[Air-L] NSA's 2007 "Internet Research" guide

Angela Newell amnewell at utexas.edu
Thu May 9 06:56:57 PDT 2013


Wired's Take:

Use These Secret NSA Google Search Tips to Become Your Own Spy Agency

   - By Kim Zetter <http://www.wired.com/threatlevel/author/kimzetter/>
   - 05.08.13
   - 2:37 PM


   -

 <http://www.wired.com/images_blogs/threatlevel/2013/05/NSA.jpg>

There’s so much data available on the internet that even government
cyberspies need a little help now and then to sift through it all. So to
assist them, the National Security Agency produced a book to help its spies
uncover intelligence hiding on the web.

The 643-page tome, called *Untangling the Web: A Guide to Internet
Research*<http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf>(.pdf),
was just released by the NSA following a FOIA request filed in
April by MuckRock <https://www.muckrock.com/about/>, a site that charges
fees to process public records for activists and others.

The book was published by the Center for Digital Content of the National
Security Agency, and is filled with advice for using search engines, the
Internet Archive and other online tools. But the most interesting is the
chapter titled “Google Hacking.”

Say you’re a cyberspy for the NSA and you want sensitive inside information
on companies in South Africa. What do you do?

Search for confidential Excel spreadsheets the company inadvertently posted
online by typing “filetype:xls site:za confidential” into Google, the book
notes.

Want to find spreadsheets full of passwords in Russia? Type “filetype:xls
site:ru login.” Even on websites written in non-English languages the terms
“login,” “userid,” and “password” are generally written in English, the
authors helpfully point out.

Misconfigured web servers “that list the contents of directories not
intended to be on the web often offer a rich load of information to Google
hackers,” the authors write, then offer a command to exploit these
vulnerabilities — intitle: “index of” site:kr password.

“Nothing I am going to describe to you is illegal, nor does it in any way
involve accessing unauthorized data,” the authors assert in their book.
Instead it “involves using publicly available search engines to access
publicly available information that almost certainly was not intended for
public distribution.” You know, sort of like the “hacking” for which Andrew
“weev” Aurenheimer was recently sentenced to 3.5 years in
prison<http://www.wired.com/threatlevel/2013/03/att-hacker-gets-3-years/>for
obtaining publicly accessible information from AT&T’s website.

Stealing intelligence on the internet that others don’t want you to have
might not be illegal, but it does come with other risks, the authors note:
“It is critical that you handle all Microsoft file types on the internet
with extreme care. Never open a Microsoft file type on the internet.
Instead, use one of the techniques described here,” they write in a
footnote. The word “here” is hyperlinked, but since the document is a PDF
the link is inaccessible. No word about the dangers that Adobe PDFs pose.
But the version of the manual the NSA released was last updated in 2007, so
let’s hope later versions cover it.

Although the author’s name is redacted in the version released by the
NSA, Muckrock’s FOIA indicates it was written by Robyn Winder and Charlie
Speight. A note the NSA added to the book before releasing it under FOIA
says that the opinions expressed in it are the authors’, and not the
agency’s.

Lest you think that none of this is new, that Johnny Long has been talking
about this for years at hacker conferences and in his book Google
Hacking<http://www.amazon.com/Google-Hacking-Penetration-Testers-Johnny/dp/1597491764>,
you’d be right. In fact, the authors of the NSA book give a shoutout to
Johnny, but with the caveat that Johnny’s tips are designed for cracking —
breaking into websites and servers. “That is not something I encourage or
advocate,” the author writes.
http://www.wired.com/threatlevel/2013/05/nsa-manual-on-hacking-internet/?cid=7829534


On Thu, May 9, 2013 at 7:59 AM, Richard Forno <rforno at infowarrior.org>wrote:

>
> This little nugget is showing up in my various newsfeeds today.  It's the
> unclassified "Internet Research" guide put together by the US National
> Security Agency in 2007 entitled "Untangling The Web". (The fact that it
> was (to use my term) 'faux-classified' and took a FOIA request by someone
> to obtain it pathetically amuses me, but that's a different discussion for
> a different venue.)
>
> It's not a scholarly text, but it's interesting to see the various
> examples/resources listed within its 650 pages.  At the very least, it
> might be a useful historical item for fellow AOIR'ers.
>
> 12MB PDF download:
> http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf
>
> --rick
>
> ---
> Just because i'm near the punchbowl doesn't mean I'm also drinking from it.
>
> _______________________________________________
> The Air-L at listserv.aoir.org mailing list
> is provided by the Association of Internet Researchers http://aoir.org
> Subscribe, change options or unsubscribe at:
> http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
>
> Join the Association of Internet Researchers:
> http://www.aoir.org/
>



-- 
Angela Newell, Ph.D.
University of Texas at Austin
LBJ School of Public Affairs
amnewell at gmail.com
amnewell at utexas.edu



More information about the Air-L mailing list