I believe in the theory that says Google searching technology is a double-sided-sword. We heard before about the "Samy" worm that uses Google API to reach machines and infect them. Now we got automated vulnerability scanning. Google has to put more restrictive policy and procedures to put an end to such abuses.
ExtremeSecurity Blog Admin
http://extremesecurity.blogspot.com
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Google
This is the same company that wants to manage Health Care information? The same one whose top people said that they want to collect all possible information about as many people as they can.
It's certainly the same company that states that it will read Email sent by users on it's system to better market to them.
Now they're being hacked and used to expose other areas of vulnerabeloility?
Scary, very scary.
No, not scary
No, it isn't scary. You didn't understand the article is all.
Google is not being 'hacked' in the way you see it used in the press a lot these days. No one is breaking into Google's servers or getting at anything they shouldn't get at. This is 'hacking' in the old sense - being clever and creative. The information is PUBLIC already. This is simply searching Google's public search engine for specific searches designed to find information that is public - but probably should not be.
And that's the fault of the sites that, either deliberately, via mistakes, or through oversight are making the information available in the first place. Google just vacuums all that data up when it indexes the site, and this tool finds those needles in the Google haystack.
It has absolutely NOTHING to do with Google's medical records effort, or Gmail, or anything else.
This isn't even new - the tool is new, but the concept is not. For years now search engines, and not just Google, have been used to search for information accidentally leaked and indexed.
A little more journalism, please?
This article quotes one person who extols the wonders of this tool and recommends running it "yesterday" -- except the article is quoting a statement from the group that produced the tool.
I'd be more impressed if this report actually reported on something, instead of just echoing the group's press statement. It's more ad than news item.
I have no intention of installing and running a vulnerability scanner based only on the recommendation of the group who created it. I'd rather see some actual coverage where someone I can trust has put it through its paces.
Greatest Google songs
Let's relax about this issue and listen to some songs about Google: http://www.networkworld.com/community/node/25746?ts0hb=&story=wknd_googlesongs
Vulnerability Scanner
I think that this is very cool to have a vulnerability scanner maintained by hackers, however, in order to really feel protected, I would use a commercial vulnerability scanner and not a free open source cool toy. I mean, if you have a family website with your pictures on it, I wouldn't spend $400 a year to scan it, but if it is a business site, I would go for the professional scanning.
Post new comment