Wired's Kim Zetter rounds up some of the highlights from Untangling the Web: A Guide to Internet Research [PDF], an NSA guide to finding unintentionally published confidential material on the Web produced by the NSA and released in response to a Muckrock Freedom of Information Act request. As Zetter notes, the tactics discussed as described as legal, but are the kind of thing that weev is doing 3.5 years in a Federal pen for:
Want to find spreadsheets full of passwords in Russia? Type “filetype:xls site:ru login.” Even on websites written in non-English languages the terms “login,” “userid,” and “password” are generally written in English, the authors helpfully point out.
Misconfigured web servers “that list the contents of directories not intended to be on the web often offer a rich load of information to Google hackers,” the authors write, then offer a command to exploit these vulnerabilities — intitle: “index of” site:kr password.
“Nothing I am going to describe to you is illegal, nor does it in any way involve accessing unauthorized data,” the authors assert in their book. Instead it “involves using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” You know, sort of like the “hacking” for which Andrew “weev” Aurenheimer was recently sentenced to 3.5 years in prison for obtaining publicly accessible information from AT&T’s website.
Use These Secret NSA Google Search Tips to Become Your Own Spy Agency
Probably not much, as Brad Jones learned over Easter when a neighbor allegedly blasted his DJI Phantom. Even if his prime suspect confessed, there’s not much precedent for prosecutions.
The Electronic Frontier Foundation surveyed hundreds of American kids, teachers and parents about privacy and the “ed-tech” sector, which is filling America’s classrooms with Chromebooks and cloud services and mobile devices that ingest kids’ data wholesale without any meaningful privacy or data retention policies.
Micah Lee and The Intercept put together this video with “tips on how to prepare your phone before you go to a protest and on how to safely communicate with your friends.”
If you want to work in tech, but don’t have any desire to code web apps to help businesses sell things to other business, you might want to consider a career in cybersecurity. Judging from the apparent complete infiltration of Russian hackers in American cyberspace, it seems fair to speculate that there’s a major shortage of […]
All moms are different. But all moms like getting flowers on Mother’s Day, and that’s a fact (not, however a fact we can document in any fashion.) Instead of getting chewed out for forgetting to call her on the second Sunday of May, you can take care of it ahead of time with Teleflora’s flower […]
Yeah, Bluetooth audio is pretty common these days, so why should you care about these earbuds? Look how happy that woman up above looks. She’s got FRESHeBUDS in. Boom. There’s your reason. She’s also at the beach and it appears to be a very nice day.But for the sake of promotion, wireless earbuds are fast becoming the […]