« Master the Password | Main | Patch Tuesday »

An article from CSOonline reports that Google's new source-code search engine will make it easier for hackers to search out software bugs, password information, and even proprietary code. Google's source-code search engine is different from their standard web search engine in that it directly accesses source-code files posted on the internet.

Mike Armstrong, vice president of products for Fortify Software, said, "You could also use that kind of search to look for things that are vulnerable and then guess who might have used that code snippet and then just fire away at it.”

Hackers will also be able to search for code vulnerabilities in password mechanisms as well as search for proprietary phrases within software, potentially uncovering source code that simply does not belong on the internet.

Security experts say that while the implications are noteworthy, they are not earth-shattering. Most skilled hackers were already able to do this, and this just makes it easier. For its part, Google recommends developers use generally accepted good coding practices including understanding the implications of the code they implement and testing it appropriately.

Posted by pschooff in Google • Small Medium Enterprise |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/781