15 comments

  • sixtyj 1 hour ago
    > The leak occurred when four Fields Medal laureate lecture fields, marked "HIDDEN," were discovered in the front-end code of the ICM 2026 official schedule.

    So it was easier than I thought. Bot just scraped public page with hidden fields, not a secret page or to-be-published page from database.

    • bronson 5 minutes ago
      I'm tired of the framing in the media these days.

      "Mythos will end the world!!"

      "How?"

      "By finding a bunch of wide open security holes that have existed for years."

      Oookay. Is this a Mythos problem? Or a lazy/greedy/uncaring people problem?

  • edoceo 2 hours ago
    I've been working on a site. It's new, domain is only a few weeks old. It's got SSL, so all the bots know it exists. It's never had any sub-pages exposed, just the placeholder lander, no links.

    Somehow in Google search one of the unguessable pages is indexed. We have used Claude and Gemini to assist with some design aspects.

    I'm thinking some aggressive data ingestion/indexing is happening by all the bots in the quest for frontier models.

    • resonious 2 hours ago
      I've also seen Google indexing pages with random values in the path that don't get linked to statically (server asks for the URL then redirects to it immediately). I'm pretty sure they index straight out of the Chrome address bar.
      • st_goliath 2 hours ago
        Yep. I remember a similar story as GP described from a friend back in 2008. The site he was working on that wasn't linked to yet was suddenly indexed after he checked out what it looked like in the fancy new "Chrome" browser that Google had just released, causing some moderate panic on his end.
      • morpheuskafka 1 hour ago
        This may have been part of this issue I found a few months back, as no other explanation for how UUID URLs got indexed was found: https://news.ycombinator.com/item?id=47769796
      • Vvector 22 minutes ago
        This is why i use Firefox
      • foobarbecue 2 hours ago
        Holy crap I hope that's not true. I've also had unguessable pages indexed, though, and don't have an explanation.
        • FabCH 1 hour ago
          It’s absolutely true. It is a documented fact. It was discovered and entered into public record during the DOJ antitrust investigation into Google Chrome.

          They call the signal „popularity“ and it is a successor of the Google Toolbar signal.

          https://www.justice.gov/opa/pr/department-justice-wins-signi...

          • NuclearPM 22 minutes ago
            > „popularity“

            Why are you using weird quotes?

            • evilduck 12 minutes ago
              I'll take a wild guess and assume they are of a German or Polish language background. Wait 'til you encounter a French person who accidentally uses guillemets if you want one even «weirder».
        • jacekm 2 minutes ago
          Chrome sends home the urls you visit together with the page performance data (and probably more). That's how they build Chrome User Experience Report (CrUX) for the most popular sites: https://developer.chrome.com/docs/crux
        • chasd00 48 minutes ago
          This is why Chrome begs you to login constantly and will do it automatically when you login to Gmail through Chrome. Everything you do in the browser (bookmarks, settings, address bar) is data about you sent to Adsense. No need for cookies when you control the browser and know who is using it.

          Edit: also private browsing isn’t exactly private when you’re logged in to the browser.

        • nicce 2 hours ago
          Something worth inspecting further. We know that Chrome stores and sends the browsing history but this is an interesting vector.
          • DANmode 1 hour ago
            I’d be more surprised if they weren’t capturing this information.

            Especially if you have autocomplete-while-searching type of features on.

            • EGreg 1 hour ago
              Why don’t they also capture information you enter into forms on Chrome?

              They control the entire browser surface, technically they can know everything, even TLS and E2E encrypted data, that they silently phone home…

              If you think this is silly, consider that Microsoft Recall had been observing everything on people’s entire SCREENS and phoning home much of it. That is how a guy was caught recently: https://x.com/t3chfalcon/status/2074134314145489195

              And it is actually much worse than even that:

              https://community.qbix.com/t/increasing-state-of-surveillanc...

