Art matters - art information, art event art gallery artist art exhibition holiday palette art shop

british visitor 2012 where to stay what to do in great britain 2012 olympics cheap tickets atraction theme park

london 2012 olympics accommodation for london 2012 olympics weymouth sailing 2012 olympics bristol 2012 bath 2012 bristol 2012 commonwealth games glasgow 2014 bath 2012

Art information and art exhibitions art exhibition and art gallery with art materials

Maidenhead Community First Responders CPR defib defibrillator defibrillationMaidenhead Community First Responders

+44 (0)560 255 0806
Pulse Corporation Ltd
BritishVisitor.com OlympicBritain2012.com 365 tickets lastminute.com ancestry.co.uk Berkshire 2012 Hertfordshire 2012 Surrey 2012 Aldershot 2012 Ascot 2012 Bath 2012 Blackpool 2012 Brighton 2012 Bristol 2012 Bucks 2012 Cambridge 2012 Cheshunt 2012 Edinburgh 2012 Eton 2012 Glasgow 2012 Henley 2012 Maidenhead 2012 Marlow 2012 Newcastle 2012 Oxford 2012 Reading 2012 Slough 2012 Windsor 2012

Googledocs security problem

Do you use Google Docs? Do you collaborate? What setting do you use to collaborate - named persons or anyone with the (non-public) Web address?

If the last of those, think twice. It might be easy to post a link to just those in the know, safe that its a non-public URL. However, as one of my competitors has found out, it's not that safe.

Note: This is not a Google / Googledocs speciific issue. It just happens that I found it via a GoogleDoc. Any online document that relies on Joe Public not knowing the URL is vulnerable.

He had a list of his competitors and their Web addresses, including my website. He then clicked on the link and my web traffic stats picked up on the link and I now have the page he came from and access to his spreadsheet.

You can test it by clicking a test page here:
http://www.pulsecorp.co.uk/google/

The only code on that page is:

   <html>
   <head>
   </head>
   <body>
   <div style='margin: 20px;padding: 20px;background-color:#ccc;border: 1 solid #cc0000;height: 200px;'>
   <?php
     echo "You came from ";
     echo	isset($_SERVER['HTTP_REFERER']) ? "<a href='".$_SERVER['HTTP_REFERER']."'>" .
		$_SERVER['HTTP_REFERER'] . "</a>" : 'an unknown location';
     ?>
   </div>
   </body>
   </html>

Now insert the link into a Google doc and set access rights to 'anyone with the link' and click on it. By all means test it on your own Server by cutting & pasting the above rather than trusting mine.


OK, so it requires links in a Google doc and 'anyone who has the link' to be set but, as my experience shows, the odds of that happening are not zero. I've picked out Google Docs, but any online page that is publicly accessible if you know the URL can be vulnerable. My competitor just had a list of his competition, but it could have been sensitive (pricing) information accessible by the road-based Sales team for instance.

Oh, and yes I did tell him (eventually ;-) )

If you find this useful, then please click here to see what else we do!

Article List:-

Microsoft XP SP3 stops printers from printing
Wireless Network reliability / PC locks up
How to get rid of toadstools
Googledocs Security problem
Sage Software update on Windows 7 error

 

Valid XHTML 1.0 Transitional
Hosted by 1&1 Internet Ltd ©2005-2012 Pulse Corporation Ltd

UAV aerial photography Berkshire. aerial photography Berks. aerial photography Bucks. aerial photography Oxfordshire. aerial photography Maidenhead. aerial photography Surrey. aerial photography Reading. aerial photography Hampshire. aerial photography Kent. aerial photography Wiltshire. aerial photography Midlands. aerial photography Somerset. aerial photography Bristol. aerial photography Cambs. aerial photography Norfolk. aerial photography London. aerial photography 2012. aerial photography Essex. aerial photography Home Counties. aerial photography Northants. aerial photography Wales. aerial photography Scotland. aerial photography Yorkshire. aerial photography Cumbria. aerial photography Lake District. aerial photography Birmingham. aerial photography Manchester. aerial photography Edinburgh. aerial photography Dublin. aerial photography Belfast. aerial photography Gloucestershire. aerial photography Bath. aerial photography Ireland. aerial photography Jersey. aerial photography Guernsey.
Tags: Draganfly Inc. Draganflyer X4 X6 X8 UAV Microdrone MD4 MD1000
Tags: UAV. Unmanned aerial vehicle. Overt surveillance. Covert Surveillance. Mast Photography. Kite aerial photography. Blimp aerial photography. Architectural Photography.

Sitemap (html)
Sitemap (xml)
Find us on MrWhat