SlashGear Learns Security The Hard Way

Kicking off TechNews.biz, we wanted to pick up our CES badges early… and actually know where we were going. The CES Press Room doesn’t move from year to year very much, but we wanted to check.

So, we hopped on Google and searched for “ces press badge holder pickup” (sans quotes).

What did we find as the top result? Why a PDF file… containing a lead SlashGear writer’s personal information. He had uploaded his confirmation email to a file storage site, without any robots.txt file telling the Googlebot to not index the files.

In that email was all his contact information, and basically anything you would need to impersonate a SlashGear editor.

This is a reminder to all of you, make sure your sites aren’t being crawled by Google where you don’t want them to be. Even better, password protect directories of your personal web sites so nobody can crawl them.

And yes, we gave SlashGear an advance copy of this article. We’re nice guys, remember?