              • pixl97 56 minutes ago
                >Why don’t they also capture information you enter into forms on Chrome?

                For some reason people are downvoting you, but yea, one day we'll likely see a lawsuit where they do exactly that.

        • inigyou 1 hour ago
          There's no reason to think it isn't true. It matches every pattern of behavior observed from every tech company.
          • EGreg 1 hour ago
            Why don’t they also read your gmail and get your bank passwords?

            And maybe have access to EVERY site actually, with “forgot password” type stuff in addition to providing oauth tokens…

            • dbdr 1 hour ago
              " Microsoft is scanning the inside of password-protected zip files for malware"

              https://arstechnica.com/information-technology/2023/05/micro...

            • pjc50 57 minutes ago
              The tools in gmail in some sense "read" all your mail in order to classify spam and do things like calendar integration. The extent to which they do other things with the information is .. unclear.
            • inigyou 56 minutes ago
              Because your bank doesn't send your password to your Gmail because if they did they know Google would read it.
            • applfanboysbgon 1 hour ago
              > Why don’t they also read your gmail

              Boy do I have news for you.

              • saghm 2 minutes ago
                Yeah, I thought it was pretty obvious that is literally the whole reason that Gmail even exists
    • cynerx 1 hour ago
      Are you using Cloudflare by any chance? I think the Crawler Hints setting [1] exposed some of my "secret" pages in the past.

      [1] https://developers.cloudflare.com/cache/advanced-configurati...

    • dataviz1000 43 minutes ago
      The tin hat guess. Did you include Google analytics embedded in the pages? Do you navigate to pages and Google analytics sends that data home? 10 years ago I discovered that Google analytics would send the equivalent amount as organic users; meaning if we sent an email newsletter with links to articles, Google would send almost 1:1 ratio the same number of people from search results. They are tracking everything and using it for more than just reporting.

      Do you use a CMS or other tools that auto generate sitemap.xml? Perhaps you unknowingly told Google about those sub-pages.

    • dreambigwrkhard 2 hours ago
      Depending on the CMS, if it's wordpress (15% chance, ha) there is a sitemap function built-in out of the box. The bots don't need to guess.
    • pohuing 1 hour ago
      There's a couple avenues besides just stealing what's in your URL bar.

      If you don't use wildcard certs all of your subdomains can be scraped from the certificate transparency logs. Additionally, any domain+cert using HSTS with preload enabled end up in a big list at Google to speed up the initial connection from browser to site.

      • basilikum 22 minutes ago
        > HSTS with preload enabled end up in a big list at Google to speed up the initial connection from browser to site.

        HSTS preload is not for speed. It's to protect against SSL stripping on first connection. Modern browsers already try port 443 first or in parallel with 80.

      • brookst 1 hour ago
        For hosts, but not pages on the site.

        But I think the other explanations take care of pages: cloudflare hints, chrome reporting addresses visited, etc.

      • fragmede 1 hour ago
        CT logs just explain how they found the domain. T doesn't explain how they could have found unlinked content on the domain itself. If I put up secret-example.com/asdf-1234567.html, how does that page get found if there are no public links to it?
        • Lomlioto 33 minutes ago
          Don't underestimate people not knowing were they share stuff by accident.

          Creating Sitemaps, sharing it somewere public, putting the url in some 3th party service, server logs, some indirect path in javascript.

          But if you never mention that url, it will not be found if not leaked by your server.

    • f311a 1 hour ago
      Google Chrome used to report visited pages back to Google, not sure if this still the case. Also, Google Analytics can see visited pages and Google uses it.

      Finding domains is easy, everybody uses CTL to find them.

    • VladVladikoff 1 hour ago
      Google uses data from chrome. If you visited it with chrome, google knows it exists.
    • NDlurker 16 minutes ago
      Hmm. Seems like this could be used for an ARG
    • malwrar 1 hour ago
      They log all DNS requests made to their public resolver in a searchable internal database, at least when I worked there a decade or so ago. I wonder if they seed their crawler with it?
      • Analemma_ 1 hour ago
        DNS servers never see subpaths you request, only the domain itself, so that wouldn’t help with a hidden path. But there are lots of other ways to get it: caches/CDNs can leak paths, Chrome presumably sends Google a bunch of request details, and so on.

        It’s a different story if it’s a subdomain though, OP wasn’t clear.

    • animex 35 minutes ago
      I've always wondered if Chrome leaks these URLs too.
    • htek 1 hour ago
      Nothing you enter into an LLM not hosted by you, or put onto the web is safe from being collected and exploited by these "AI" companies and their LLM's voracious appetite.
    • mirekrusin 1 hour ago
      Isn't leaking browser extension used by one of people on the team (doesn't need to be developer, could be qa or anybody with whom the access was shared) more plausible?
    • phoghed 1 hour ago
      You ISP also collects and sells data to companies like Moz, and possibly to Google too.
      • soblemprolver 1 hour ago
        URL paths over https wouldn't be transparent to the ISP though, would they?
        • throw10920 1 hour ago
          They would not - GP was probably bringing up something not directly relevant, but still related. (they should have clarified though)
    • stavros 40 minutes ago
      It's indexed some unlisted draft blog posts of mine that were never touched by AI or published anywhere. I use a static site generator so there's no earthly way they ever found the pages by scraping, at most I visited the pages once or twice from my browser.
    • brador 1 hour ago
      Chat programs catch links you send.

      Also that browser setting to check urls are safe sends them out “sometimes“.

  • ashu1461 2 hours ago
    Someone used Codex to scrape the ICM website schedule and discovered that the winners list was simply hidden in the front-end code with a "hidden" tag

    This is on the devs and feels like a very basic leak which could have exploited in the non LLM world as well.

    • st_goliath 2 hours ago
      Well, the angle is kind of important here. The company gets their name in the news, they have a reasonable explanation why they were scraping around, and we end up with a story about innovative tech company whiz-kids who made a funny discovery, while it was the webdevs on the other side that goofed up.

      Imagine a private individual just scraped the website (or simply clicked 'view source') for no reason in particular and then told people about it... They'd be labeled an uber-haxxor, face a civil lawsuit asking for ridiculous damages while being threatened with a prison sentence over CFAA violations. Hell, that might even drive some people to suicide.

      • brookst 1 hour ago
        The fact that an egregious case happened once, decades ago, is probably not sufficient grounding to act like every bit of equally trivial “hacking” always results in massively disproportionate law enforcement response.

        Sucks it happened. But we all know that is not the typical scenario.

        • st_goliath 32 minutes ago
          > But we all know that is not the typical scenario.

          Back in the day, you could read a stories on Slashdot practically every other week that usually went something like this: Company/institution does something stupid, somebody finds out, tries to be a good citizen and tells them. The organization then throws a tamper tantrum in the media, fires the legal department on all cylinders, screaming "hacker!" and throwing the book at them. The most egregious cases usually happened in the US, the CFAA happens to be a particularly strong book to throw.

          People eventually got the hint and either talked to the press instead, or organizations like the CCC (at least in this part of the world) and let them deal with the organization and not talk to them directly.

          At least in my perception/memory, it started improving over the 2010s, but stories like this are now starting to pop up again in recent years. I guess we have a new crop of computer enthusiasts who need to learn the same lessons again.

          Of the top of my head, the CTF group in Malta comes to mind who gave a talk at (last years?) CCCongress. A badly worded E-mail asking about a bug bounty resulted in several arrests, house searches and ultimately a presidential pardon (https://timesofmalta.com/article/pardon-issued-students-lect...).

        • pixl97 53 minutes ago
          >But we all know that is not the typical scenario.

          Eh, it's typical enough that most cyber security researchers are cautious. The laws around 'hacking' can be rather stupidly written while judges and juries aren't the smartest bunch.

