Wired's Kim Zetter rounds up some of the highlights from Untangling the Web: A Guide to Internet Research [PDF], an NSA guide to finding unintentionally published confidential material on the Web produced by the NSA and released in response to a Muckrock Freedom of Information Act request. As Zetter notes, the tactics discussed as described as legal, but are the kind of thing that weev is doing 3.5 years in a Federal pen for:
Want to find spreadsheets full of passwords in Russia? Type “filetype:xls site:ru login.” Even on websites written in non-English languages the terms “login,” “userid,” and “password” are generally written in English, the authors helpfully point out.
Misconfigured web servers “that list the contents of directories not intended to be on the web often offer a rich load of information to Google hackers,” the authors write, then offer a command to exploit these vulnerabilities — intitle: “index of” site:kr password.
“Nothing I am going to describe to you is illegal, nor does it in any way involve accessing unauthorized data,” the authors assert in their book. Instead it “involves using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” You know, sort of like the “hacking” for which Andrew “weev” Aurenheimer was recently sentenced to 3.5 years in prison for obtaining publicly accessible information from AT&T’s website.
Use These Secret NSA Google Search Tips to Become Your Own Spy Agency
The next version of Chrome will patch a bug that lets websites detect users who are in incognito mode by by probing the Filesystem API; they've also pledged to seek out and block any other vulnerabilities that will let servers detect users in incognito mode.
If you only look at porn with your browser in incognito mode, your browser will not record your porn-viewing history; but the porn sites themselves overwhelmingly embed tracking scripts from Google and Facebook in every page: 93% of 22,484 porn sites analyzed in a New Media & Society paper had some kind of third-party tracker, […]
Evan Greer from Fight for the Future writes, "Facial recognition might be the most invasive and dangerous form of surveillance tech ever invented. While it's been in the headlines lately, most of us still don't know whether it's happening in our area. My organization Fight for the Future has compiled an interactive map that shows […]
Looking to upgrade that old laptop or tablet? Holiday sales may be way on the horizon, but there’s an even better way to get like-new tech for a steal. Here are 10 of our favorite deals on personal computers and gaming gear – refurbished, renewed or brand new. Acer Touchscreen 11′ Chromebook 16GB (Certified Refurbished) […]
Vape technology has been around long enough that vapers are starting to get picky about their gear. Luckily, so are we. From disposable models to cutting-edge touchscreen atomizers, there’s a vaporizer in this roundup to suit every taste. Hera 2 – World’s Most Advanced Dual-Use Vaporizer Choose between dry herb or oil extraction modes – […]
With enough practice and commitment, anyone can be a visual artist. But without the right instruction, that time spent honing your skills could seem like an eternity. If you really want to see where your talent can take you, you need sound fundamentals – and no matter what discipline or genre you lean toward, the […]