Thursday, May 05, 2022

White hat forensics.

https://www.makeuseof.com/google-dorking-how-hackers-use-it/

What Is Google Dorking and How Hackers Use It to Hack Websites

Google dorking or Google hacking is the technique of feeding advanced search queries into the Google search engine to hunt for sensitive data such as username, password, log files, etc., of websites that Google is indexing due to site misconfiguration. This data is publicly visible and, in some cases, downloadable.

A regular Google search involves a seed keyword, sentence, or question. But, in Google dorking, an attacker uses special operators to enhance search and dictate the web crawler to snipe for very specific files or directories on the internet. In most cases, they are log files or website misconfigurations.





Law any government might want.

https://news.softpedia.com/news/india-forces-all-vpn-providers-to-log-and-store-user-data-535322.shtml

India Forces All VPN Providers to Log and Store User Data

One of the benefits of using a VPN service to connect to the web is the enhanced privacy, as such a solution basically makes it possible to stay anonymous and without revealing any information about you or your device.

Of course, most people are looking for VPN services that don’t collect any data about their activity while connected to the servers, and in the last couple of years, more and more providers have been betting big on such capabilities.

India, however, has had enough with no-log VPNs, as the country has passed a new law that will require all providers not only to store information about their users but also to share it with the government when required.

Coming into effect on June 27, the new directive forces VPN services to store the data on their servers for no less than five years, as per Neowin. This must happen even if the user is no longer having a subscription.





How easy will it be to describe a ‘recommender algorithm?’ “Visible” is not always “understandable.”

https://www.cpomagazine.com/data-protection/finalized-eu-digital-services-act-promises-transparency-in-recommender-algorithms-new-restrictions-on-targeted-advertising/

Finalized EU Digital Services Act Promises Transparency in Recommender Algorithms, New Restrictions on Targeted Advertising

EU legislators have agreed to final terms on the Digital Services Act, a new law that focuses on large social media and retail platforms. The full text has yet to be released to the public, but the European Parliament and European Commission have outlined some of its central terms; these include new restrictions on how targeted advertising can use sensitive personal information, a ban on dark patterns and a requirement that the inner workings of recommender algorithms be visible to the public.





Useful perspectives?

https://www.bespacific.com/10-lessons-from-bellingcats-logan-williams-on-digital-forensic-techniques/

10 Lessons from Bellingcat’s Logan Williams on Digital Forensic Techniques

Global Investigative Journalism Network:Logan Williams is a data scientist on the Bellingcat investigative technology team. He spoke about digital forensic reporting labs at the 2022 International Journalism Festival in Perugia, Italy. GIJN attended the panel and caught up with Williams afterward to hear his top tips and advice for using digital forensic techniques in your reporting.”



No comments: