Netgear, the maker of popular computer networking products, is currently serving up a whole slew of Blu-ray movies (and more) on a Web site under their ownership, but are they even aware of such public offerings? Let this post serve as a warning to those of you who operate a Web site — be it corporate, personal, or otherwise. Time and time again, advanced Google search queries allow me to peer into a world of highly-visible brands with unsecure and/or incorrectly configured Web sites — even when I’m not specifically seeking them out. For my latest leg of research, I sought to find Blu-ray movies residing on Web sites in Google’s index. Such searches are quite simple to achieve when using search queries like this: intitle:index.of bluray | mkv | 1080p Although I used a more refined search query than the one above, I ultimately stumbled upon the following search result:
Clicking through to see the actual page, there are some 20+ Blu-ray rips of movies, like 2012, Avatar, Harry Potter 6, The Dark Knight, Iron Man 2, and more. After verifying that a handful of the links were downloadable without the need for authentication, I was interested to see if netgearlabs.com belonged to the very same Netgear that many of us have owned devices from over the years. Surely not, right? Wrong. First, I performed a WHOIS search of netgearlabs.com, and here are the results:
As if that isn’t enough proof to draw a conclusion from, the nail in the coffin came when performing a WHOIS search of netgear.com:
Now having verified that netgearlabs.com does, indeed, belong to Netgear, I decided to have an extended look around to see what else might reside therein. Interestingly, netgearlabs.com redirects you to http://netgearlabs.com/media/, and from there, it’s not long before clicking around leads you to more HD movie rips, in various formats, spread throughout various folders. There are also MP3s strewn throughout, as well as references to Demonoid, Bittorrent, a forum for downloading ripped movies, and more. So, just what is the purpose of the site?
Well, after performing search queries like this one, I’ve come to the conclusion that the site has been a testing ground for Netgear media players/devices. There are media apps located in this folder, as well as references to the Netgear NTV550 (a device which allows you to view stored digital media (movies, pictures, etc.) on your TV). While Netgear appears to have legitimate reasons for having much of the content found on this site, it’s simply inexcusable for this type of data to be publicly available — never mind via a Google search — in a day and age when sites are being raided or taken down due to complaints from the MPAA (Movie Picture Association of America). Popular file search engines, like rapidlibrary.com, have even picked up on Netgear’s site (also discovered via this Google search query):
Additionally, it seems to be only a matter of time before companies start covering themselves, legally, from the actions of individual employees. This is why I urge not only companies, but individuals as well, to be hyper-aware of all Web-related activities. I’m not a law professional by any means, but this is one scenario where erring on the side of caution only makes sense. Stay tuned for my next case study, where I expose similar activities taking place on Web sites from entities that should know better.