    • ajb 2 hours ago
      Yeah that happens all the time. Anyone/thing with popular public releases has fans/journeys scraping the website looking for unreleased material or scoops.

      In the early days one of the high profile soaps in the UK published their "catch up" summaries for the week ahead which you could get just by editing the date in the URL. But back then not so many people were looking, so they were doing it for months...

    • sigmar 1 hour ago
      Most of what an LLM does "could have" been done by a human if you throw enough human hours at it. But the reality in this circumstance is that a new tool helped find this leak. Saying this could have happened in a "non LLM world" is analogous to "someone else could have discovered special relativity, let's not mention Einstein"
  • efficax 2 hours ago
    twist: codex also wrote the code that placed the winners list in a hidden element
  • zaikunzhang 2 hours ago
  • hubraumhugo 6 minutes ago
    I work at a company that collects and monitors web data for investment firms (in an ethical and healthy way, unlike the AI crawlers). I can tell you there is a surprising amount of money to be made in public markets by uncovering such hidden signals like FDA approvals, product announcements, governmental policies etc. And agents are very good in finding these kind of unintended leaks.
  • netvarun 1 hour ago
    First of all congrats to the winners.

    Second, fitting that codex enters the picture.

    The last time the fields medals were announced llms were still very nascent :)

    And I am convinced this is the last time pure human fields medalists will be announced.

    The next batch’s winners are all going to have llms as coauthors.

  • contact9879 40 minutes ago
    much more info on wechat

    google translate link:

    https://mp-weixin-qq-com.translate.goog/s/DPsMKToa_sbi_Nx3X1...

  • bananaflag 2 hours ago
    This is sad, almost as sad as the Deathly Hallows pre-release leak.
  • logicallee 31 minutes ago
    really tacky of the finders to disclose the names.
  • tw1984 1 hour ago
    too bad that those winners can no longer bet themselves on polymarket as the winner and make big money.
  • whalesalad 45 minutes ago
    This is like when a news site throws up a paywall and hides half the article. Open inspector. Select the body, delete the overflow/scroll capture styles, delete the masks... and boom there is the entire article. Only some sites are smart enough to actually truncate the content server-side.
  • picafrost 2 hours ago
    > Hong Wang will become the third female mathematician in history to receive the Fields Medal

    Interestingly, if true, it will also be the first time an MIT PhD graduate has won the Fields Medal.

  • micromacrofoot 2 hours ago
    ai bots will have more privacy than we do
  • rurban 2 hours ago
    It's Wang Hong, my god. Cannot they still don't write proper Chinese names?
    • opjjf 31 minutes ago
      I think she herself can decide, this is her site: https://sites.google.com/view/hongwang/home > Hello! I'm Hong Wang.
    • bananaflag 2 hours ago
      Wikipedia says Hong Wang while acknowledging that the native form is Wang Hong and that they are using the Western name order.
      • grommz 2 hours ago
        Nobody says Jinping Xi or Zedong Mao.
        • inigyou 1 hour ago
          Can we not just agree that transliteration is tricky business with no single canon?

          Some Indian restaurants near me sell Aloo Saag, others sell Alu Sag.

          • rurban 1 hour ago
            No, there is a single canon. Proper media is able to use proper names. This was not on.

            Esp. in this case with Wang having a special meaning in China.

        • treetalker 1 hour ago
          Well, some do say Jinping the Eleventh …
          • bananaflag 1 hour ago
            And Kim Jong the Second, which was confusing since he was actually the second Kim.
        • bromuro 1 hour ago
          Is Elton John or Jhon Elton?
    • jryle70 1 hour ago
      https://en.wikipedia.org/wiki/Hong_Wang

      Such as waste of energy to argue on

    • malfist 1 hour ago
      > Cannot they still don't write

      Amusing to see someone complaining about not using their definition of "proper language" when they themselves are not using proper language.