[ale] Slashdot article on UAV/satellite surveillance

gcanter gcanter at atnex.net
Fri Apr 18 10:10:06 EDT 2008 

Google has recently announced a "smart" spider.  The intent is to find the millions of pages behind submission forms on the internet.  They try to fill out a form using information on the page, submit the form, and record the response(s).

I recall Google's accelerator thingy a while back broke Ruby on Rails implementations.  Sometimes I think Google is the new Microsoft/Borg, but smarter .... and scarier.

-----Original Message-----
From: ale-bounces at ale.org on behalf of Mike Harrison
Sent: Fri 4/18/2008 11:31 AM
To: Jim Kinney
Cc: ale at ale.org
Subject: Re: [ale] Slashdot article on UAV/satellite surveillance
 
On Thu, 17 Apr 2008, Jim Kinney wrote:

> Only 39 of the quarters were sterilized. One was a tracking device.

Actually, two of them were.

I powered up my 1931 Coolidge Tube (I really own one) with my plasma torch
and used my night vision goggles (via a front surface mirror so I was out 
of the beam path) as an image intensifier to make sure they were 'just' 
quarters.

One of them was placed in your pocket, yesterday.

Any heavily tinted windowed vehicles nearby?

-------------------------------------------------------------------------------------------------------
ON TOPIC:

Seriously though, sometimes we need to be this suspicious. I am getting 
back into the payment processing business, and have setup a webserver
with a demo that looks like it is taking utility payments. (It's a 
semi-working demo.. ) After google found it (not sure how, but 
they did), I seeing an amazing onslaught of what seems to be scripts poke 
at this thing. It's -not- what I see on other webservers with non payment 
related forms. I'm guessing I don't see this kind of traffic on my 
e-com/shopping cart sites because a payment screen does not become 
available until things are added into the shopping cart.
It's not what I saw years ago when I was working for an ACH processor either.
Seems to have evolved.

I'm about to setup another site/server with generic payment forms
(ccnum, expiration dates, amount, etc.. ) just to watch the exploit 
attempts to make sure the real things I am doing don't succumb.

And it gets harder when you have to detaint againt UTF-8. You can't just 
strip out all the non-ascii characters.






_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale

More information about the Ale mailing list