[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 30 Sep 2008 22:41:38 +0100
From: n3td3v <xploitable@...il.com>
To: full-disclosure@...ts.grok.org.uk, n3td3v <n3td3v@...glegroups.com>,
info@...egary.org.uk
Subject: Re: [inbox] Re: Supporters urge halt to, hacker's,
extradition to US
On Tue, Sep 30, 2008 at 9:30 PM, Eliah Kagan
<degeneracypressure@...il.com> wrote:
> Here's a question, relating to the PUBLIC DOMAIN issue. I don't know
> the answer, but it seems relevant.
>
> When a http indexing bot (like those used by Google, for instance)
> comes upon a hyperlink into a page that is http authenticated, does it
> follow the link and try a blank password, or does it not follow the
> link? Is there some accepted standard for that?
>
> If it is considered acceptable to assume that access is permitted to
> any system that doesn't have passwords set but present http
> authentication, it would be hard to argue that other forms of
> authentication are different. Of course, having gained access, making
> deliberate modifications, however slight, would be illegal.
>
All you do is give Googlebot the password and hey presto! Read below:
https://www.google.com/adsense/support/bin/answer.py?answer=37081
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists