In Arstechnica article, “Feds warn first responders of dangerous hacking tool: Google Search” (sent via @wh1t3Rabbit) describes individuals that use advanced Google search commands called Google Hacking or Dorking are acting like, “malicious cyber actor[s]”.
Considering all Google dorkers as malicious is very disturbing since advanced search commands have many legitimate uses and the reason Google makes them available to the public. In fact, the article I wrote about Johnny Long’s (Twitter, @ihackstuff) Google Hacking in “Google Hacking — Blast from the Past” is a popular post and I’m guessing since it helps people find legitimate information they need on the Internet. Sorry readers, in my blast from the past post I showed you how to use Google’s filetype: command. You are now acting like malicious cyber actors and likely monitored by governments for you subversive activities.
Profiling individuals that use Google advance search commands in the same class as malicious cyber actors is disturbing. I think we should treat data like money. There are a number of uncanny similarities, data provides those who manage it a living wage, it has value, it’s traded, it’s electronic, it’s easy to duplicate, etc. At least it seems like a place to start.
Consider, a bank that leaves it’s money on it’s door step and complains when thieves steal it. We call that bank foolish. Yet, do similar with our most sensitive data posted on public web sites and we hold site owners blameless.
The concern with profiling those that use powerful tools is that it’s a distraction from the real problem – unsecured sensitive data on a public Internet. There are many tools that can be used both for beneficial or malicious purposes, knifes, guns, etc. Even if Google removed their advanced search commands it amounts to burying our heads in the sand and ignoring the real problem. Attackers will only craft new tools to evade detection.