[ad_1]
Caceres freely agrees that hackers can use PunkSpider to access web pages. But he says scanners that find problems online have been around. This only makes the results public. “You know your customers can see, your investors can see, so you fix this quickly,” says Caceres.
Take Two
The story of Caceres and Hopper’s Defcon is the second sign of PunkSpider. The idea of a tool was born ten years ago, in the summer of 2011, when unidentified hackers and his LulzSec team were involved in a burglary and burglary, much of which was made possible by cybercrime (“Why is there an SQL injection everywhere?” one LulzSec song for hip-hop.)
Caceres realized at the time that even unscrupulous thieves seemed to have no problem finding the number of bed bugs. He began to wonder if the only solution would be to expose all the problems on the internet in a big cleansing. That’s why in 2012 he started making PunkSpider to do the same; showed up at the Shmoocon hacking conference in early 2013. His small R&D security company, Hyperion Gray, also received money from Darpa.
From the very beginning, the project has faced challenges. Audiences at Shmoocon questioned whether Caceres was supporting civilian scammers – in violation of the Computer Fraud and Abuse Act at the time. Amazon was recently fired several times from Amazon Web Services accounts used to launch search engines, after receiving disturbing reports from angry webmasters. He was forced to create new hiring accounts on a regular basis in order to travel.
By 2015, Caceres was looking online for new challenges only once a year. He insisted on keeping PunkSpider online and paying his price. Soon, he allowed the project to end.
Earlier this year, however, Hyperion Gray was acquired by QOMPLX, and the great founder agreed to launch a new type of search engine. Now Caceres and Hopper say their modified tools are powered by a single machine-generated machine, which can scan hundreds of millions of pages per day – modifying its results across the Internet, or searching for specific URLs at a user’s request. PunkSpider’s older drawings of the entire web take about a week to complete.
Caceres declined to name his current sponsors, but says he has partnered with the company in promoting PunkSpider, which he hopes will prevent his accounts from being revoked. Also, even reluctantly, they have added something that allows webmasters to view PunkSpider visually for the user who helps identify visitors on this page, as well as email and an item that allows websites to opt out of search tools. “I’m not happy about it, honestly,” says Caceres. “I don’t like the idea that people can opt for security and hide their head in the sand. But it’s a very stable and stable thing.”
PunkSpider page
The reborn version of PunkSpider has already revealed actual errors on the main page. Caceres exhibited WIRED visuals which show the complexity of both components Kickstarter.com and LendingTree.com. Instead of LendingTree, Caceres claims that the threat can be used to create links that, if users are tricked into hacking them, may receive malware on the page or display what is happening on the LendingTree page. Caceres says, Kickstarter’s error, could provide a destructive opportunity to create an image that, if the victim clicked, could show what they want to do or charge from their credit card to a Kickstarter project.
“LendingTree uses a number of control measures to protect our site and the privacy and reliability of our customer data,” the company said. “This includes firewall firewalls, intruders’ testing and robust / robust monitoring to identify and correct vulnerabilities. In addition, we monitor any security concerns carefully and quickly evaluate and address any potential problems.” KickStarter wrote in an email to WIRED that it was “fulfilling” its online errors.
[ad_2]
Source link
