Wired's Kim Zetter rounds up some of the highlights from Untangling the Web: A Guide to Internet Research [PDF], an NSA guide to finding unintentionally published confidential material on the Web produced by the NSA and released in response to a Muckrock Freedom of Information Act request. As Zetter notes, the tactics discussed as described as legal, but are the kind of thing that weev is doing 3.5 years in a Federal pen for:
Want to find spreadsheets full of passwords in Russia? Type “filetype:xls site:ru login.” Even on websites written in non-English languages the terms “login,” “userid,” and “password” are generally written in English, the authors helpfully point out.
Misconfigured web servers “that list the contents of directories not intended to be on the web often offer a rich load of information to Google hackers,” the authors write, then offer a command to exploit these vulnerabilities — intitle: “index of” site:kr password.
“Nothing I am going to describe to you is illegal, nor does it in any way involve accessing unauthorized data,” the authors assert in their book. Instead it “involves using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” You know, sort of like the “hacking” for which Andrew “weev” Aurenheimer was recently sentenced to 3.5 years in prison for obtaining publicly accessible information from AT&T’s website.
Use These Secret NSA Google Search Tips to Become Your Own Spy Agency
I use and love Waze every day to make driving in Los Angeles manageable for me. I still use it despite periodic bursts of tech news reports that the app leaves me vulnerable to security attacks and surveillance.
Privacy International won a lawsuit forcing the UK government to publish thousands of pages of records on the use of “Bulk Personal Datasets” by the spy agencies GCHQ, MI5 and MI6.
The Wall Street Journal (paywall) reports that the FBI payed more than $1m to get into the San Bernardino terrorist’s iPhone after Apple refused to create software to bypass its encryption. The Washington Post reports that a one-off $1.3m price tag was admitted, obliquely, by FBI Director James Comey by comparison with his own salary. […]
You never know when new projects, ideas or opportunities can drop into your lap at a moment’s notice. That may require you to learn a new programming language like Python. Or maybe you need a primer on 3D game development. Or you might realize you could use a serious brush-up on iOS mobile creation.Point is, […]
Isn’t it about time to stretch what your Mac can do? I mean, you’ve got plenty of great programs now…but don’t you think you could use some new tools to get your creative, analytical and organizational juices really flowing? It’s spring, so we cleaned up a whole bunch of super-cool apps lying around and packaged […]
In the world of app development, there’s no greater arena to find success than with Android users. About 80% of the smartphones in use today worldwide operate on the Android operating system, so if you build a great app that Android users love, you’re an international rock star. You’ll be able to make sure your […]