Charles Arthur On Technology

Google-eyed monsters

I can't recall where or how I first heard the title of John Brunner's book,
The Shockwave Rider, but know that the conjunction of those words intrigued me long before I got the chance to read it. What would a "shockwave rider" do? What would they look like?

I can't recall where or how I first heard the title of John Brunner's book, The Shockwave Rider, but know that the conjunction of those words intrigued me long before I got the chance to read it. What would a "shockwave rider" do? What would they look like?

On finding the book, some time in the 1980s, I discovered that Brunner had imagined a future world of computers linked with each other, forming a giant network retaining huge amounts of information. The central theme was of the hero's struggle to expose the forces trying to keep information secret; the shock wave he unleashes on the world is a program called a "worm" that passes from computer to computer and gets each one to declassify its secrets, making all knowledge available to everyone.

Oh, how clichéd, you say. Except that Brunner wrote it in the early 1970s, long before the internet, and not long after the concept of computer viruses had been developed. His book described an internet society rather well, given that Brunner had to imagine how it would work from first principles. As he later observed, his insight was simply to assume that human nature would continue as normal, and that the technology would be warped to fit our needs, for good or bad. Most of all, he noticed that people tend to take the path of least resistance in trying to solve a problem, which can leave all sorts of loopholes that can be exploited by those who understand the underlying system. Fast forward 30 years from Brunner's work, and we have the internet, and we have search engines which can act rather like his imagined worm, logging every last detail of what's out there.

Let's start with a gentle example. Type the phrase "Welcome to Adobe GoLive 5" into Google, and you'll get 459,000 results. From the top result (a page on Def Jam records for Ashanti) through to the last, they've all got that text somewhere on the page. Where? Well, right at the top of the window - it's the default title of a page written using Adobe's web design tool, and if a designer doesn't get rid of it at the draft stage, the mistake will remain for all to see. Step up a gear. What if you wrote a piece of software which will insert an invisible bit of text on a webpage which has been produced with a copy that hasn't been properly registered? The text could be part of a HTML tag, perhaps a comment or footer, which wouldn't stand out to the inexperienced user as meaningful. But when you, running the software company, did a search engine sweep for that particular tag, you could instantly pick up those copies which were unpaid for.

The all-seeing eyes of the search engines cut both ways. Webmasters are torn between the conflicting desire to let search engines' "spiders" into their site to index what's there (so people looking for relevant things will come there) and the wish to constrain where those spiders go amidst the documents. It might sound simple, but on a sprawling site that pulls in pages from many directories, it isn't. And that is how Google has begun to be used as a resource by hackers looking to find ways into sites, seeking out valid credit card numbers and holes in the system - along the lines of "Welcome to Adobe GoLive 5", but more sophisticated - that they can exploit. Some even go as far as to change the way their browser presents itself to sites, so they appear to be the "Googlebot". And most sites will let that one in, even to view paid-for content, in the hope people will be directed towards those pages via the search engine index.

But that also means that all sorts of content that used to require a lot of physical effort to find - a trip to the courts or local council - can now be done online. And sensitive information can be left for all to see. "If you don't want the world to see it, keep it off the web," Johnny Long, a computer researcher and author of Google Hacking for Penetration Testers told the ExtraMSN news site recently. He has his own site, at http://johnny.ihackstuff.com, with many examples of "malicious" Google searches. "The spread of web-based applications, such as message boards and remote administrative tools, has resulted in an increase in the number of misconfigured and vulnerable web applications on the net," he says. Pair that with something as powerful as Google's index, and "you have a convenient attack vector for malicious users".

But it's not just administrators of bulletin boards who need to worry. In the US, the explosion of public documentson the web has led to many security holes: confidential files from the US Department of Homeland Security have been indexed, and people can even access electrical control systems. "One Google query, a couple of buttons and you can turn off power to someone's house," Mr Long says.

But there are some key differences between the US and UK. First, the UK government has been slow to move online, so less data is available. Secondly, the UK and Europe has rigorous data protection laws covering personal information, and companies are reluctant to make documents available that contain data which can identify someone directly. Even so, make sure that there's nothing to worry about. One way to start, if you value your privacy and bank balance, is to try a search for your phone number (if you're ex-directory, as an increasing number of people are) and for your credit card number, with and without spaces. Don't do the latter search in a public area, such as a wireless hot-spot or internet café; you'll be sending the number over an unencrypted link, which isn't wise.

