Google臭蟲和新手陷井
2007年10月24日 · 由大衛布雷得里
在2007年9月27日,這個站點亂砍由犯規推銷者的告訴搜索引擎re/occurrence [看見 黑客上海Google,警告]. 雖然這惡毒活動為互聯網社區所知的更加精明的成員,它依然是相對地unpublicized和沒明顯地視為是一個主要威脅。 然而,在那特殊星期天結束一次無害查尋的第一頁的一半由偽造和有害的鏈接佔領。
點擊在其中一個鏈接有結果,為一名用戶被替換的,一個起始的節目,以便控制是在黑客犯規推銷者的手裡。 這在MacBook讚成膝上計算機,有讚成Mac宣傳關於免疫從攻擊! 現在必須說它用戶未運用某些可利用的保障,被誤置信念在「這是Unix基於系統,并且攻擊」的說法是堅硬的。 此外,用戶對攻擊者,實際上,打開了門通過點擊在偽造鏈接。
這裡報告描述怎麼偽造鏈接可能由事實確定他們在URL看上去有.cn。 從那以後,雖然Google快速地反應了,與.txt出現和明顯均勻搜索引擎貯藏文件。 此外,一名用戶進入了他的特別姓氏,并且其中一個`發現』在查尋結果第一頁是監護人報紙的被欺騙的頁以一個報告關於他的表兄弟。 不用說,這名明智的用戶沒有點擊鏈接!
通常,被欺騙的網站是相對地容易察覺他們包含詞名單,雖然自上它能被看見這總不是實際情形。 通常總結在至少惡劣的英語。 他們仍然,至於大部分,炫耀「.cn」和很少貯藏。 他們也有非常奇怪看URL,即使「不是.cn」。 到目前為止雖然Google被挑選了,所有搜索引擎是在危险中,并且相似的偽造鏈接在AltaVista同時也看了。 而且,攻擊是持續的。 一次Google查尋在2007年10月17日為一家知名的化妝用品公司和英國鎮在結果第一頁產生了一個偽造鏈接。
Google是一種浩大和可貴的資源對於信息。 然而,反應在互聯網社區到這個當前威脅似乎奇怪地無言。 One user-response seen was almost arrogant, in that ’sensible users don’t click on odd links’. However, the naive and the curious are not necessarily senseless or silly, just uninformed or inexperienced. They deserve better.
– Thanks go to Dr Jenny Oliver for this invaluable contribution in the subject of search engine hacking. If you would like to contribute to the site as a guest blogger please get in touch, I’d like to make this a regular feature if there is sufficient interest.
Add me on StumbleUpon
Join me on Facebook
Browse my Flickr Photos
Follow my Tumblr Page
Check out my Pownce Profile
Follow my Twitters
Network with me on LinkedIn
Shout me on Digg
6 responses so far ↓
David Bradley // Oct 22, 2007 at 5:36 pm
We published an apparently related article on an odd Google error that seemed to suggest something unusual was happening to Google at the time as it seemed to be mislabeling some searches as having been carried out by a bot rather than a person. It might be that Google fires up this error message periodically when it feels particularly threatened by bot or hacker activity.
Wayne Smallman // Oct 30, 2007 at 8:51 pm
Two things strike me as odd; I’ve not read anything about either the Google hack or the Mac breach, both of which should command much more coverage.
More so the Mac issue, since there’s been several very notable “Mac has been cracked!” headlines, all of which have boiled down to someone actually being sat in front of a Mac with root access.
As for the criticism of less techno-savvy users, well, I hear a lot of that kind of talk, especially in the IT departments of businesses I deal with.
It’s unfair and quite naive. Most people shouldn’t have to know about these things.
After all, isn’t that what IT people are for?
David Bradley // Oct 31, 2007 at 7:53 pm
Following our discussions offsite, I have to agree regarding the nature of a Mac breach, although I’m no Mac expert. As to the criticism of less tech savvy users, maybe there are users out there who are seriously sub-savvy…so sub-savvy that they even enter the username and passwords into errant dialog boxes…
David Bradley // Nov 1, 2007 at 9:12 am
Brian Krebs has something to say about antivirus on a Mac this week
Jenny Oliver // Nov 30, 2007 at 1:45 pm
Columnist Bill Thompson, writing for the BBC website, Sunday 25 Nov, has an excellent article. Please see http://news.bbc.co.uk/1/hi/technology/7079777.stm
Entitled ‘End of innocence for Mac fans’, it includes some sound advice for all Mac users.
David Bradley // Nov 30, 2007 at 2:22 pm
Thanks for the pointer Jenny, looking forward to further updates on these issues from you in the near future
Dave
Leave a Comment