Some help for a Novel ?

Hi,

i'm writing a Sci-Fi novel, in which some hacker tries to use crawlers to inoculate viri into servers. I suppose this is completely unrealistic, but well, this is Sci-Fi.
The point is that I would like to know if a search-engine bot is habilitated to write things on the computer they visit (through a meta-program or something) ? I suppose they don't, but maybe on that robots.txt ?
Would you have any other burning *idea* to help me ?

The aim is that the hacker can activate the information written by the crawler with a specific search on an engine, access the servers and implement his virus.

The idea just need to be theoreticaly possible (or, let say, not too far from reality).

Thanks for your ideas/help

Gregoire

[I, Brian]

My head is a sandpit this evening - but you may wish to check out my compilation of science fiction and fantasy writing resources here to check up useful information outside of your question:
http://www.chronicles-network.net/writers/resources/

Best of luck with the writing, too.

Nice site ! Thanks !
Maybe i'll find another way to interact with that network, after all, it's just sci-fi

[dannysullivan]

Went through my files, and here are a few references that might help:

Google, other engines hit by worm variant
News.com, July 26, 2004
http://news.com.com/2100-1023_3-5283750.html
An internet virus that generated search requests slowed down or made Google inaccessible to many users, and other search engines had trouble, as well.

Google Toolbar Security Concern
By Danny Sullivan, Sep. 21, 2004
http://blog.searchenginewatch.com/blog/040921-95
Google Toolbar Input Validation Hole in 'About' Page Lets Local Users Execute Scripting Code from SecurityTracker.com has a report of a possible scripting security problem with the Google Toolbar. Spotted from our forum thread: Toolbar scripting vulnerability, and you can comment and discuss there.

Could Search Sites Spawn Worms?
PC World, June 24, 2004
http://www.pcworld.com/news/article/0,aid,116669,00.asp
A look at the idea that smart worms might mine search engine data as a means to seek out vulnerable sites.

[DaveN]

Dude, spin it through the Toolbar, if a hacker could get into the google TB he would control Millions of home and office PC's

[I, Brian]

If you'd like a little extra spin for your story, the billion-dollar drive by search engines to replicate relevancy, according to how a human user would, is effectively one big research project into Artificial Intelligence (AI).

[mcanerin]

I wrote this back in January 2004, but it might have some ideas in it for you (feel free to steal them)

The CIA is behind the Google Dance

No, really, it's true..

Look at the evidence: First, almost all major owners and employees of Google come not only from US Universities, but universities that are known to be recruitment targets for the US government, including the CIA. These universities also receive significant funding by the US Government.

Second: suddenly, shortly after the world wide hunt for Bin Laden began, Google stopped doing the "Dance" regularly, almost as if they were having to reprogram and test huge changes instead of constantly tweaking little ones. The result? the Florida update near the end of November. Less than 2 weeks after Florida is out, Saddam is captured by US troops belonging to the only ground unit in the area that has ongoing battlefield network connections, including the internet...

Websites run by or connected to known terrorist activities, including Russian /ex Soviet Union mob, Yakuza, triads and Al-Quiada, which includes many spam sites, are suddenly highly visible, yet other spam sites nearly disappear. Sites with ANY connection to these groups, including a certain Hockey Site known to have some russians on it that travels extensively in the major population areas of the US, suddenly become more prominent and thereby easier to locate and track.

It's a well known fact that terrorists use the internet to communicate with each other. Known methods are hidden text in websites, steganography in images, and online chat/blogs. And Google has been ravenous about searching the web for images, acquiring Blogger, and indexing even traditionally hidden areas of websites.

Googles IPO was sold in a variety of different ways, most of which can't be traced back to the CIA, such as an auction, and will generate far more money than Google requires for its "normal" activities. Hmmm - payoff, or seed money to finish the project? You decide.

