Join 3,572 readers in helping fund MetaFilter (Hide)


Did Google go too far
November 26, 2001 7:51 AM   Subscribe

Did Google go too far when they added a new tool to their website, or are webmasters to blame for lax security?
posted by machaus (21 comments total)

 
If you're putting your passwords and credit card numbers on the web, you're asking for trouble.

Our specialty is discovering, crawling and indexing publicly available information," said Google spokesman David Krane. "....The primary burden falls to the people who are incorrectly exposing this information. But at the same time, we're certainly aware of the problem, and our development team is exploring different solutions behind the scenes."

Sounds about right to me...
posted by jpoulos at 7:55 AM on November 26, 2001


The term "web publishing" means just that - put it on the web and you are making information publically available.

Furthermore, I have always found Google very receptive to removing pages from their index if you request it, and it takes very little to ensure that search engines avoid certain parts of your web site.
posted by ljromanoff at 7:59 AM on November 26, 2001


“The underlying issue is that the infrastructure of all these Web sites aren’t protected.”

I agree. If webmasters don’t wish to set up a decent infrastructure, they’re asking for it. I don’t think they deserve to be cracked, mind you. But an ounce of prevention...
posted by Davezilla at 8:15 AM on November 26, 2001


Google is being a good citizen, of course, good for them. But they are not to blame for this problem, not even remotely. If anything sensitive slips by their tool, the problem is still not theirs.
posted by mmarcos at 8:18 AM on November 26, 2001


That’s right. It’s the price we pay for a better search engine. Remember how much we complained about crappy search results we’d get a few years ago? Some of us knew the arcane secrets required to find things, but admittedly, it took much longer than it does today. Google has totally changed the skill level required to find what you need quickly. Not to mention the speed of the return and how quickly it spiders (seems to be overnight).

It’s worth the tiny hassle to me.
posted by Davezilla at 8:26 AM on November 26, 2001


Did Google go too far when they added a new tool to their website, or are webmasters to blame for lax security?

The second thing.
posted by delapohl at 8:28 AM on November 26, 2001


Wait a minute. People are complaining because a search engine finds things? Man, I knew Google was the cat's pajamas!

It's clear that folks (especially web admins) still don't realize the Internet is not a private network. Tsk, tsk.
posted by tommasz at 8:30 AM on November 26, 2001


Bad google! Cause E-vil crackers always respect robots.txt and never go looking for resources they shouldn't. So if google gives in and hides these results, that means they'll magically disappear again and black hats won't be able to get access to them either.

Come on, everyone knows security by obscurity doesn't work. I can't believe anyone would even make this complaint.
posted by rodii at 8:34 AM on November 26, 2001


that folks (especially web admins) still don't realize the Internet is not a private network.

no doubt! consider, for example, poor tugger. linked to my mirror because his secret is over it's bandwidth quota!)
posted by quonsar at 8:37 AM on November 26, 2001


no doubt! consider, for example, poor tugger.

Ick, ick ick! Gotta wash my eyes out with soap now... thanks quonsar!
posted by spilon at 8:45 AM on November 26, 2001


I really don't get why, at the end of the article, Gary McGraw has a go at Google for not making their software secure by design. Surely it's these piss-poorly administrated web sites that are insecure by design. They really deserve to be exposed, for the sake of everyone's security.

The only gripe I still have with The Big G is that it won't accept common words like The as part of a phrase search. You used to be able to prefix with a plus sign to override this quirk, but that doesn't seem to work any more.
posted by dlewis at 9:35 AM on November 26, 2001


dlewis: According to the advanced search tips page, the + override still works for everything but the word 'the', which is now simply impossible to specify as a search term.

Google works great for me most of the time, but I still wish it had something on the level of AltaVista's advanced query syntax.
posted by jjg at 11:08 AM on November 26, 2001


On Thanksgiving, Eric Zorn of the Chicago Tribune gave: "A simple thanks to mother of all search engines...Google. Google is a blessing. Google has lately changed my life. I now grab acquaintances by the lapels and carry on about Google until they swear they are converted simply to be rid of me."
posted by Carol Anne at 11:54 AM on November 26, 2001


Blah. If google is doing anything wrong its not release the names of these companies so I can avoid doing business with them.
posted by skallas at 12:16 PM on November 26, 2001


my boss likes to play little trivia contests here at work. the peon who answers correctly first wins a half-day off. Google has won me several days off over the last few months. god bless Google.
posted by tolkhan at 12:16 PM on November 26, 2001


You ain't kidding, tolkhan- at my last job, on several occasions I won Seahawks tickets, Mariners tickets, and even a Rio MP3 player by using Google better and faster than other people could answer those office trivia contests.

Man, Google rocks...
posted by hincandenza at 12:44 PM on November 26, 2001


If google can find it, others can find it too. It's always the admin's job to keep private things locked up.

-Mars
posted by Mars Saxman at 1:03 PM on November 26, 2001


The only way Google can find things is if you link to them (correct me if I'm wrong). Why the hell would you leave an unencrypted file out on the internet that's linked somewhere? I know people who go to web pages, get the robot.txt and then visit every place listed in it. They do it for fun (usually just personal things are on it) but I'm sure they've come across "secret" things.
posted by geoff. at 3:05 PM on November 26, 2001


since i can never find my wallet, at least Google can find my credit card number.

now if it could only find my housekeys.
posted by tsarfan at 5:15 PM on November 26, 2001


"The guys at Google thought, 'How cool that we can offer this to our users,' without thinking about security. ..."

I'm sure the Google Web site is quite secure. As far as i know, it's never been hacked.
posted by kindall at 5:24 PM on November 26, 2001


geoff: an unsecured directory listing is a link, whether it's deliberate or not.
posted by dhartung at 6:10 PM on November 26, 2001


« Older The Deconstruction of The World Trade Center...   |   Unknowingly sending all your p... Newer »


This thread has been archived and is closed to new comments