Anonymous creatures viewing my shared file on google drive

For discussions about security.
Post Reply
Message
Author
User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

Anonymous creatures viewing my shared file on google drive

#1 Post by Barkin »

Just noticed a weird thing on google drive today : multiple anonymous creatures appear to be viewing a file I intend to share, (see attachment).
However the file is "only those with link" so how do these anonymous creatures know about my file , I haven't sent the link to anyone yet ?
Attachments
screengrab 130421 of Google drive.gif
animated screengrab
(21.24 KiB) Downloaded 569 times
only those with link can view (but I haven't disclosed the link to anyone).gif
(9.4 KiB) Downloaded 597 times

User avatar
puppy_apprentice
Posts: 299
Joined: Tue 07 Feb 2012, 20:32

#2 Post by puppy_apprentice »

i think that somebody wrote script (maybe brute force method) to prepare links and check them if they work, something like:

https://docs.google.com/file/d/XXXXXXXX ... ?usp=shari

where XXXXXXXXXXXXXXXX is random number or taken from list of numbers (dictionary)

but if u check part of your link (https://docs.google.com/file/d/) in Google Search u will get some results, try to check this in Google Search:

"https://docs.google.com/file/d/, name of your shared file"

maybe u will find your link

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#3 Post by Barkin »

puppy_apprentice wrote:i think that somebody wrote script (maybe brute force method) to prepare links and check them if they work, something like:

https://docs.google.com/file/d/XXXXXXXX ... ?usp=shari

where XXXXXXXXXXXXXXXX is random number or taken from list of numbers (dictionary)
Accurately guessing XXXXXXXXXXXXXXXXXXXXXXXXXXXXX by brute force would take trillions of centuries : it's about 30 alphanumeric characters, upper and lower case, [ a dictionary wouldn't help as it's random-looking gobbledygook ]

The only legitimate reason for this I can think of is that the anonymous creatures are generated by me viewing the page, as no other user should know the URL of the file I was about to share.

e.g. some token is generated when someone views the page and that token persists in the google system for a few minutes after viewing the page, so if you visit that page again within that period your previous incarnation still exists and is shown by an anonymous creature icon.

User avatar
Makoto
Posts: 1665
Joined: Fri 04 Sep 2009, 01:30
Location: Out wandering... maybe.

#4 Post by Makoto »

I wouldn't be surprised if they were bots - possibly Google's, to aid in indexing, or even checking to make sure you're not storing anything that shouldn't be there. :|

It's probably a good idea to ask Google about it, if at all possible, though.
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#5 Post by nooby »

Don't they have a googlegroup for the Drive so
them maybe also has seen these bots?

I know nothing but thought of that they may know?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
puppy_apprentice
Posts: 299
Joined: Tue 07 Feb 2012, 20:32

#6 Post by puppy_apprentice »

script with generated XXXXXX is one of the solutions and yes it takes some time, but your link don't have to be sent to anybody to be used, Google Spiders/Bots will add it to the search dadatase i think, it is the same if u upload some files on your server and don't put links to them on your page - they are still easily accesible (eg. via Google Search, some hackers use Google to find eg. files with passwords etc.)

i've checked this in Google Search:

Code: Select all

"https://docs.google.com/file/d/, Barkin"
and found those to files:

https://docs.google.com/file/d/0ByJAC-s ... edit?pli=1

https://docs.google.com/document/d/1wv- ... view?pli=1

i don't know if you have GD account as Barkin (and it those files are yours), but it is possible to find some files using eg. my phrase in GS

i think it is not problem with security but it is normal GD behavior (and those annonymous creatures could be you own trials too as u said)

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#7 Post by Barkin »

puppy_apprentice wrote:i've checked this in Google Search:

Code: Select all

"https://docs.google.com/file/d/, Barkin"
I don't use "Barkin" as a pseudonym with Google services.

I just tried googling "https://docs.google.com/file/d/" and my gmail email and thankfully no hits.

Googling the full URL of the shared file (no X's) gets no hits either.

User avatar
puppy_apprentice
Posts: 299
Joined: Tue 07 Feb 2012, 20:32

#8 Post by puppy_apprentice »

so it seems and those was your own trials, and files that i found were published with flag "public" or something (i was using Google Docs some time ago but if i remember well it was possible to save files as public, visible to others) by another user/s

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#9 Post by Barkin »

puppy_apprentice wrote:... files that i found were published with flag "public" or something ...
More likely someone had actually posted those google URLs on the internet, say in a forum.
puppy_apprentice wrote:... i was using Google Docs some time ago but if i remember well it was possible to save files as public, visible to others
I've never made my Google Drive files searchable via the web ...
Attachments
I always choose ''anyone with the link'' , I'ver never tried ''public on the web''.png
screengrab from Google Drive
(7.49 KiB) Downloaded 356 times

User avatar
puppy_apprentice
Posts: 299
Joined: Tue 07 Feb 2012, 20:32

#10 Post by puppy_apprentice »

so it seems like u have noticed your own trials, try to prepare another file (honey pot :lol: ) using "only those with link", let the file will be text file with name eg.

Code: Select all

passwords
or
topsecret
and text inside

Code: Select all

"if u got acces to this link, please send me info about it to xxxxxx@xxxxxx or post message in this thread http://murga-linux.com/puppy/xxxxxxxxxx"
who knows, maybe we will get answer if it is something wrong with GD and don't use this link for yourself for a while (week or two) to not get false positives :lol:

Post Reply