One of the complaints the FBI had after 911 was that they had tons of information, but no way to get at and cross reference all of it fast enough to find what they were looking for - this was reported in many papers. It hasn't been reported recently, and there have been a great many successful captures in recent months, along with vague "Code Orange" warnings that seem to coincide with changes in the positioning of various sites, and sometimes even a slowdown in results from Google. Then right after that the sites are back, the Code Orange goes away and the bad guys are caught.

The obvious reason? The CIA has been using Google's advanced search technology to help locate and track terrorists - if your site has great rankings, you are probably one of them.

If you have recently lost your position - good news, they are NOT out to get you (this time) and you are no doubt a great patriot.

You can even check this. Ask everyone who lost their rankings recently if they are associated with a terrorist organization or wish harm to the USA - the answer will be a resounding NO! There you go. The people who went up are no doubt terrorists and therefore probably going to lie anyway, so it would be a waste of time asking them - just look at their activities and associations - that will tell you. Look hard enough, and you will find it.

The CIA is never wrong.

Ian

PS this was written as a tongue-in-cheek response to some conspiracy theories regarding Google after the Florida update.

Interestingly enough, apparently I wasn't far off....

http://ai.bpa.arizona.edu/TerrorismR...roduction.html
http://de.vivisimo.com/html/gov-intranet

[mcanerin]

Search engines could be used to:

stalk people online
locate personal information
apply clustering in order to locate associated members of groups
etc

For viruses, you are a bit more limited. However, recently Google and MSN have announced they are introducing "desktop" versions of their search software.

If THAT was compromised with a trojan, all sorts of bad things could happen:

It could send information to whoever you tell it to - and effectively search for it in order to make sure it was complete.

It could be set to perform an action or bring back a specific result if a particular search is done, or if it connects to the internet or specific site.

It could use that desktop to locate information on other areas of the network that desktop was connected to, including ones with not internet access.

It could interprete files differently. For example, if you put code into a JPG header or file information nothing would happen (usually - there is a recent case of this actually happening - http://antivirus.about.com/od/securi.../a/jpgflaw.htm) but the same tactic here could happen if the toolbar looked for and executed this code.

Etc.

Usually a search engine is passive. You would need some sort of active programming in order to do what you are thinking of, so I would focus on toolbars, desktop search and trojans.

Ian

[I, Brian]

Quote:

Originally Posted by mcanerin

The CIA has been using Google's advanced search technology to help locate and track terrorists - if your site has great rankings, you are probably one of them.

Not quite - but Google has for some time been in a perfect position to use it's information sorting for electronic surveillance. Add the Toolbar, Gmail, and the Desktop to that as well, and the great surprise would be if the US government was not usuing Google technology for some degree of surveillance and information gathering.

[NetinsertGuy]

Interesting to hear about your Sci-fi novel, it gives food for thought on a dull wednesday morning...

Quote:

The aim is that the hacker can activate the information written by the crawler with a specific search on an engine, access the servers and implement his virus.

A fundamental trait of a search engine is that a search is done in the search engines database, not directly in the target server. An actual crawl of the target server can only be prompted by an URL submit or an URL update (only available in some engines). If you want your plot to be somewhat credible it may thus not be the best solution to mix these two together in the same scenario.

An alternative plot could be as follows. The hacker opens a web site and arranges the information on the site so that it will manipulate and break a search engines algo in a very sophisticated way. He can do this because he is a master mind of reverse engineering and he has figured out in detail the inner workings of the search engine. Then, when a user searches the engine for a common phrase the search result is corrupted and instead of SERPs the search engine feeds a jumbled http response which acts as a virus on the users web browser...

[orion]

Hi, brotherbull

Brother, you may want to check these links or conduct research about these topics.

1. Knowbots

2. Carnivore


Orion

[DYLAN]

Hi Guys,

Can someone explain to me in simple terms what is .net scripting?

The website company I work for uses a lot of .net scripting, but apprantly this can cause the page to upload slower.

Is this correct and what is .net scripting?