Police To Google: Make Our Site More Secure By Delisting It
from the how-not-to-fix-anything dept
Having trouble keeping your secure website secure? Why not try a DMCA takedown request?
Of all the things DMCA takedowns have been used for (mainly removing infringing material, censorship), I've yet to see one deployed as an ad hoc extension of a cop shop's IT department.
The Idaho State Police would apparently like Google to forget all about its publicly-accessible login page for its evidence database.
We have a private login page that is not on any internet webpage. It is law enforcement sensitive and we are trying to minimize the attempts to hack the site. We would appreciate Google not indexing the site. https://ilims.isp.idaho.gov/prelog/LIMSPrelog/It's still indexed, although you have to perform a very specific search to see it. The URL takes you to the login page for access to its LIMS (Laboratory Information Management System) database. That's it.
It's not the only page of its type accessible via a Google search. Login pages for law enforcement agencies from York County (South Carolina), Westchester County (New York), Kansas (Criminal Justice Information System) and Minnesota (Dept. of Public Safety) can all be accessed using "LIMS" "prelog" or other related terms. If you'd like a copy of Porter Lee's "Crime Fighter BEAST" software -- which most of these databases utilize -- the Alabama Department of Forensics has a handy download link on its website. (Not that you can do anything with it but attempt to log in...)
A DMCA notice is not for removing pages you'd rather Google didn't index. It's for taking down infringing content. Beyond that, simply delisting the link will likely have no noticeable effect on hacking attempts. The page will still be accessible from the web -- and that's the main problem if the Idaho State Police are looking for a more closed/protected system. (And it doesn't help that the login screen indicates Internet Explorer and Adobe's PDF reader are both needed to make full use of the site…both of which have their own security issues, especially the latter.) It appears a blanket disallow was added to the site's robot.txt, but all it seems to have done is prevent Google from returning any descriptive information along with the URL.
Google appears to have ignored the request, which is how it should be. This has nothing to do with copyright and everything to do with people thinking DMCA takedown notices are the best hammer for every nail they come across.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: censorship, copyright, dmca, idaho state police, lims prelog, security, takedown
Reader Comments
Subscribe: RSS
View by: Time | Thread
Bet it's going to be quite a bit easier to find now after they made such a big deal in trying to hide it. Idaho State Police meet the Streisand effect!
[ link to this | view in thread ]
And bonus points
[ link to this | view in thread ]
Perhaps they have the same IQ requirement for I.T. staff as they have for police officers!
[ link to this | view in thread ]
/facepalm
Uh... yeah it is. If it weren't it wouldn't be publicly accessible. Perhaps this give some insight into why law enforcement seems to have a bad habit of invading the privacy of others. Could it be that they don't know what the word "private" actually means afterall?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
SSL Labs grades the site an "F"
No wonder they don't want anyone hacking away.
[ link to this | view in thread ]
Re: SSL Labs grades the site an "F"
[ link to this | view in thread ]
Anyone still using either of those in 2016 should be put up against the wall with the Marketing Division of the Sirius Cybernetics Corporation.
[ link to this | view in thread ]
Some moron probably caused it to be indexed...
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Some moron probably caused it to be indexed...
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Some moron probably caused it to be indexed...
[ link to this | view in thread ]
Let me google that for you....
http://bfy.tw/4JUe
At this point, about all they can do is change the url and make sure that the robots.txt is correct before they publish the new url. ;)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Let me google that for you....
[ link to this | view in thread ]
Re: Re: Let me google that for you....
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: Let me google that for you....
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Someone doesn't understand how "robots.txt" works.
[ link to this | view in thread ]
Re: Someone doesn't understand how "robots.txt" works.
[ link to this | view in thread ]
Re: Someone doesn't understand how "robots.txt" works.
but what do I know?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Did you actually read the article?
[ link to this | view in thread ]
Security via Obscurity
Google = Internet.
We hired a cousins nephew who set the clock on the VCR to setup our website. You mean OTHER people can find it on the internet?! Quick make Google fix it.
Someone with some free time want to submit a FOIA request to find out how much cash was kicked back from the idiot who set this up? I'm willing to bet millions were and continue to be spent keeping this trainwreck rolling.
[ link to this | view in thread ]
lol
[ link to this | view in thread ]
Re:
Google and all the other search engines won't list the site in the first place. All these company's and people complain about Google listing them, linking to them whatever and all they had to do was a simple txt file and their problem is no problem at all. This is like Web page design 101. Web Page Design for Dummies!!!!
[ link to this | view in thread ]
To be fair, the rules on what you must do to de-list a page are not intuitive. On the other hand, they are easily googleable:
"Important! For the noindex meta tag to be effective, the page must not be blocked by a robots.txt file. If the page is blocked by a robots.txt file, the crawler will never see the noindex tag, and the page can still appear in search results, for example if other pages link to it."
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
But honestly -- they're off on the wrong foot in the first place. They shouldn't have such sensitive access points open to the web at large at all. Don't they have a VPN?
[ link to this | view in thread ]
Has anyone even looked at this site?
But the page... And the Code... Oh, it hurts my eyes so badly! Quick! Close it, forget it, BURN IT DOWN! I agree with them and this should be DMCA'd because no one should be able to see such ugliness...
It's Geocities all over again...
[ link to this | view in thread ]
Re: Re: Re: Some moron probably caused it to be indexed...
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Robots.txt
[ link to this | view in thread ]