

Re:I've heard of "cow orkers"... (1)

kfg (145172) | more than 10 years ago | (#8233608)

These of course:

OrkOrkOrk [216.239.37.104]

KFG

Why Google? (4, Insightful)

lostchicken (226656) | more than 10 years ago | (#8233472)

Why do people always have to drag Google into this sort of thing? Somewhere, someone is pissed off at Google for putting their medical records on the web, and letting people get at them, when they should be angry at the people who posted them to the web in the first place. It's like calling Southwest Bell your partner in crime because you used DSL to steal from an online bank. It just makes SWBell look bad, just as this makes Google look bad.

Re:Why Google? (1)

Clinoti (696723) | more than 10 years ago | (#8233487)

Because this is the first volley.

Re:Why Google? (1, Insightful)

flewp (458359) | more than 10 years ago | (#8233514)

Brcause they can? Yes, yes, they shouldn't, but they do.

Never underestimate the power of blaming someone/thing else instead of your own actions. (Or inaction)

Re:Why Google? (1)

I Be Hatin' (718758) | more than 10 years ago | (#8233525)

Why do people always have to drag Google into this sort of thing?

Because it works. Though I suppose it would be more of a challenge to do it with MSN Search... I wonder if "MSNDorks" think they're more 1337 than "Googledorks".

Re:Why Google? (4, Insightful)

agentZ (210674) | more than 10 years ago | (#8233559)

Google is a tool, and tools can be used for good or for bad.

Re:Why Google? (2, Insightful)

lostchicken (226656) | more than 10 years ago | (#8233583)

Google is not a "tool" in this sense. A hammer is a tool. I can kill someone with a hammer. The internet is a tool. However, the guy at Sears who tells me where to buy a hammer is not a "tool" (well, he may be, but that's a different kind of tool). He can't be used for good or evil. He can tell me where to find a hammer, which I can then use for good or evil.

Re:Why Google? (1)

agentZ (210674) | more than 10 years ago | (#8233627)

The Internet is just a collection of computers hooked together. Without interaction, "the Internet" doesn't do very much. Google is a tool because it searches the information on all of those computers for me. It performs work. No, it doesn't move atoms around like a hammer. But in the same way my browser is a tool, OpenOffice is a tool, and iChat is a tool, Google is a tool.

Re:Why Google? (1)

mobiGeek (201274) | more than 10 years ago | (#8233624)

Google is a tool
...uh, but this has nothing to do with Google.

This is about the WWW being misused. The fact that Google allows people to easily find those that misused (through mallice, accident or (more likely) ignorance) is nota Google issue.

Re:Why Google? (1)

timiscool999 (596491) | more than 10 years ago | (#8233597)

Look who the story is by: MSNBC.

Haven't you been reading Slashdot these last couple of weeks (shame on you if no)? Microsoft is getting ready to take on the search engine champ...If they can start to chip away at Google's popularity under the disguise as "news" then that's great for them and bad news for Google.

Everything in life boils down to "Who wins and who loses." If you have a knack for figuring that out, then you have a knack for politics and business.

Re:Why Google? (1)

ethx1 (532391) | more than 10 years ago | (#8233609)

And the worst part of this? They called it "Google hacking" in the article. That is just going to bring bad publicity for 2 groups. The google engineers and the "hackers" (another bad thing to add to the forever growing list created by the media).

Re:Why Google? (1)

ruceree88 (597496) | more than 10 years ago | (#8233626)

Because some people need a scapegoat and usually the entity that has the largest mindshare takes the blame.

Re:Why Google? (4, Informative)

Xenographic (557057) | more than 10 years ago | (#8233654)

1) This is old. I remember searching for things like '"index +of" vti' and other such things (try it and modify that search if you like, but it was interesting to find out just what sort of interesting tidbits one might find in such a folder).

2) This is an article from MSN. This information was available long before Google, but it is, at the very least, curious to see this sort of article from Microsoft when they have been going to the press lately about how Microsoft intends to develop their own search technology...

And the naked pics of me and my babe (0, Funny)

Anonymous Coward | more than 10 years ago | (#8233473)

Right here...

Awesome! (1, Offtopic)

NetNinja (469346) | more than 10 years ago | (#8233474)

Lets teach the terrorists new tricks!
NOT!

