ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
| Be Careful With Belarc Advisor Google is NOT Your Friend
Doing a Google search using the following criteria:
"Windows XP Professional" "Belarc Advisor Current Profile" key:
Exposes thousands of XP product keys!
from:
»digg.com/technology/Google_and_B···_XP_Keys
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
dave
Premium,MVM
join:2000-05-04
not in ohio | Oops.
How does something like the output from a utility application end up getting catalogued on Google? Is this just stupid deployment of a webserver serving up way too much of a filesystem, or is it more subtle than that? |
|
Sith HMP
I Did What?
Premium
join:2004-04-25
Bloomington, IL
| From the link: "Google will find all the Belarc Advisor Current Profile pages that organizations and people have posted on the internet"
People post them, that is just crazy. Although, either they are taking them down or this article isn't entirely true. I went through most of the results(there aren't many now) and found only four xp keys. |
|
Linoobux
Premium
join:2005-07-31
Columbus, GA
| reply to ZOverLord
Hmmmm.. maybe they didn't knowingly upload it.
»www.eff.org/news/archives/2006_02.php#004400
Wonder if any of those people had the Google Desktop installed?
--
Tolerance is a two-way street. |
|
Insder
There never was a second I in my name
Premium
join:2005-04-27
Salem, MA
| reply to ZOverLord
I love you. This is the greatest news of my life.
Hello Genuine Windows!
Anyway, this is all their faults, it's on their private webservers.
--
The one, the only, the Insder. :: Verizon Online DSL (2793/719) and Deer Alpha Firefox! |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
| reply to Sith HMP
said by Sith HMP  :From the link: "Google will find all the Belarc Advisor Current Profile pages that organizations and people have posted on the internet" People post them, that is just crazy. Although, either they are taking them down or this article isn't entirely true. I went through most of the results(there aren't many now) and found only four xp keys. 4?
»www.google.com/search?hl=en&q=%2···e+Search
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
Sith HMP
I Did What?
Premium
join:2004-04-25
Bloomington, IL | holy cow! I must have typed something in wrong because I did not get that many results. |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
1 edit | reply to ZOverLord
Tried two links on the first Google search page. One of these
had the product keys XXX'd out, while on the other there
was plainly visible a product key for Windows XP Pro. |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| reply to ZOverLord
It isn't just the XP key..
Adobe - Photoshop 1045120967384xxxx783
Adobe Systems, Inc. - Adobe Photoshop 7.0 1045120967xxx87696XXXX
Microsoft - Internet Explorer 55274-6xxx785-23419
Microsoft - MediaPlayer 69808-xxxx16-04453
Microsoft - Office XP Professional with FrontPage 541xxx0025-17696
Microsoft - WebFldrs XP 12345-11xxx1-89813
Microsoft - Windows XP Professional 552xxxx785-23419
Symantec Corporation - Norton SystemWorks 2002 NSW2002.05
Although with only 80 hits so far, it is a vanishingly tiny problem (unless you are one of the 80) |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN | reply to ZOverLord
Yes, they are cleaning it up as we speak, lol |
|
Sith HMP
I Did What?
Premium
join:2004-04-25
Bloomington, IL
1 edit | Yeah, down to 6 pages. Wow, what a nightmare.
Now I may be ignorant for asking but, once a key is in use isn't it hard for someone else to use the same key? Does it not get get registered to that machine? Or could theoretically 10 people use the same key with no problems? If me asking this is breaking protocol then I understand and I apologize. I acquired my key the proper way, I paid for it, and will continue to do so. I am still curious. |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
| Well it could get sticky if you call the 1-800 # and claim you are having problems, they could issue you another product id number over the phone based on the key, and it could be the first man wins.
Would not want to be the person owning the real key in that case.
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
user4275
Location, Location, Location
Premium
join:2003-11-27
Chicago, IL
clubs: | reply to ZOverLord
What about the Google cache though?  |
|
meister_sd
Premium
join:2006-01-29
La Mesa, CA | reply to ZOverLord
Here is another fun part.....
Change "Windows XP Professional" to "Windows 2003 Server"
or
Add "640" to the search and it will come up with corp keys!
Let your imagination FLY!!!! |
|
Anonymous_
Anonymous
Premium
join:2004-06-21
127.0.0.1
clubs:
 ·RoadRunner Cable
·Time Warner Cable
 ·Time Warner VOIP
3 edits | good MS
try 98
se\
there is no Windows "me"
there is windows 2000 and windows 2000 Server ed
i found with the Jackpot of key's
KEY's Removed do to there not Alowed here
Adobe - Illustrator
Adobe - Photoshop
Adobe Systems, Inc. - Adobe Illustrator 10
Adobe Systems, Inc. - Adobe Photoshop 7.0
Ahead - Nero Fast CD-Burning Plug-in
Belarc - Advisor
Macromedia - Contribute
Macromedia - Dreamweaver
Macromedia - Fireworks
Macromedia - Flash
Macromedia - FreeHand
Microsoft - Internet Explorer
Microsoft - MediaPlayer
Microsoft - Office FrontPage 2003 )
Microsoft - Office Professional Edition 2003
Microsoft - WebFldrs XP
Microsoft - Windows XP Professional |
|
TAKAVAR
@cable.rogers | reply to ZOverLord
Belarc Advisor: The next generation of publishing you key # with cutting edge technology |
|
habya
Premium
join:2003-05-29
Huntsville, AL
clubs:
| reply to ZOverLord
Heh that's quite interesting. Went through some of them to see. One thing I did notice with a couple of them is that the keys were XXX'ed out on the Belarc Advisor page; however, you could still see and get the key from the Google search page.
--
HABYA HABYA HABYA TEAR DOWN THE HEM STALKS EAT UP THE OLD MAN AND WOMAN AND CARRY OFF THE LITTLE GIRL MAY YOU DIE ALONE |
|
Brat75
Cats rule
join:2003-02-05
Auburn, WA | reply to ZOverLord
Ya know what's worse?
It even lists the accounts on the machine. If there's no password.....
geez.
Brat75
--
I sometimes feel that I'm playing hockey, and God wants to throw me a curveball. |
|
norwegian
Premium
join:2005-02-15
Outback
 ·WestNet Broadband
| reply to ZOverLord
Re: Be Careful With Belarc Advisor Google is NOT Your Friend
I can hear "central database" computing here. With Google desktop out now, and Belarc using the browser to display the results of the analysis of your computer, and people generally not cleaning up the browser history, it won't be hard to make that list bigger if needed.
An IT mate asked me how secure was system info displayed in a browser a while back, i just shrugged it off at the time, and didn't think much about it.
Although if Google Desktop does half of what it suggests, will it need Belarc to collect info ? |
|
