SiteDigger 2.0

Foundstone, a subsidiary of McAffe publishes software called SiteDigger. The publishers describes it’s purpose:

SiteDigger 2.0 searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.

The package is free for the download and all you need is a Google API key to run it. Obviously, if you’re responsible for any web site, the first thing you’re going to do is download this thing and run it against your site. The first thing you’re going to do if you’re trying to break into a site is download this tool and run it against a site you want to hit. I’m not sure which side the makers of this software fall, especially after seeing that they describe exploits as "nuggets," a word usually associated with gold and something traded in by prospectors for currency.

The release and publicity of such a tool brings up an interesting ethical conundrum. If the software gets into the wrong hands, it could actually assist someone in breaking into a site. If it’s used by those responsible for security, it could help secure a site by pointing out holes that may have been overlooked.

Either way, it’s a nice way to drum up some consulting business.

Jupiter Blogs & ROI

Closest thing I’ve see so far to a statement on the ROI of a corporate blog can be found on Alan Meckler’s JupiterResearch blog.

A9 Yellow Pages, teaching an old dog new tricks

I would be remiss if I didn’t pile on to the hubub about Amazon’s new Yellow Pages search over on the A9 site. John Battelle’s got the scoop on how it was put together.

In short, Manber and co. (urged on by Jeff Bezos, who Manber says was "very involved") strapped GPS-enabled digital video camera-cum-terabyte server rigs to the top of a bunch of SUVs, then drove them around the commercial areas of major US metropolitan areas, recording what then became composite still pictures of entire cities, one address at a time. A9 took more than 20 million images of 14 million+ businesses across ten cities (more are coming soon), then created a local search application they call Block View.

Of course I see other benefits as well for my friends and family overseas. Wondering what Telegraph Avenue in Berkeley looks like these days? Take a stroll starting at Amoeba Records and click on the image to scroll either up towards the University or down towards Ashby. Notice Amazon still need to get photos of the other side of the street so you can’t see Moe’s yet but the listing tells you it’s still there.

Then there the new game in finding unsuspecting people caught in internet eternity in front of questionable enterprises. How would you like to be known as the guy on the cellphone in front of Peepworld?