SAN JOSE, Calif. (AP) -- It's called "Google hacking" -- a slick data-mining technique used by the Internet's cops and crooks alike to unearth sensitive material mistakenly posted to public Web sites.

And it's just gotten easier, thanks to a program that automates what has typically been painstaking manual labor. The program's authors say they hope it will "screw a large Internet search engine and make the Web a safer place."

Google hacking doesn't mean anyone's hacking Google's Web site. Rather, it refers to a sophisticated searching technique used to uncover flaws in the way Web sites handle confidential details, such as public files containing password and credit card numbers and clues about the vulnerability of the site's own servers.

(Article continues below)

It works by examining the hidden recesses of a Web site, areas that have been indexed by Google but don't pop up in traditional searches. Sometimes Web sites accidentally post revealing information about themselves, either because employees mistakenly put confidential documents online, or the site wasn't properly configured to obscure sensitive areas.

Security experts say Google hacking wouldn't be an issue if Web sites had proper security safeguards in place.

By looking through Google for evidence of specific types of files used by a Web site or telling responses from the Web site's servers, hackers can learn a lot about how the site was built -- and thus how to begin crafting their attacks.

FULL STORY: CLICK HERE