A Bit About Google Code Search

A few days ago Google launched Google Code Search. If you haven’t heard of it yet it allows you to search publicly available source code in many different programming languages. You can also search using regular expressions. You can also do some cool things with it such as find acronyms

It all sounds great but in the days since it launched I have been reading a lot of stories about the possible misuse of it. The main worry seems to be the potential to locate bugs in software and exploit them. There is also the potential to track down passwords and look at propriatery source code that should not have been made available according to this NetworkWorld article, although they didn’t point out any specific examples.

I did come across this article containing a good list of dark and dangerous things to find. Some of my favourites include:

The Winzip Keygen which, interestingly, points out that you cannot register Winzip to the name Murad Meraly.
WordPress usernames and passwords. These are allegedly as a result of people zipping/tarring their WordPress installations and putting them in a publicly accessible directory. Not sure why.
Backdoor passwords

Leave a Reply

Your email address will not be published. Required fields are marked *