Google search exposes anti-Bush subscribers
Published: 23 Aug 2004 11:50 BST
Subscribers to MoveOn.org's mailing lists may have found their interest in the anti-Bush political site a matter of public record.
A Web page misconfiguration left dozens of the liberal political group's subscriber pages easily searchable through simple Google queries. Each page included a subscriber's name, email address and the mailing lists to which he or she is subscribed. ZDNet UK sister site CNET News.com confirmed that several related searches turned up more than two dozen individual subscriber pages.
"This is extremely disturbing," said one subscriber, when contacted through email. The subscriber asked that his or her name not be used. "I'm not sure if I should be worried or not, but I am," the person said.
The subscriber Web pages linked member's names with interests in various topics, "Distortion of evidence" for one, and, for another, Errol Morris, the director of the documentary "The Fog of War," which won the Oscar for its portrayal of the life of Vietnam era Secretary of Defense Robert McNamara.
MoveOn.org fixed the problem on its site after being contacted by a member. The search results on Google now redirect people to MoveOn.org's front page. The organisation is implementing further changes to protect the user information.
The information leak is the latest version of "Google hacking," using the search engine's advanced features to find data leaked by Web sites. Earlier this month, security researchers found a way to use the search engine to find lists of credit card numbers, along with card holder information, that had been posted online by traders of illicit financial information.
The incidents highlight increasing concern that knowledgeable Web surfers can turn up sensitive information by mining the world's best-known search engine. MoveOn.org stressed that no financial information was leaked in the most recent incident, and that the site does not retain credit card numbers.
The discoverer of the MoveOn.org problem, Web developer Shawn Smith, found the information accidentally, he said. Smith, a member of MoveOn.org, had searched Google for information on recent video clips sponsored by the political group. Along with a link to the clips, he found that several of the other search results pointed to Web pages with subscriber information.
"I just wanted to see the (video) spots," Smith said. "Instead, I found these other sites."
Smith alerted MoveOn.org to the problems, and the Web site fixed the issues.
MoveOn.org is best known for its use of Internet video to distribute 30-second spots attacking President Bush's policies. The spots, called Bush in 30 seconds, gained widespread recognition for the site and for the Internet as a medium for grassroots political speech.
Other sites have also profited from the interest of Web surfers, including Senator John Kerry's and President Bush's campaign sites, and a political parody created by JibJab.
Did you find this article useful?
54 out of 101 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
