Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: AOL search data leaked

__/ [ John Bokma ] on Monday 07 August 2006 08:50 \__

> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>> __/ [ John Bokma ] on Monday 07 August 2006 06:26 \__
>>> "AOL just released the logs of all searches done by 500,000 of their
>>> users over the course of three months earlier this year. That means
>>> that if you happened to be randomly chosen as one of these users,
>>> everything you searched for from March to May (2006) is now public
>>> information on the internet."
>>> From:
>>> http://digg.com/tech_news/AOL_Releases_Search_Logs_from_500_000_Users
>>> Possible download links:
>>> http://www.gregsadetsky.com/aol-data/
>>> http://www.mininova.org/tor/388815
>>> Note that the MD5SUM should be:
>>> "The md5 of the file AOL posted (and now removed) is
>>> 31cd27ce12c3a3f2df62a38050ce4c0a."
>> Yes, seen that just minutes ago... *smile* couldn't get through.
> torrent works, so does the download link (I've heard ;-) )
>> Yesterday Digg had a front-pager about Google's bad deeds, but it was
>> flagged as potentially inaccurate after a short time.
> Still trying to get blogspot spam garbage down. At least support is quite
> clueless.
>> Look at the bright side, John. You can erase the cookies. And then
>> hope that Microsoft's WGA does not begin to distribute its IP
>> address-timestamp database.
> Don't care much about that. However, search data like AOL let out is quite
> stupid. Lets hope they didn't use something stupid to assign numbers to
> users, i.e. that user X doesn't discover that he has been logged, and that
> there is a (hash) function that goes from X -> number.

Not knowing what constitutes these logs, DNS and reverse DNS lookups are a
snap (it's scriptable command-line job). I have a tool called logresolve
installed and it does some translations as such without requiring any
special effort (brute-force with DNS server/s) . For example, some time ago
I used it to check what people from Microsoft were looking for in search
engines, what search engines they used, what browsers they were using and
what they browsed (a discussion that was initiated by David George). Imagine
what you can do with logs that are much larger. As a statistician, or even
as a spy.

Backward engineering some IP-username interfaces/protocols in AOL is also
possible (I can recall the ICQ ones, for 'nuking' in Windows 95). Then, you
also have search engines that identify IP addresses and associated them with
names. Many people, including myself, have a fixed IP address that is out
there on the Web. So whatever AOL has put out there, it's powerful data for
intelligence (and it's available to all). Anyone can download it and use it
upon demand. Recruiters, for example, can reduce the scale and learn about
people from these logs. Once again, it's like a case of data sales and
realting. The kind of thing that gets sales people on your telephone or gets
information system to know too much about you... be worries when the wealth
of information is availble to all... and so easily obtainable...

>> Big brothers are watching. be careful what
>> you search for. Scr00gle flush their logs every 48 hours.
> So they say...

My reaction was all along the same. I don't use that engine.

Roy S. Schestowitz      |    "I regularly SSH to God's brain and reboot"
http://Schestowitz.com  |  SuSE GNU/Linux   ¦     PGP-Key: 0x74572E8E
         run-level 5  Jul 20 12:15                   last=S  
      http://iuron.com - help build a non-profit search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index