[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- To: full-disclosure@xxxxxxxxxxxxxxxxx, n3td3v <n3td3v@xxxxxxxxxxxxxxxx>, info@xxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- From: n3td3v <xploitable@xxxxxxxxx>
- Date: Tue, 30 Sep 2008 22:41:38 +0100
On Tue, Sep 30, 2008 at 9:30 PM, Eliah Kagan
<degeneracypressure@xxxxxxxxx> wrote:
> Here's a question, relating to the PUBLIC DOMAIN issue. I don't know
> the answer, but it seems relevant.
>
> When a http indexing bot (like those used by Google, for instance)
> comes upon a hyperlink into a page that is http authenticated, does it
> follow the link and try a blank password, or does it not follow the
> link? Is there some accepted standard for that?
>
> If it is considered acceptable to assume that access is permitted to
> any system that doesn't have passwords set but present http
> authentication, it would be hard to argue that other forms of
> authentication are different. Of course, having gained access, making
> deliberate modifications, however slight, would be illegal.
>
All you do is give Googlebot the password and hey presto! Read below:
https://www.google.com/adsense/support/bin/answer.py?answer=37081
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US
- Re: [Full-disclosure] [inbox] Re: Supporters urge halt to, hacker's, extradition to US