SS Minnow (4, Funny)

flewp (458359) | more than 10 years ago | (#8233477)

But can they find the last port location of the SS Minnow?!

The worst example.. (5, Informative)

centralizati0n (714381) | more than 10 years ago | (#8233483)

The worst example I saw was the FBI NCIC 2000 manual [state.fl.us] [PDF]. It gives you examples of how to look up criminal records and such... which could be very useful to the criminally vested social engineer.

Duh... (-1)

qat (637648) | more than 10 years ago | (#8233490)

If you have access to anything, you're going to use it to your advantage. It just so happens that people wanted to know certain information. Across the internet it can be prevented-- just don't tell people your name and whatnot. When people you know in real life start learning things you don't want them to know... there's only one thing to do... Kick their ass. It's not googles fault they're so damn awesome!

Ships are moored, not docked (hey-oh) (0)

Anonymous Coward | more than 10 years ago | (#8233493)

To dock is to put it out of water. Right here...

I'd MW but they went subscription... for a dictionary. Is there no end?

You can do this on KaZaA too. (5, Interesting)

leeum (156395) | more than 10 years ago | (#8233497)

This isn't anything too new. For kicks, I once searched for "Resume" and "Credit card" on KaZaA and got hundreds of results. Presumably, the trouble is that people sometimes believe that security through obscurity works - or, in the case of KaZaA, a lack of attention leads people to share files they didn't really want to.

Interestingly, I found a text file with all the user names and passwords for brokerage firms, and bank accounts, of the IT director at the firm I was working in. Scary, considering he was supposed to have "15 years in the IT industry".

Could happen to you (5, Interesting)

bendelo (737558) | more than 10 years ago | (#8233504)

A while back I Googled my credit card number for a laugh. I was shocked to find it in an indexed webserver log for a site I had previously 'tried' to purchase from. (the form timed-out and I gave up).

A quick call to the bank and a few angry calls to the company sorted it, but I was not impressed.

Perhaps a tool to search for ones own private details should be developed to keep an eye on this?

Re:Could happen to you (1)

flewp (458359) | more than 10 years ago | (#8233563)

And that tool would be used to search for other's private details.

And uhm. Well...... if you found your info using google, WOULDN'T GOOGLE BE THAT TOOL?!

Re:Could happen to you (1)

bendelo (737558) | more than 10 years ago | (#8233585)

The idea was some automated system that given your private details, searched for them on a scheduled basis to detect leaks.

Google would be just one of the search engines used.

unlucky you... (1)

segment (695309) | more than 10 years ago | (#8233666)

I would have contacted a lawyer first... As for me... I wish I had some form of luck [google.com]

Cue Dr. Evil (5, Funny)

Clinoti (696723) | more than 10 years ago | (#8233505)

The most basic way to keep Google from reaching information in a "Web server", security experts said, is to set up a "digital gatekeeper in the form of an instruction sheet for the search-engine's crawler. That file, which is called "fembots.txt"

Nothing new (3, Informative)

dattaway (3088) | more than 10 years ago | (#8233508)

People have used this for years to find things like Bill Gates' social security number and all kinds of things we think should be private. Chances are, if its in a record somewhere, that information will leak onto the internet sooner than most people think.

Re:Nothing new (1, Interesting)

bendelo (737558) | more than 10 years ago | (#8233613)

People have used this for years to find things like Bill Gates' social security number

For the curious, it's 539-60-5125. Leaked in 1995. The 539 means it was issued in Washington.

Re:Nothing new (4, Funny)

Beatbyte (163694) | more than 10 years ago | (#8233617)

you mean 539-60-5125?

Re:Nothing new (1)

r00zky (622648) | more than 10 years ago | (#8233668)

And looks like it will prevail for years too:

"Bill Gates' Social Security Number is 539-60-5125 (leaked in 1995)"
source: here [cyest.org] , thanks google [google.com]

I've got a color TV (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8233515)

so I can see, the Knicks play basketball.

FUD Story to pump MSN Search? (3, Interesting)

Quizo69 (659678) | more than 10 years ago | (#8233516)

Hmmm, let's see:

1. Microsoft has stated it wants to win the search engine war.

2. MSNBC (Microsoft owned) puts out story calling Google insecure because it invades your privacy.

3. MSN Search comes out with "secure, private searching" for only $9.95 a month.

4. Profit???

Conclusion: This is nothing more than a FUD story designed to sow the seeds of doubt about Google.

