Since Google Code Search launched a few days
ago, we've received a lot of great feedback, including some about the dangers of exposing
security flaws. Our goal with Code Search is to provide a useful resource for developers and
help increase collaboration within the developer community. Unfortunately, tools that ease
access to information for good can sometimes do so for bad... but it's our strong belief that
the positive impact outweighs the negative, a belief thankfully shared by
many of you.
We hope that Code Search will be used as a tool
for solving security issues and helping people prevent exploits, since security through
obscurity isn't really secure. In cases where we can help prevent certain malicious
behavior, we'll do our best to do that. We're working on some changes already and we're very
open to suggestions -- let
us know if you have ideas.
Also, for those of you who want to
keep your code from being crawled, please check out the FAQ
that explains how to do that with a robots.txt file either on your
website, the archive file or repository itself.
