#WikiLeaks “malicious search engine poisoning attacks” ?
“The department fears accessing the site could expose government computers to “malicious search engine poisoning attacks” and that third parties might “collect and exploit visitor data or deliver malicious software through downloaded files.”
Because the WikiLeaks downloads aren’t in Adobe PDF format they aren’t susceptible to the security vulnerabilities that come with the popular Adobe Reader and software.
Which makes downloading from WikiLeaks safer than downloading from many websites on the Internet.
But isn’t the Department of Defense at risk for:
“malicious search engine poisoning attacks” ?
Ahem…. what is that exactly?
“SEO Poisoning” or “Search Engine Optimization Poisoning” may sound scary but what it means is tricking search engines into ranking your website more highly than it deserves.
This is done by inserting words or phrases that would get high ranking from a search engine. An example of “SEO Poisoning” might be when a webpage selling grass seed gratuitously using phrases like “Justin Bieber.”
Sometimes this dastardly deed is accomplished by including high ranking words and phrases in the same color as the background, making the text invisible to visitors and fooling Search Engines that do see these words and are fooled. This “poisons” the search results.
When I Googled “malicious search engine poisoning attacks” the were only a few direct hits, which explain it as “SEO Poisoning” used to drive traffic to scam websites.
The thing is, every time you search the Internet, using Google or Scroogle or Bing, any search engine is going to bring you results that are not what you are looking for. That’s why you get more than one answer to a search: it is far from an exact science. Poisoning is a serious problem for Google, say. But for the Department of Defense?
What WikiLeaks has done is to make classified material public. Which means that looking at some of this material will very likely violate Defense Department policy.
see no evil, hear no evil
This memo sounds rather like the equivalent of the “close your eyes” method of security. The only way to ensure Defense Department employees do not see any of this material online would be to disconnect from the Internet.
I would expect the Federal Government computer security staff to be aware of this. Perhaps the Department of Defense needs a little refresher course on computer security.
the Cablegate page is still up.
Australia provides some insight: Crikey: Missing the point on WikiLeaks
“Hear no evil, see no evil” Photo by Charlton Barreto on ipernity Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License