New in Plain Text

By Peter Piazza

If you use the Web, you probably use Google to find your way around. The megasearch-engine’s spiders have indexed some eight billion Web pages and nearly a billion images (and they are currently working on a project to bring all public-domain books to the Web).

But Google’s wealth of information includes some things you might wish weren’t there—like documents from your company that should have been kept away from the public eye or misconfigured Web pages that can be exploited by attackers. Savvy security professionals will use the search engine to find these holes before the bad guys do.

You can use Google efficiently and effectively to find out what’s out there about your company and its Web site, thanks to Google Hacks: Tips & Tools for Smarter Searching from O’Reilly Media, Inc. But these aren’t hacks that will land you in trouble; rather, they are tweaks that will help you to find what you need more efficiently.

Better to start with a caveat: some of the tips in this book are “programmatic” hacks written in programming languages such as Perl that are run through command-line scripts. These require the willingness to copy some code and a key from Google that provides developers limited access to Google’s database.

The book’s authors, Tara Calishain (a writer and the editor of a weekly newsletter on Internet searching) and Rael Dornfest, chief technology officer at O’Reilly Media, offer some helpful resources for those intrepid readers who’d like to take a stab at programming, and provide detailed code that can be easily copied.

First comes an introduction to how Google searches work, the basics of its syntax, and how to mix syntax elements to pinpoint queries. For example, the query “security filetype:pdf site:gov” will return all PDF documents hosted on government Web sites that include the word “security.”

Then come 100 hacks, which are divided into beginner, moderate, and expert levels. Some simply link to other sites that have already hacked Google; one such site remembers the plethora of syntax elements so you don’t have to. Other fairly simple hacks explain how to use Gmail (Google’s free e-mail service) as a Windows drive or a Linux filesystem.

Knowing the basics of Google is a good first step toward making sure that critical corporate information is not improperly being exposed on the Web (some of the hacks in this book also explain how to get such information removed when discovered). This book is an excellent—and fun—resource for learning about hacking Google.

Google Hacks: Tips & Tools for Smarter Searching is available from O’ for $24.95.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.