Article - Don't Expect Privacy on the Web:
Opinion: Whether they realize it or not, many people leave sensitive information out in plain view on Web sites. But sooner or later, a Google search will dig it up.

http://www.eweek.com/article2/0,1759,1640925,00.asp


/.ed here:
http://slashdot.org/article.pl?sid=04/09/0...7&tid=1&tid=218 (http://slashdot.org/article.pl?sid=04/09/01/0222230&threshold=1&tid=172&tid=217&tid=1&tid=218)

My favorite /. quote (so far):
It used to be the case that If you put something temporarily in a directory on your webserver (that didn't have indexes turned) on you could simply give the URL of the file to a couple of people to have a quick look at and not have to worry about putting a password on the file. Because it wasn't linked from anywhere unless someone could guess the URL then no-one else wouldn't be able to find it.

This is no longer the case. The Google toolbar reports home to Google about sites people visit. Within a couple of minutes of someone viewing a URL that was private and only meant for them with a browser with the google toolbar installed the googlebot will come along to the site and grab the file for indexing. Nasty if you're not expecting it.

Just tried google for a SSN search as well. Same thing, you get a list of results within that social security number range, along with names, and addresses.

I had trouble believing this, so I downloaded one of the .QDF files from the referenced link. I am feeling completely sick. This guy's checking account number, credit card number, and meticulously-maintained transaction history are sitting on my computer.


The sad thing is that now people will be Googling for their credit card numbers to be sure they're 'safe', but doing so means their credit card number will show up in the list of things people are Googling.


Sample searches:

http://www.google.com/search?hl=en&lr=&ie=...999999999999999 (http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=Visa+4000000000000000..4999999999999999)

http://www.google.com/search?hl=en&lr=&ie=...399999999999999 (http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=Master+Card+5000000000000000..5399999999999999)

http://www.google.com/search?hl=en&lr=&ie=...799999999999999 (http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=American+Express+320000000000000..37999999999999 99)

http://www.google.com/search?hl=en&lr=&ie=...0000..699999999 (http://www.google.com/search?hl=en&lr=&ie=UTF-8&q=Social+Security+000000000..699999999)

If you really want to feel queasy, visit this site for other things that can be unearthed with Google.

http://johnny.ihackstuff.com/index.php?module=prodreviews

The crazy thing is you don't even need someone with a browser toolbar visiting your site for sensitive information to turn up on Google or any other engine for that matter. There are many sites that make visitor statistics publicly accessible which means those statistics are also indexed by search engines. These statistics can include referring pages, which means if your quasi-secret directory ends up in someone's web logs as a referring page then there's a good chance it will eventually be indexed by a search engine as well.

Originally posted by ShadowLab@Sep 3 2004, 12:03 AM
The crazy thing is you don't even need someone with a browser toolbar visiting your site for sensitive information to turn up on Google or any other engine for that matter. There are many sites that make visitor statistics publicly accessible which means those statistics are also indexed by search engines. These statistics can include referring pages, which means if your quasi-secret directory ends up in someone's web logs as a referring page then there's a good chance it will eventually be indexed by a search engine as well.
So, on your "quasi-secret page" make sure there are no offsite links.

I personally have taken to the .htaccess password protecting approach to augment the obscure pages. That way the page can't be referenced by google as the login/passwd are not there. Of course, you MUST make sure you don't pass the login/passwd in the URL!

The more I think about this the more concerns I have. I am completely new to mysql and somewhat new to php. I'm getting ready to put together a user log in system mainly for the experience of mysql and how it works with php. This system will hold a wee bit of personal info. My concern is taking a wrong step or unknowingly omitting something and having something like the above happen. Any suggestions on how to prevent it?

Like Eugene said, as long as the pages containing the private info require password access to view, it's not a concern.

And by that, I don't mean that you log in, and then the link is clickable to navigate there, I mean when you log in, you set a session or a cookie to authenticate with, and then EVERY PAGE behind the password looks for that cookie or session, and if the user does not have it, they get booted.

it's best to store two or three authentication ID's to use to verify the user with each page load. I generally use the MySQL record ISD for that user and an MD5 or SHA1 encrypted password and sometimes their username and use those peices of info to query the database and make sure they are an authentic user. It's easy to fake one cookie if you know what to fake.