Sunday, August 17, 2008

Security holes can get you into trouble

Oops. Remember kids, disable directory indexing on your porn server! Or better yet, don't mix shared data with stuff you wouldn't want people to find on accident.

Judge Alex Kozinski's porn stash - Boing Boing
Kozinski had sent a link to a file (unrelated to the stuff being reported about) that was stored on a file server maintained by Kozinski's son, Yale. From that link (and a mistake in how the server was configured), it was possible to determine the directory structure for the server. From that directory structure, it was possible to see likely interesting places to peer. The disgruntled sort did that, and shopped some of what he found to the news sources that are now spreading it...

His son set up a server to make it easy for friends and family to share stuff -- family pictures, documents he wanted to share, videos, etc.

No comments:

Post a Comment