Manage updates with the Download App
August 20, 2004 6:03 PM PDT
MoveOn.org subscribers exposed
- Related Stories
-
Political parody draws Web crowd
August 16, 2004 -
Google queries provide stolen credit cards
August 3, 2004 -
Google a favorite among hackers, too
July 29, 2004 -
MoveOn looks to Net for political ad stars
July 2, 2004 -
Faith in Net's force rises, falls with Dean
January 29, 2004 -
Campaign sites miss Web boat
November 5, 2002
A Web page misconfiguration left dozens of the liberal political group's subscriber pages easily searchable through simple Google queries. Each page included a subscriber's name, e-mail address and the mailing lists to which he or she is subscribed. CNET News.com confirmed that several searches turned up more than two dozen individual subscriber pages.
"This is extremely disturbing," said one subscriber, who requested anonymity, when contacted through e-mail. "I'm not sure if I should be worried or not, but I am."
The subscriber Web pages linked member's names with their interests, such as "distortion of evidence" and Errol Morris, director of the documentary "The Fog of War," which won an Oscar for its portrayal of the life of Robert McNamara, secretary of defense during the Vietnam War.
MoveOn.org fixed the problem on its site after being contacted by a member. The search results on Google now redirect people to MoveOn.org's front page. The organization is implementing further changes to protect the user information.
The information leak is the latest version of "Google hacking," the practice of using the search engine's advanced features to find private data leaked by Web sites. Earlier this month, security researchers found a way to use the search engine to find lists of credit card numbers, along with card holder information, that had been posted online by traders of illicit financial information.
The incidents highlight increasing concern that knowledgeable Web surfers can turn up sensitive information by mining the Web using the world's best-known search engine. MoveOn.org stressed that no financial information was leaked in the most recent incident, and that the site does not retain credit card numbers.
The discoverer of the MoveOn.org problem, Web developer Shawn Smith, found the information accidentally, he said. Smith, a member of MoveOn.org, had searched Google for information on recent video clips sponsored by the political group. Along with a link to the clips, he found that several of the other search results pointed to Web pages with subscriber information.
"I just wanted to see the (video) spots," Smith said. "Instead, I found these other sites."
Smith alerted MoveOn.org to the problems, and the Web site fixed the issues.
MoveOn.org is best known for using the Net to distribute 30-second spots attacking President Bush's policies. The video spots, called "Bush in 30 Seconds," gained widespread recognition for the site and for the Internet as a medium for grassroots political speech.
Other sites have also profited from the interest of Web surfers, including Sen. John Kerry's and President Bush's campaign sites, and a political parody created by JibJab.
9 comments
Join the conversation! Add your comment
political campaigns have their covert means to circumvent them.
(Even George W).
However to say that MoveOn's goal is to destroy the president
the simplistic and stupid. How can someone who purports to
support openness in campaign finance oppose freedom of
political expession?
It is precisely that type of DOUBLE-THINK that George W
popularized -- to the great detriment of the republic and her
citizens..
You're right on! I certainly would not feel defensive about others knowing what I subscribe to. More important I would be very interested in learning how many of our political leaders and others of influence subscribe to bomb-throwing trash.
Bill Schillings
Thanks,
Stuart