Re:FUD Story to pump MSN Search? (0)

Anonymous Coward | more than 10 years ago | (#8233537)

and if you read the article, you see that it originated at the washington post, dumbass.

Re:FUD Story to pump MSN Search? (3, Informative)

npistentis (694431) | more than 10 years ago | (#8233553)

it was an AP story- I read the same thing in this morning's washington post.

Re:FUD Story to pump MSN Search? (1)

placeclicker (709182) | more than 10 years ago | (#8233632)

Except, the information is on the internet.

The insecurity isn't on the search engine's side, google is just catching a lot of information

Paying $9.95 a month would just cripple people that use search, the rest who would keep using google could still find it.

Google threatens privacy and national security (0, Troll)

ObviousGuy (578567) | more than 10 years ago | (#8233520)

If it is true that the locations of military deployments can be traced using a search engine like Google, the possibility exists that terrorists are using this information to plot further attacks. The USS Cole, which was blown up in the Port of Aden, was tracked in a similar manner by Al Queda bombers.

Likewise, sites like Mapblast now provide aerial photographs of the entire United States and parts of Mexico and Canada, all available with the click of a button. How can we not hold Mapblast (how's that name for irony!) partially responsible for the Two Towers tragedy when several aerial photographs from the site were found in Atta's car?

Search engines have an important part to play. I use Google every day to find information related to my job and for my own personal amusement. However, my job isn't to find ways to circumvent and undermine the U.S. government, so I'm a safe customer. How many people out there aren't as safe as I? Shouldn't Google take precautions to make sure that sensitive data doesn't fall into the wrong hands?

Re:Google threatens privacy and national security (2, Funny)

Neppy (673459) | more than 10 years ago | (#8233574)

How can we not hold Mapblast (how's that name for irony!) partially responsible for the Two Towers tragedy when several aerial photographs from the site were found in Atta's car?
Shouldn't we also hold the gas companies responsible? I bet they found gasoline in his car too.

Re:Google threatens privacy and national security (4, Insightful)

JanneM (7445) | more than 10 years ago | (#8233575)

Shouldn't Google take precautions to make sure that sensitive data doesn't fall into the wrong hands?

No, they should not. They are not in a position to know what _is_ sensitive - and to whom. They can reasonably only assume that anything reachable with an ordinary, polite spider is meant to be accessible to the world at large. If you feel certain information should not be made accessible, bring it up with those actually making it accessible, not with those just indexing it once it is.

Shooting the messenger is not just pointless, it is counterproductive.

Re:Google threatens privacy and national security (4, Insightful)

Concerned Onlooker (473481) | more than 10 years ago | (#8233591)

Sensitive data? Just because it's found through Google online doesn't make it any more sensitive or useful for terrorists. You can walk into any aviation bookstore and buy sectionals for the whole country, and they've got a lot more info than some MapBlast gif file.

Re:Google threatens privacy and national security (0)

Anonymous Coward | more than 10 years ago | (#8233600)

How can we not hold Mapblast (how's that name for irony!) partially responsible for the Two Towers tragedy when several aerial photographs from the site were found in Atta's car?

How can we not hold Al Gore responsible for creating the internet?

mod parent funny! (0)

Anonymous Coward | more than 10 years ago | (#8233638)

nt

Re:Google threatens privacy and national security (1)

offpath3 (604739) | more than 10 years ago | (#8233603)

Why stop there? Google should also block any subversive searches. It could even flag the IP addresses of people making such evil searches and forward them on to the proper authorities!

Homework answers (4, Funny)

form3hide (302171) | more than 10 years ago | (#8233522)

Lets pretend I'm taking a computer science course.

Lets pretend each week I have a program to code.

You see if you pretend, of course, I put the filename into google, and clicked search. In pretend, you know what came up?

The source code to the program I had to write for my university.

But remember, this is in pretend land.

FUD? (1)

FlyingOrca (747207) | more than 10 years ago | (#8233523)

Interesting - only a few days after an article about Microsoft trying to take on Google, they seem to be spreading Google-FUD. Coincidence?

