I was just looking over an article about Google Hacking, to which I was led by an article on SiteDigger 2.0. SiteDigger is intended to allow companies to more easily find sensitive material about them on the web, so that they can control it. Google Hacking is intended to do the same thing, though (possibly) for less noble purposes.
It occurs to me that since this wouldn't be possible -- or as possible -- without Google, this might imply that Google has a moral responsibility to control how its product is used.
If it does, would this logic follow through with guns?
4 comments:
You sent me on a search again. I've never heard of "Google Hacking." But now I have a pretty good idea of what it means.
What I don't understand is why this sensitive material is posted on the internet in the first place, or to put it another way--Why is there just one internet? Why, with all the knowledge out there isn't there a way to step into another dimension and have a second parallel internet just for banks, medical records, etc.--One that can only be accessed by security codes or retinal scans or something I haven't heard of but that surely exists out there somewhere? Something parallel to--never touching--this internet we all use with such abandon.
The short answer is, yes -- just put the information in a system which is not remotely accessible; ie, someplace where you have to physically connect to the computer in order to access the information on it. Think of your computer, but without the Internet connection.
What makes this sensitive information available is several things. Sometimes people make some information on their computer system available publicly, and don't realize that without adequate precautions, they've just made the whole computer accessible. This happened to a police department I read of a couple of years ago, which put a web page up for information that they wanted to make available to the public. The file system that contained the web page also contained confidential information about informants. No more.
Sometimes its just through error. The other day I emailed a copy of a spreadsheet to a colleague because I had created on it a list of information that he needed. Fine and dandy -- but I forgot to delete the page on the spreadsheet that contained all of my IDs and passwords in our corporate computer system. He didn't misuse it, but I got to spend time going out and redoing every single password.
Sometimes the information is innocuous by itself, but when merged with other information, becomes dangerous or more revealing than we wish. A listing of people in my neighborhood and their phone numbers is easily available. Combine that with information about income, and suddenly you've got a telemarkers dream. I was dismayed to learn, a few years ago, that the Post Office sells those change of address cards you fill out. Tie those with publicly available information on house sales, and the price paid.... bingo.
Certainly security helps -- passwords, retina scans, encryption, security -- but the good guys don't have a lock on brains, and they're frequently playing catchup.
Well, there's a small coincidence. The last word I wrote on a comment before visiting you was catch up.
Hey - maybe there IS a secret and parallel internet...
Well, it WAS a secret......(g)
Post a Comment