> Let me first say that I do now know if this issue has been brought to > light before or in what detail it might have been discussed. On to the > show... It's been brought to light, though not much publicly (like many things). > The problem I have found is that google may be archiving too much > information on sites. By carefully crafting search strings you can It gets much worse. We alerted customers to: http://www.codito.de/prog/mass-scan.gz. on June 13, it's been out a while, and I'm betting it's not the only one. The best though is google's cached data, you don't even have to visit the website half the time to view the sensitive information. It's a great way for avoiding paysites (well.. avoiding paying for the content on the paysites that is ;). Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ http://www.iDefense.com/
This archive was generated by hypermail 2b30 : Fri Jul 05 2002 - 22:54:38 PDT