Spider Hack

Mention earlier this week of the Morris tribunal reminds me of one of the minor riddles that inquiry left in my mind.

In June 2005, the tribunal apparently learned that it’s website had been ‘hacked’.

The Sunday Times later reported that ‘rogue computer software known as spyware was attached to the server used to “air” the Morris tribunal website.’

‘This spyware then uncovered the secret web link to the tribunal’s report when it was being stored in a supposedly secure location.’

‘The spyware notified the hacker when the report was put on the web … 350 attempts were made to access it.’

This is nonsense.

If spyware pwns a website, there’s no need to access it 350 times. You already have access to everything on the servers.

If anything, the explanation of the ‘spyware’ reads like a description of a google spider.

My guess is’supposedly secure’ means someone placed the report online, linked to it from a webpage, then commented out the link.

Unfortunately, when the googlebot showed up, it looked not at the visible web pages, but the underlying code, and ‘saw’ the link.

The result: typing ‘Morris report’ into Google was enough to ‘uncover the secret web link.’

Tags: