Pretty Scary eh?
Although some people do call them the Central Lack-of Intelligence Agency.
Privacy is a major issue and well people should be a little more careful about what they reveal online, perhaps I’ll rehash my old Google Hacking Presentation and write it up as a post for Darknet. I guess it would be interesting reading for many people.
Remember the Internet has memory now with Google Cache, MSN and Yahoo! are starting to Cache too and there are other services like http://web.archive.org that show the history of a site. So if you slip up and make something public on your domain, it may well come back to haunt you.
The identities of 2,600 Central Intelligence Agency (CIA) employees and the locations of two dozen of the agency’s covert workplaces in the United States can be found easily through Internet searches, according to an investigation by the Chicago Tribune.
The newspaper obtained the information from data providers who charge fees for access to public records and reported on its findings in Sunday editions. It did not publish the identities or other details on its searches, citing concern it could endanger the CIA employees.
I’ll talk about this kind of thing more in depth later as it is one of my areas of expertise, passive information gathering, the things people expose on the net, it’s pretty amazing really..and scary at times as this CIA example shows.
One of the facilities, a CIA training area dubbed “The Farm” at Camp Peary, Virginia, was a well-kept secret for decades. The agency refused to publicly acknowledge its existence, even after former CIA personnel confirmed its presence in the 1980s.
But the Tribune said an Internet search for the term “Camp Peary” produced data identifying the names and other details of 26 people who apparently work there.
Additionally, a review of aviation databases for flights at Camp Peary’s airstrip revealed 17 aircraft whose ownership and flight histories also could be traced.
Really, I think they should at least try and be a little more careful.
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- ‘Free’ USB Drives Defeat Company Security
- Your Employees Don’t Care About Your Data
- Microsoft Implements Company Policy For Vulnerability Disclosure
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,137,896 views
- Hack Tools/Exploits - 581,798 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 414,485 views