Comments on: Oh dear

By: olaf2

olaf2 — Thu, 12 Oct 2006 11:56:58 +0000

I don’t think that this code search is very usefull, not for the user and not for the owner. I don’t wanna think about how many people will hijack this data and place the code as without permissions in some kind of code directory.

I’m wondering why I someone should use this search…

At last google is indexing the files inside zip files, read some days ago about searches for WP config files ripped from .zip backup archives…

By: Etnu

Etnu — Sun, 08 Oct 2006 03:28:37 +0000

“Fix”? Why? Because stupid people expose code on the Internet?

Google is doing software engineering a great service, not just through search, but by exposing these glaring security holes. If google’s spider can find it, SO CAN SOMEBODY TRYING TO DO SOMETHING MALICIOUS!

Here are some tips:

1. Don’t leave sensitive information in publicly accessible directories. If you don’t understand why this is important, you deserve to get hacked.

2. Spend a few hours actually learning about security best-practices.

3. Quit relying on security by obscurity. It’s worthless. Use real security measures and you won’t have these kinds of problems.

People need to stop writing horrible code. If it takes google making it easy to expose these flaws, then, well, so be it. More work for developers who actually know what they’re doing.

By: Lionheart008

Lionheart008 — Sat, 07 Oct 2006 13:40:53 +0000

VBulletin Licence Number lang:php

Plug that into google code search, you can actually search for VB licence numbers, google better fix this quick.

By: CAGRET

CAGRET — Fri, 06 Oct 2006 13:53:29 +0000

Seems something is broken in their code search right now, your example doesn’t return any results. Another test: lang:php include is OK. But trying lang:php include\s* again no results..