Google Search: inurl:”ViewerFrame?Mode=”; We’ve talked about using Google “inurl” searches before to find different content management systems based on their URL signature. But now someone has figured out the URL signature to a certain security camera and you can find thousands of them, unsecured on the Net.
Sadly, while they come back in a search, I haven’t found one I can actually view yet. Most are timeouts.
This guy found a camera and posted a screenshot. In the shot, you can read the business phone number on the window, and someone was sitting at the desk. So they called him.
Now, the lesson learned here is that URL signatures are fair game for searches. If you have an app, and someone can isolate a unique quality of your URL, they can search for instances of your app all over the Internet. Given the problem last month with the phpBB worm, this might not be a good thing.