New ‘Month-of’ project targets search engine flaws

A lot of security pros dismiss the recent flood of “month-of” flaw disclosure projects as PR stunts rather than a vehicle for better security. But such criticism isn’t stopping people from launching more of them.

A Ukrainian researcher will start a new project June 1 that focuses on flaws in search engines from the likes of Google, Yahoo, MSN and Ask.com.

“[The] purpose of this Month of Bugs is a demonstration of [the] real state with security in search engines, which are the most popular sites in Internet,” said the researcher at the center of the project, who identifies himself as MustLive in his blog. He said the purpose of the project is “to let users of search engines and [the] Web community as a whole understand all risks search engines bring to them … and also to draw attention of search engines’ owners to security issues of their sites.”

I’ve reached out to MustLive to get a deeper look at what’s behind this project. I hadn’t heard back from him at the time of posting, but if and when he responds we’ll provide some follow-up coverage.

Technorati Tags: ActiveX+flaws, search+engine+flaws