Hard to hide (4, Insightful)

BWJones (18351) | more than 10 years ago | (#8233529)

This all brings up one of the central tenets of computer network security: If it is connected to the Internet, it can be accessed, and sometimes the probing computers that are looking leave their little IP footprints all over the place. For instance, I was rather surprised a couple of years ago watching some IP's scroll through while someone/a software bot was accessing my workstation. Whois revealed nothing, but traceroute revealed an IP that allowed me to do a little more poking around to find out the identity as something from a "Special Collections Service" in Maryland. A little more poking around revealed it to be something involving a state department program whereupon I rather quickly decided to stop investigating. I still don't know anything about them or what they do, but it is surprising how hard it can be to be anonymous on the web. Hey, I am sure even all those Slashdot anonymous coward posters are leaving IP's that can and are documented. :-)

web servers for morons (5, Insightful)

belmolis (702863) | more than 10 years ago | (#8233532)

The real story here is that companies and other organizations and institutions are setting machines up as servers and are too stupid to create an appropriate robots.txt file and/or keep their confidential information elsewhere. Google doesn't just drop in, even on networked machines. I have some sympathy for individuals who don't understand what they are doing when they make their machine a server, but surely any professional sysadmin, even one with limited training and experience, should know better than this. It's the same as leaving your briefcase on the front seat of an unlocked car.

All the news that MSNBC reports... (0, Troll)

klubar (591384) | more than 10 years ago | (#8233538)

Is slashdot just becoming a MSNBC news highligher? This is the second story today reporting on an MSNBC report. Why not just read MSNBC?

problem is not google (2, Interesting)

Anonymous Coward | more than 10 years ago | (#8233540)

The article seems to imply that the problem is Google, but that simply isn't fair--the problem is that people are posting private info to the web. If you don't want the public to see it, don't post it in public.

so who owns it, how can we stop it? (5, Insightful)

HealYourChurchWebSit (615198) | more than 10 years ago | (#8233541)



Part of this problem comes out of who owns the daggoned data. For example, let's say a hospital, instead of using clipboards, uses smartcards to hocket about patient records.

Who own's the data. The hospital, the insurance company paying the bill, or the poor schmuck on the business end of a colonoscopy?

I ask because without the indiviual having the write to own the data, there seems to me little that can be done to protect oneself other than go through expensive and tedious legal channels.

And if someone else can own sensitive data about me, then what can we do, as private citizens with limited resources, to make sure larger entities such as insurance companies play by rules like HIPPA?

Read this once... (2, Interesting)

Comatose51 (687974) | more than 10 years ago | (#8233542)

I read once that an old trick some people used to use is to do a search for "root" on Altavista (yeah, this was back in the days) and it would actually return useful information for gaining access. Not sure if that was just a geek urban legend but it sound plausible to me.

Donald Duck (-1, Troll)

DonaldDuckBigO (749237) | more than 10 years ago | (#8233547)

Donald Duck likes to have a SCREAMING ORGASM when he uses Google to find XXX shots of Daisy Duck.

MOD PARENT UP (-1)

Anonymous Coward | more than 10 years ago | (#8233656)

legal or not? (1)

maliabu (665176) | more than 10 years ago | (#8233548)

in the article, it says "and it is all legal", then it continues to talk about security breaches, so is the whole thing legal or not?

is there such thing as legally breaching a security?

Re:legal or not? (0)

Anonymous Coward | more than 10 years ago | (#8233615)

There is no security on those pages... Someone screwed the pooch when setting up security or didn't bother to protect them at all.

Interesting Nugget (2, Insightful)

Slavinski (713970) | more than 10 years ago | (#8233561)

What I found interesting was this portion of the
article:

Since 2001, the FTC has settled cases with Eli
Lilly & Co., Microsoft Corp. and clothing maker
Guess Inc. for not taking "reasonable" measures
to keep medical or financial information
secure, said Jessica Rich, assistant
director of the commission's bureau of consumer
protection. Letting customer information
reside on an unsecure server can open
up a business to such liability.

Geez (4, Insightful)

Wolfier (94144) | more than 10 years ago | (#8233562)

If your information is "sensitive" or "private", do yourself a favor and don't put it on the web.

Peeps nowadays...

