Google Hacking Exposes China’s Bold Olympic Cheating
It’s been fascinating to read the last few days about the blatant cheating by the Chinese government with its “women’s” gymnastics team. Many of the Chinese little girls were obviously under the age of 16, and yet their passports all surprisingly made them at least 16 years old, the minimum age to compete. (Apparently in women’s gymnastics, being as young and slight as possible is an advantage, and so that age limit was instituted to level the playing field and reduce the impact of excessive training on very young female bodies and minds.)
It’s not only the boldness of the cheating, but the arrogance, and investment, of the Chinese government in maintaining the lie that these girls were old enough that makes one take notice. They issued passports with the purported age… how dare anyone question that? This is how they operate in their country. The massive propaganda show of the Olympics Games, calculated especially for internal consumption, is in support of this ultimate control of the state.
And then one has the spectacle of the craven International Olympic Committee, a bunch of old prostitutes who are in the business of selling themselves to the highest bidder and calling it the Olympic spirit. They may, or may not, bring themselves to take a look at how the Chinese government rigged the deck and went on to insist on a shit-eating grin from the rest of the world.
How do we know about the cheating? Associated Press previously found documents on Chinese websites that showed several of the girls as aged 14. Chinese officials dismissed these as mistakes.
But most recently, in the last couple of days, a lone blogger named Mike Walker, an Internet security expert of some kind who has his own blog called Stryde Hax, has delved into the guts of search engines, both Google in its Chinese and English forms and the Chinese search engine Baidu. The search engines commonly save page content in caches for some time, and even after the Chinese government suspiciously made several pages referring to the girls’ true ages disappear suddenly, Walker was able to retrieve the original documents from these caches. And it is the Chinese government’s official documents themselves that put the lie to the charade.
Others as well have begun delving into the depths of what the search engines’ contain and have found other confirming documentation. And it is this most recent Google hacking that has pushed the IOC into mumbling about asking for more documentation from the Chinese, while apologizing for even bringing the subject up.
I do a lot of searching on the Internet, pursuing various interests and in aid of writing this blog, but I’ve never really paid much attention to this activity of using Google and other search engines to look for under-the-radar documents, even confidential and secret in some cases. This sort of activity could venture into the illegal, I suppose, if information such as credit card numbers and identity numbers are misappropriated and used for fraudulent purposes.
But a lot of the search engine hackers are like computer hackers in general… they want to know, they want to find skillful ways of knowing, and they like to go around barriers just because they can.
And some of those hackers get jobs doing what they do best, like Johnny Long, a so-called “white hat” hacker who has been often hired to try to break the security of various applications and networks.
He started to play with Google hacking as a lark just before the turn of the millenium, and thought the term itself a bit of a joke, compared to real hacking. Then he found that you can look up credit card numbers, passwords and lots of material marked “secret” on these search engines. And since then, many more have joined in to explore what can be found, while Long has set up an intriguing website called http://johnny.ihackstuff.com/ around which a Google hacking community has formed.
Google hacking is about using the right search terms and syntax. For instance, from the Google Hacking Data Base (GHDB) on Long’s site, one subcategory is called “Files containing juicy information.” Let’s take a look there.
Here’s one: “not for distribution” confidential, as a search string. It brings up a lot of not very stimulating confidential draft PDFs, not for distribution, but I suppose if you wanted to you could find something embarrassing about somebody somewhere.
Under another subcategory from the database called “Files containing passwords” we find such searches as intitle:”Index of” passwd passwd.bak. In the database comments, there are also derisive notes about “Google dorks” who offer up their passwords and other confidential information unknowingly. This is a cautionary tale.
Another site offers selected Google hacks in a program that can be downloaded. People sometimes use these strategies to detect problems with their own network or website, as well.
I wonder how this kind of activity goes over with those who regard Google as a god. Yes, over at the Church of Google, they say “Google is the closest thing to an Omniscient (all-knowing) entity in existence, which can be scientifically verified.” I like the idea of hacking God.
But my favorite Google hack, if we can call it that, is the search engine Shmoogle. It takes your basic Google search and then just randomizes it in terms of relevance. I often get annoyed by the same old top of the list entries for a search, especially if they’re commercial, and Shmoogle mixes all that up. Sometimes you can find a useful gem buried at what would be the Google location of No. 475, say, many pages in, rising to the surface on the first page of Shmoogle.
Additional note: See the post Olympic Gymnastic Cheating Revisited for more on the Chinese Olympic aspect….