No Fancy Name
Wednesday, August 04, 2004
google is NOT the spawn of the devil
I've actually come across that statement, in various blogs, about how Google is some sort of terrible, devilish entity. I don't understand that, at all. Google is a search engine (that, as a company, provides tools intended to "make the world's information universally accessible and useful" using said search engine.) A really big, good one. The problem with that is...what now?

Along comes a CNet story yesterday: "Google queries provide stolen credit cards". This is one of those types of stories that people love to get all riled up about, when they have no clue what they're talking about. First, I repeat, Google is a search engine. It archives public content, which you can then search. Google does not steal your personal financial data. Unscrupulous people and/or webmasters who are very, very bad at their jobs, post data on public web sites. Those sites are indexed by Google (and a ton more search engines), and the text on the page is searchable by you, the consumer.

What sets Google apart from the other search engines is the ability to find more information because 1) they have more of it and 2) you can employ hacks to make your searches even better (here's a book about google hacks). Hacks are not bad things. Hacks are "quick jobs that produce what is needed". Those who hack are hackers. Neither "hack" nor "hacker" == "malicious meddler"; that would be a cracker.

But you see, we're not talking about cracking. We're talking about search results that include data that dumbasses (and/or crackers) placed on public web sites. Public records like police reports and tax records, which contain social security numbers, have been inadvertently placed online by city governments. Databases of purchase records which include card numbers, either stolen and placed online, or initially stored in a public place for all to see -- those are examples of information you can find online, AND you can find them with any search engine.

Google just makes the process easier, with number span searching. Kevin Rose provides an example of Google search query using number span searching: visa 4356000000000000..4356999999999999

Although number span searching isn't employed in Yahoo! or MSN Search, the pages that turn up as Google search results also will turn up in Yahoo! and MSN Search results, if you search on something specific. Try it: Yahoo! query w/ CC number, MSN Search query w/ CC number.

Moral of the story: don't publish information you don't want others to see, because people will find it, because search engines are doing their jobs. It isn't Google's (or Yahoo!'s, or MSN's) fault that poor security on the fault of administrators (and the ability of humans to fall for social engineering tricks) makes certain areas of the Internet a playground for crackers. In fact, security experts also use Google hacks for good, not evil, to find vulnerable servers in order to fix them, or alert their owners to do so.


job / books / new blog

04/04 · 05/04 · 06/04 · 07/04 · 08/04 · 09/04 · 10/04 · 11/04 · 12/04 · 01/05 · 02/05 · 03/05 · 04/05 · 05/05 · 06/05 · 07/05 · 08/05 · 09/05 · 10/05 · 11/05 · 12/05 · 01/06 · 02/06 · 03/06 · 04/06 · 05/06 · 06/06 · 07/06 · 08/06 · 09/06 · 10/06 · 11/06 · 12/06 · ???


Creative Commons License
All blog content licensed as Attribution-NonCommercial- ShareAlike.