Robots dot txt (1)

toadywonders (735990) | more than 10 years ago | (#8233565)

Hasn't the government ever heard of creating a robots.txt file or something of similar nature to prevent search engines from caching files? Maybe the government just changed the permission to all files on their webserver to 755 so anyone could see. We should have another one about search engines scanning forums... That's even worse. My Sig: http://www.toadywonders.com Nothing like some good clean advertising

Wow, a story that would have been well timed... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8233566)

...to coincide with Google's IPO, had they not delayed it. A story saying Google is a threat to privacy AND national security. May as will throw Intellectual Property into the mix too, for all the warez searches. Just like that operating system our congresspeople were just informed about by the alert people at SCO.

Wow, this clearly shows that the better solution would be a more limited search engine that doesn't actually let the user search for whatever he/she wants, just in case it's naughty. Perhaps something tied into a Trusted platform that can make these legal judgement calls on the user's behalf.

Wasn't SCO planning to sue Google soon? Wow, what an incredible coincidence! Bad timing for your IPO, Google!

I'd end this with [/tinfoil hat], but I think I could actually be right...

I don't get it? (1)

GoMMiX (748510) | more than 10 years ago | (#8233611)

If you don't want people to see it, don't put it on the internet.

One would be led to think this would be a evident to anyone intelligent enough to tie their shoes.

But hey, this is scary stuff! People are stupid, so let's shut down google - the hackers tool for identity theft and terrorism!

I wonder how many poor Asian people turned caucasian while reading that article. O_O

nothing new (4, Funny)

martin-boundary (547041) | more than 10 years ago | (#8233616)

People have been doing searches for private, sensitive, pr0n logins and passwords for years...

Err, not me of course ;-)

First insult. (-1, Offtopic)

conner_bw (120497) | more than 10 years ago | (#8233619)

Waste your moderator points here you cunt fuckers.

PS: use a real moderation, not "overrated" aka the way of the wimp.

Names.. (1)

WolfieN (654940) | more than 10 years ago | (#8233631)

Go to Google and type in a name. You'll be suprised by the results. This works a bit better with unique screen names, such as Wolf305819. Though, you could get better information off of your city's website which holds criminal and property information. This latest craze over Google is due to their success, nothing more.

WHOLLY SHIT (1, Funny)

Anonymous Coward | more than 10 years ago | (#8233640)

take a look at this [google.ca]

anyone want to buy a yacht?

the date on the fourm is Sat Feb 07, 2004 10:20 pm so um im guessing most of those are still valid.

docking locations of 804 ships? (5, Insightful)

usn2fsu03 (711294) | more than 10 years ago | (#8233643)

That's more than twice the number of ships currently in service.

Also, these are not precise locations. Yeah, you can find that the USS Roosevelt (DDG-80) is homeported in Mayport, Florida but you're not going to find the precise pier number.

As for ships on deployment, one can find their general locations just by looking at the latest issue of the Navy Times and by reading the newspaper of the town that the ship and its battlegroup are from.

The Navy really tightened up on what get's posted on official ship's websites after 9/11. If there is sensitive information still out there, Google is not at fault, but rather the unit's webmaster, Commanding Officer, and the Operational Security people who are supposed to be looking out for that sort of thing.

This could be earth shattering for google? (2, Insightful)

saskboy (600063) | more than 10 years ago | (#8233645)

Imagine if the US government gets in its head that search engines are a terrorist tool?

Wouldn't that be interesting?

Consider the Source (2, Redundant)

Rotiahn (647005) | more than 10 years ago | (#8233659)

Ok, Lets make some connections here people:

This article places the google search engine as the medium for this activity.

This article is from MSNBC.

MSNBC is owned by Micro$oft

Wasn't Micro$oft trying to compete with Google for search engine market?

Someone please tell me I'm just being paranoid

/. google! (3, Funny)

potpie (706881) | more than 10 years ago | (#8233661)

now's our chance! I think we can slashdot Google!

this is news? (2)

l0ungeb0y (442022) | more than 10 years ago | (#8233669)

Well then again... it is an MSNBC article.
Seems some one in the mainstream press got a clue and has decided that the other 98% of the people should join in on the fun... if they can figure out how to use Google that is.

Who knows, maybe they'll even teach the clueless about Google image search... which came in handy this last weekend when a girl who wanted to model but couldn't figure out how to send me a pic attached in an email... Curious as to what she looked like, I googled and found her [google.com] .

As you can see, the stuff you can find on image search sure as hell beats those top-secret pentagon word documents anyday :)
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?