xeuledoc

xeuledoc is a tool (hacking?) that can determine the owner of a google doc and often the name and email are available. I’ve been testing it and it seems to work well! Although it seems to only work with publicly shared documents.

The interesting thing is that you may not want your name and email address available to every one! Ever shared info via a google doc? You may be exposing at least your name and email to people who are unscrupulous – might be time to think about all the docs you may have shared! Is it a good thing that your email address and name are linked to this data?

It also seems to work with the “Security setting” anyone who has this link. It will be interesting to see if google “fix” this, and how long it might take.

Note this above example is included in the application as published by its owner.

Github link to application
https://github.com/Malfrats/xeuledoc

Apparently it can also work on
Google Docs – Google Spreadsheets – Google Slides – Google Drawning – Google My Maps – Google Apps Script – Google Jamboard

What is it about the Australian government and technology?

Pot of pickled peppers

So this government Covid 19 tracking app is an interesting idea – they even said that they would release the source code…. all very good, I’m thinking I may even install the thing… but then today I read this!

https://www.innovationaus.com/sovereign-capability-and-that-shocking-aws-deal/

To sum up it’s yet another govenment SNAFU…
From the article…

“You really have to wonder what kind of crisis would be needed for the Australian Government to use Australian technology providers for jobs that are well within their capability. “

Update 18 May 2020
Some interesting reading hear. The app it’s self seems reasonable but without the back end code questions still remain.
https://www.qte.am/reading-room

Update 14 May 2020
https://www.theage.com.au/politics/federal/security-report-reveals-some-covidsafe-information-could-go-overseas-20200514-p54t2o.html

https://www.theguardian.com/law/2020/may/14/questions-remain-over-whether-data-collected-by-covidsafe-app-could-be-accessed-by-us-law-enforcement

Update May 24
https://www.theguardian.com/world/2020/may/24/how-did-the-covidsafe-app-go-from-being-vital-to-almost-irrelevant

Beta testers needed!

Hi I’m very proud to announce that my application (which I still haven’t found a name for!) is ready for beta release. It’s a very light command line app that uses log data for security hardening, so if you use Ubuntu, debian or linux (and or nginx or apache2) and are comfortable with the command line then please do get in touch. At this stage it’s a fairly simple app and in effect a security tool for those of us who can not afford thousands of dollars towards their own IDS.

This application will probably be most useful for smb running their own sites (small aws installs for example) for people who want extra security, and to stop a lot of the “noise” that hits the average web server.
If you want more information, have a look at the intro vid I made that is put up on youtube..
All I ask is that you supply the version of ubuntu / linux that you’re using and that after looking at the app take the time to fill in a short survey.

Look forward to hearing from you
Regards Steve Abrahall
PS if your interested email me at

steveabrahall AT gmail DOT comm

To find out what version of the os your using
lsb_release -a