Slashdot picked up on the blog post from Light Blue TouchPaper commenting on the fact that a researcher was suprised to discover that simply putting an md5 hash into google returned a hit with a mapping to the original word..
This is an interesting concept.. A while back, we decided to fiddle with the concept of using googles indexing and spidering as a new take on the time/space trade-off for password cracking..
A simple cgi script that accepts a single parameter.. We then use url re-writing to make the script look less scripty and more crawler friendly.
A quick check on the internet shows that google indexes 100k into a document, so our CGI sits around doing nothing, till its first visited:
Once it is, it generates all chars from a..ZZZZZ and prints them along with their md5 hash:
So if you hit: https://secure.sensepost.com/sp-hash/a, you would get:
Now since google only indexes upto a certain point in the doc, its useless filling this page with all of the hashes, so at 100k we stop, and if the char at that point is abc, the cgi then creates a link to itself with abc as the param.. (in our picture it stops at pnt)
The crawler hits that link, effectively hitting and seeding the same cgi, which then keeps going ad-infinitum..
This can be tested, so a quick google for site:secure.sensepost.com + adog will return:
(you can also use google webmaster tools to pre-seed the spider)
Unfortunately i never got back to it, but noticed that while google did index the full charset a..zzzzz at a point some hits dissapeared.. im not sure if this is due to filtering on some of the words that emerged or simply not enough link credibility..
I suspect that if the problem is the latter, it could be fixed by more ppl picking up seeds.. in this plan.. multiple ppl would run the cgi, and a type of delegation can be set up.. so while google is indexing me from a..zzz its indexing someone else from zzz..ZZZ etc.. at just the cost of bandwidth, this would give useful results..
I've spoken before on how I like some of Simon T Bailey's stuff and his general leetnesses...he has some gems...
This one, on rational vs emotional commitment is quite leet and touches on a discussion we had over lunch...
You might be wondering about the difference between rational and emotional commitment.
Rational commitment is the “what” that you agree to give an organization when you’re hired: your time, talent and energy in exchange for financial compensation, professional development opportunities and the chance to fulfill your career ambitions.
Emotional commitment is the “why” – the passion and the purpose behind the work. It’s what keeps you in the relationship with the organization. When you are emotionally committed, your confidence increases and your heart flutters with complete satisfaction as you enjoy professional utopia.
Rationally committed employees do what they have to do; emotionally committed employees do what they love to do.
While this is pretty cool in itself, it goes further...
The Corporate Leadership Council recently surveyed 50,000 employees from 59 different organizations in 27 countries, representing 10 industry groups. One of the key findings from this survey is that emotional commitment is four times as valuable as rational commitment in driving discretionary effort among employees.
Discretionary effort means you raise your hand to take on more work, you offer to assist others when they are overloaded, and you proactively go the extra mile to drive results without anyone tapping you on the shoulder to ask for your assistance.
When you are emotionally committed to your organization, your brilliance is ignited because you cease wondering if you are valued and secure in your position.
Food for thought...(you can tell lunch was good) :>
Of course, Leopard's new improved (tm) finder includes an Itunes'esque "Cover Flow" view (which includes quick view thumbnailing quite impressively)..
Of course, it means you get a better look at the win32 - BSOD :>
but Leopards default icon for windows machines has to rank up there with dvwssr.dll
(yeah.. thats a BSOD)
ok.. who's old enough? what was the similarity between this and dvwssr.dll ?