--- From: "J.D. Abolins" <jda-irat_private> Reply-To: jda-irat_private To: Declan McCullagh <declanat_private> Subject: Cryptome, RFID documents, Web error (?), and more Date: Mon, 7 Jul 2003 20:15:16 -0400 Today (7 July 2003), the Cryptome.org site posted an item about a collection of "confidential" documents that were posted on the MIT AutoID Center's Web site. The "confidential" documents were placed so that anybody using the old trick of searching for words such as "Confidential" in the site's search tool would not only find the listing of the documents but also viable links to them. At a quick glance, it appears to be another case of a site relying upon obscurity for limiting access to online documents rather than more distinct access control techniques, encryption, etc. In the case of other Web site where documents intended to be limited access were open to the world, the assumption was that if there were no links from "public" pages (and perhaps a robots.txt to tame the spiders), then the documents were accessible to only the people who knew the URLs. Yes, and to people using site search engines. <g> ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. ------------------------------------------------------------------------- To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 18:57:52 PDT