Arnold Schwarzenegger/Phil Angelides file download issue

arnold schwarzenegger lets maria configure apache for him too

Today's "hot" issue is not Arnold Schwarzenegger's blather about immigration. Rather, it's the audio file that Phil Angelides staffers downloaded from the California government web site in which he called Bonnie Garcia "hot".

It's good to see the Angelides campaign being shown to be as sleazy as their candidate himself. However, it would be nice to discuss much more important matters.

Nevertheless, the staffers apparently claim that they did not "hack" his site and they didn't try to guess passwords in order to gain access to the file. They claim they backed up on the file name, which is given here as speeches.gov.ca.gov/dir/08-29-2006_avail.htm.

Apparently they transformed that into speeches.gov.ca.gov/dir and were thus able to access other files and directories. Nothing that experienced internet users have not done in the past and, as a matter of fact, the W3C suggest naming URLs so that they can be guessed.

It appears that that whole server has been 404ed, but you can see some of the pages that google cached here. The fact that they were able to cache them indicates that at least those pages were not password protected. Some of the subdirectories of the 'dir' directory might have been password protected, and, while I haven't verified it, if there were symlinks outside those directories leading to files inside those directories I think Apache would have prevented access. Unless they were given a name and password, guessing a name/password would probably be considered "hacking".

From the previous search, here's cache of a sample press release, showing the links to some audio files. Here's a sample of someone linking to one of those press releases.

Here's Yahoo's entries.

Archive.org shows nothing.

ZZZZZZZZZZZZZZZZZZZZZZ................

Comments

Arnold is a RINO and dominated by a wife that is one of the worst left wingers in the country. That aside, the hacking of his computer has been turned over to law enforcement. If it was password protected that could mean real trouble for someone. Isn't there a big fine and jail time connected with that type activity these days?