

NSA Google Search Tips - icco
http://www.wired.com/threatlevel/2013/05/nsa-manual-on-hacking-internet/?cid=7829534

======
tokenadult
As the previous discussion of the actual NSA document (kindly submitted in the
HN thread linked here by brown9-2, and also linked in the article submitted
here)

<http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf> notes, the NSA
document is old, and thus dates from an earlier era of Web research. For all
that, applying the Google tips mentioned in the document, specifically domain-
restricted searches, would improve the quality of links submitted to Hacker
News and thus improve the quality of discussion here.

The previous discussion of the actual document link seems to have missed the
process by which the document was released. The document was an internal
document of the National Security Agency, requested by a Freedom of
Information Act request. Some parts of the document had to be redacted, and of
course "official use only" had to be struck out in the copy released to the
public. The editing process apparently involved mark-up of actual paper
printouts of the original internal document, which were then scanned again to
form the released document. This makes for ugly formatting, but the content is
still interesting.

------
robbyking
A lot of people I know have have been using the Google "index-of
-(htm|php|<etc.>)" trick to find music (and now ebooks) for years now.

~~~
Zikes
That technique for finding mp3s went downhill pretty quick once word got out.
Lots of SEO spammers putting 'intitle:"index of" mp3' in their landing page
titles.

------
brown9-2
<https://news.ycombinator.com/item?id=5679793>

------
knowaveragejoe
> it does come with other risks, the authors note: “It is critical that you
> handle all Microsoft file types on the internet with extreme care. Never
> open a Microsoft file type on the internet. Instead, use one of the
> techniques described here,” they write in a footnote. The word “here” is
> hyperlinked, but since the document is a PDF the link is inaccessible.

Anyone have any insight on this? I imagine it's opening the files in a VM or
something along those lines, but I'd be interested to know if there are any
other techniques for looking at potentially malicious files.

~~~
inafield
I recall reading through one of the public NSA or USAF whitepapers on securing
Windows XP for usage within their organization and I'm pretty sure they
recommended using a Virtual Machine that had been set up following a bunch of
extremely secure protocols. Essentially the VM had network access only for the
length of time necessary to transfer the file and the host's security was also
dealt with. Then there was protocol which they referenced was supposed to be
standard which was the wiping/reset of the VM image at certain intervals and
upon specific events (contact your supervisor if...).

It contained a lot of "Contact your supervisor if..." and "Failure to follow
this can result in..."

------
calhoun137
For anyone who doesnt know: <http://www.exploit-db.com/google-dorks/>

------
janesvilleseo
Might be old but it still works

[https://www.google.com/search?client=safari&hl=en&ei...](https://www.google.com/search?client=safari&hl=en&ei=5UaMUbnqA4H9qAGRiYGoAw&q=filetype%3Axlsx+confidential&oq=filetype%3Axlsx+confidential)

------
danso
Old or not, I think this document's value is to help demystify some of how
detective/research/surveillance work is done in highly secret institutions.
They still rely in part on the hackery and technology that everyone else is
capable of doing.