If you find your phone number coming up when you don't want it to, and much more important your credit card number, then get in touch with the respective sites. In the case of the credit card, cancel it right away, and check your balance; if you could find the number you can be sure that somewhere out there is a hacker who has set a program running to churn through the potential valid numbers for a credit card against Google, and to follow any links to websites. Google does remove pages like this from its index, but only when told. Meanwhile, hackers will have grabbed them if they can.

"A malicious community of Google hackers has formed and a response has become necessary," Mr Long writes on his webpage.

If Brunner was alive, no doubt he'd be nodding his head in amused recognition. Here comes the shock wave. Now, try to ride it.

www.charlesarthur.com/blog

Suggested Topics
Start your day with The Independent, sign up for daily news emails
ebooks
ebooksA special investigation by Andy McSmith
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs General

Recruitment Genius: Key Sales Account Manager - OTE £35,000

£25000 - £35000 per annum: Recruitment Genius: Have you got a proven track rec...

Recruitment Genius: Sales Executive - OTE £40,000

£15000 - £18000 per annum: Recruitment Genius: This is a great opportunity for...

Recruitment Genius: Senior Designer / Design Director

£38000 - £48000 per annum: Recruitment Genius: This B2B content marketing agen...

Austen Lloyd: Law Costs HOD - Southampton

£50000 - £60000 per annum + Excellent Salary: Austen Lloyd: An outstanding new...

Day In a Page

Syrian conflict is the world's first 'climate change war', say scientists, but it won't be the last one

Climate change key in Syrian conflict

And it will trigger more war in future
How I outwitted the Gestapo

How I outwitted the Gestapo

My life as a Jew in wartime Berlin
The nation's favourite animal revealed

The nation's favourite animal revealed

Women like cuddly creatures whilst men like creepy-crawlies
Is this the way to get young people to vote?

Getting young people to vote

From #VOTESELFISH to Bite the Ballot
Poldark star Heida Reed: 'I don't think a single bodice gets ripped'

Poldark star Heida Reed

'I don't think a single bodice gets ripped'
The difference between America and Israel? There isn’t one

The difference between America and Israel? There isn’t one

Netanyahu knows he can get away with anything in America, says Robert Fisk
Families clubbing together to build their own affordable accommodation

Do It Yourself approach to securing a new house

Community land trusts marking a new trend for taking the initiative away from developers
Head of WWF UK: We didn’t send Cameron to the Arctic to see green ideas freeze

David Nussbaum: We didn’t send Cameron to the Arctic to see green ideas freeze

The head of WWF UK remains sanguine despite the Government’s failure to live up to its pledges on the environment
Author Kazuo Ishiguro on being inspired by shoot-outs and samurai

Author Kazuo Ishiguro on being inspired by shoot-outs and samurai

Set in a mythologised 5th-century Britain, ‘The Buried Giant’ is a strange beast
With money, corruption and drugs, this monk fears Buddhism in Thailand is a ‘poisoned fruit’

Money, corruption and drugs

The monk who fears Buddhism in Thailand is a ‘poisoned fruit’
America's first slavery museum established at Django Unchained plantation - 150 years after slavery outlawed

150 years after it was outlawed...

... America's first slavery museum is established in Louisiana
Kelly Clarkson: How I snubbed Simon Cowell and become a Grammy-winning superstar

Kelly Clarkson: How I snubbed Simon Cowell and become a Grammy-winning superstar

The first 'American Idol' winner on how she manages to remain her own woman – Jane Austen fascination and all
Tony Oursler on exploring our uneasy relationship with technology with his new show

You won't believe your eyes

Tony Oursler's new show explores our uneasy relationship with technology. He's one of a growing number of artists with that preoccupation
Ian Herbert: Peter Moores must go. He should never have been brought back to fail again

Moores must go. He should never have been brought back to fail again

The England coach leaves players to find solutions - which makes you wonder where he adds value, says Ian Herbert
War with Isis: Fears that the looming battle for Mosul will unleash 'a million refugees'

The battle for Mosul will unleash 'a million refugees'

Aid agencies prepare for vast exodus following planned Iraqi offensive against the Isis-held city, reports Patrick Cockburn