| |
stevewise
Googler
Joined: 25 Jul 2004
Location: Canada
1084.12 GC$
Items
|
 Posted: Sun Sep 05, 2004 7:14 pm Post subject: scary stuff... |
 |
|
|
I don't know if this was already posted or not but, as many of you know, google lets you search ranges of numbers. Good, right? Wrong. With this capability you can now go on a shopping spree at an online store of your choice by typing visa 4356000000000000..4356999999999999 in the search box and simply stealing someone's credit card... This is only the tip of the iceberg, I know some simple things you can enter in the search engine to get access to peoples databases and also find out many peoples passwords but I'm not sure if I'm allowed to post them here. I think that google seems to be making info a bit too easy to find. Anyways, I find this topic pretty interesting and I'm currently developing a site dedicated to it.
_________________
 boredgamers.sizzly.com - Flash Games |
|
| Back to top |
|
|
Randy
Former Moderator
Joined: 17 Jun 2004
18197.20 GC$
Items
|
| Posted: Sun Sep 05, 2004 7:24 pm Post subject: |
|
|
|
| Yeah... I heard about this originally on kevin rose dot com. I am sure google is aware that their engine can be used as a identify theft system, just they aren't too worried about it yet as it's not common. I'm sure they will be implementing some sort of system to prevent credit card numbers, etc. |
|
| Back to top |
|
|
Snake
King of Snakes
Joined: 28 Jul 2004
Location: Wisconsin
20845.02 GC$
Items
|
| Posted: Sun Sep 05, 2004 8:29 pm Post subject: |
|
|
|
Did they fix this or can you still do this. I put this in the Google Search Box and got mostly articals on this sort of thing. (No i was not out to steal peoples credit card numbers, lol.) But anyway this is interesting, and google should really look into this sort of thing if they didnt already. Don't want people going out stealing peoples credit card numbers.
Snake
(bad people out there, they must be stopped!!!!) |
|
| Back to top |
|
|
cvrk3
Google Guru
Joined: 05 Jul 2004
Location: India
16443.40 GC$
Items
|
| Posted: Sun Sep 05, 2004 10:28 pm Post subject: |
|
|
|
Google is a utility of knowledge management. If persons dedide to misutise the same you can not find fault with the utility.  . Any restrictions, on such utiltity, will restrict the knowledge managment domain. hence google may not be keen to put out any restrictions. All they can do is to store the IP address of the seeker of credit card numbers and keep the law enforcing authrorities informed. However with the security in e commerce being a big issue by itself, such possibilties
do affect the ecommerce industry which is taking steps to detect and avoid frauds.
it is advisable you provide such sensitive information on secured portals only in your own interest.
one more recent incident has come to my notice. A mail purported have been sent by the banks in india seeking the atm password and credit card details and password, was in circulation. Some of the customers approached the bank and found the message was a fraudulant one. Can you blame the email systme for this activity? |
|
| Back to top |
|
|
stevewise
Googler
Joined: 25 Jul 2004
Location: Canada
1084.12 GC$
Items
|
| Posted: Mon Sep 06, 2004 9:46 am Post subject: |
|
|
|
But the thing is, credit card fraud isn't the only problem. You can retrieve complete password lists and get access to site's databases just by searching certain things.
_________________
boredgamers.sizzly.com - Flash Games |
|
| Back to top |
|
|
Ashley
Master Googler
Joined: 10 Aug 2004
Location: Europe
4717.85 GC$
Items
|
| Posted: Mon Sep 06, 2004 9:53 am Post subject: |
|
|
|
Good job my site doesn't operate a mysql db anymore. You sound like you know alot about this, stevewise, is it common? People doing this could make google have to put a restriction on info that they index... this is bad forus. It also makes me wonder just how much power google do have? (know I sound stupid)
_________________
Fusionart Design Studio |
|
| Back to top |
|
|
stevewise
Googler
Joined: 25 Jul 2004
Location: Canada
1084.12 GC$
Items
|
| Posted: Mon Sep 06, 2004 12:10 pm Post subject: |
|
|
|
Well the problem is that you can search for simple error messages generated by mysql that tell you vital information that hackers can use. Maybe google should restrict searching for error messages or something like that. I don't think it's too common yet since when you search for the error you find one maybe two info pages about the hack itself unlike when you do the visa hack you'll find pages and pages of info on the hack itself.
_________________
boredgamers.sizzly.com - Flash Games |
|
| Back to top |
|
|
intelliot
Site Admin
Joined: 01 May 2004
18653.45 GC$
Items
|
| Posted: Mon Sep 06, 2004 10:39 pm Post subject: |
|
|
|
| Quote: | | Maybe google should restrict searching for error messages or something like that. |
No... that would be security by obscurity, which is bad practice. It's a good thing to read up on, look for something like "security by obscurity" |
|
| Back to top |
|
|
DaMoUsYs
Googler
Joined: 18 Aug 2004
Location: NL
732.93 GC$
Items
|
| Posted: Wed Sep 08, 2004 7:39 am Post subject: |
|
|
|
w00t that's scary news indeed
thanks for telling |
|
| Back to top |
|
|
shafi
Noogle
Joined: 05 Sep 2004
196.36 GC$
Items
|
| Posted: Fri Sep 10, 2004 6:01 am Post subject: |
|
|
|
That's a really interesting subject. stevewise
please tell us when your site about it is up |
|
| Back to top |
|
|
Eric
Better than you
Joined: 12 Aug 2004
Location: Toronto, Ontario, Canada.
2491.35 GC$
Items
|
| Posted: Fri Sep 10, 2004 9:26 am Post subject: |
|
|
|
Who cares, maybe I'll use this to my advantage...just kidding! lol, I have no opinion on this but for the freedom of search google shouldn't put a ban on this lol....
_________________
"A lie gets halfway around the world before the truth has a chance to get it's pants on." - Winston Churchill |
|
| Back to top |
|
|
broken
Elite Googler
Joined: 21 Jul 2004
Location: England
10042.30 GC$
Items
|
| Posted: Fri Sep 10, 2004 1:35 pm Post subject: |
|
|
|
That is seriously scary stuff. On one hand you don't want Google limited in anyway but on the other you do not want your identity stolen because it can be hard to prove that you are the victim of identity theft. It's a hard choice that someone has to make, do you limit a valuable resource or do you give identify thieves an easy ride?
_________________
MS Discussion |
|
| Back to top |
|
|
Guest
0.00 GC$
Items
|
| Posted: Thu Sep 16, 2004 4:51 pm Post subject: |
|
|
|
| Woah! Freaky! lol |
|
| Back to top |
|
|
Felman
Senior Googler
Joined: 19 Aug 2004
566.65 GC$
Items
|
| Posted: Wed Sep 22, 2004 8:44 pm Post subject: |
|
|
|
I dont get it... How does it work?
_________________
Lost packets killed my inner child.
There is a packet in all of us. |
|
| Back to top |
|
|
cvrk3
Google Guru
Joined: 05 Jul 2004
Location: India
16443.40 GC$
Items
|
| Posted: Thu Sep 23, 2004 11:56 pm Post subject: |
|
|
|
| do not blame the system if someone miuses it. willyou wish police to be off your area, just because one policeman misused the system. |
|
| Back to top |
|
|
Sponsored Links
|
| Posted: 5 Sep 2008 8:52 am Post subject: Advertisements |
|
|
|
|
|
|
| Back to top |
|
|
