Nuffing.com

Millions of people around the world are living with the harsh reality of Alzheimer’s disease, which also significantly impacts family members. Nobody is immune, as A-list actor Chris Hemsworth discovered when his own father was recently diagnosed. The revelation inspired Hemsworth to embark on a trip down memory lane with his father, which took them to Australia’s Northern Territory. The experience was captured on film for A Road Trip To Remember, a new documentary film from National Geographic.

Director Tom Barbor-Might had worked with Hemsworth on the latter’s documentary series, Limitless, also for National Geographic. Each episode of Limitless follows Hemsworth on a unique challenge to push himself to the limits, augmented with interviews with scientific experts on such practices as fasting, extreme temperatures, brain-boosting, and regulating one’s stress response. Barbor-Might directed the season 1 finale, “Acceptance,” which was very different in tone, dealing with the inevitability of death and the need to confront one’s own mortality.

“It was really interesting to see Chris in that more intimate personal space, and he was great at it,” Barbor-Might told Ars. “He was charming, emotional, and vulnerable, and it was really moving. It felt like there was more work to be done there.” When Craig Hemsworth received his Alzheimer’s diagnosis, it seemed like the perfect opportunity to explore that personal element further.

Hemsworth found a scientific guide for this journey in Suraj Samtani, a clinical psychologist at the New South Wales Center for Healthy Brain Aging who specializes in dementia. Recent research has shown that one’s risk of dementia can be reduced by half by maintaining regular social interactions and even after a diagnosis, fostering strong social connections can slow cognitive decline. Revisiting past experiences, including visiting locations from one’s past, can also boost cognition in those with early-onset dementia or Alzheimer’s—hence the Hemsworth road trip.

The first stage was to re-create the Melbourne family home from the 1990s. “The therapeutic practice of reminiscence therapy gave the film not only its intellectual and emotional underpinning, it gave it its structure,” said Barbor-Might. “We wanted to really explore this and also, as an audience, get a glimpse of their family life in the 1990s. It was a sequence that felt really important. The owner extraordinarily agreed to let us revert [the house]. They went and lived in a hotel for a month and were very, very noble and accommodating.”

Your digital footprint is often larger than you think. It includes all the emails you’ve sent, subdomains you’ve created, and the services you signed in to, not to mention the alarming amount of information Google knows about you. In many cases, this data is visible, and mapping it takes just a few minutes. Certain tools collect public data, revealing exactly what anyone can see about you online. This practice is known as Open Source Intelligence (OSINT). The thing is that if you can do it, so can anyone else.

theHarvester is one of the most easily accessible tools for this. With the right commands, it gathers data from search engines and public repositories. It even accesses security APIs, revealing hosts, emails, and subdomains you forgot about. I got my hands on this tool, and it taught me how exposed we can be.

Setting up theHarvester

Even though theHarvester may sound like a specialized cybersecurity tool (it comes preinstalled on the pentesting-focused distro, Kali Linux), I use it on Linux Mint, and installation is quite easy. You only need to clone theHarvester from its GitHub repository to guarantee you have the latest version and all current APIs and modules.

1. Launch your terminal and run the commands below:

    sudo apt install git python3-venv -y
   
    git clone https://github.com/laramies/theHarvester.git 
   
    cd theHarvester
   
    python3 -m venv venv 
    source venv/bin/activate 
   
    pip install .

2. After the installation finishes, run the command below to confirm it is working:

   theHarvester -h

You should see theHarvester’s menu as confirmation that it has been properly installed.

theHarvester obtains publicly available information using DuckDuckGo, CRT.sh, CertSpotter, DNSDumpster, VirusTotal, and other certificate and threat-intel feeds. You can integrate free API keys for Shodan or Hunter.io by directly adding them to theHarvester’s api-keys.yaml file. This will give your results a boost, even though the tool is still very capable without this upgrade.

Running your first scan

Mapping what the internet already knows about you

Now that you’re set up, it’s time to discover what your online footprint looks like. To start, launch the terminal in theHarvester’s folder and run the command below, replacing example.com with a test domain or an actual one.

theHarvester.py -d example.com -b all -l 100

You can also run the command below from a general terminal to launch theHarvester.

Using the -b all flag in the command above lets theHarvester search in all available data sources, and -l 100 will limit the results so they’re readable.

Shortly, results will appear in the terminal. They typically contain emails, subdomains, hostnames, IP addresses, and sources. When I ran this search on a personal domain, I was surprised to see the amount of personal information I had floating on the internet—information anyone may find from public sources.

Running it on a domain you manage would probably reveal old emails connected to accounts you’ve forgotten and subdomains for test environments you no longer run. It does all this without invading privacy or bypassing security.

Making sense of the results

Understanding emails, subdomains, and digital exposure

The amount of information in the results can be intimidating; once you know what to look for, interpreting it becomes straightforward. The sections are different parts of your digital map. The Emails section appears first, showing publicly exposed contact points. For a company, you may see addresses such as support@domain.com, info@domain.com, or individual employee names. These details can become a weapon for attackers to send phishing emails or to identify hierarchy within an organization. For an individual, if the results show old emails, it should serve as a wake-up call to close those accounts or take steps to limit their online visibility.

Subdomains are another element to look out for. If the results return entries similar to test.example.com or oldblog.example.com, they can indicate forgotten servers or outdated sites. Unattended subdomains run on separate endpoints and can serve as entry points for attackers. You should clean them up or redirect them to reduce the risks of exposure.

The Hosts and IP Addresses section lists IP addresses and hosts. They can reveal outdated infrastructure and show where domains are hosted. However, in all this, the bigger picture is that what you consider hidden is, in fact, publicly available and not that difficult to retrieve.

Simple ways to tighten your digital security right now

It’s unsettling to see your digital footprint laid out in theHarvester’s results, but it’s good to have this awareness. It gives you an idea of how to act to shrink it. A drastic approach can be removing yourself entirely from the internet.

However, a less aggressive starting point is subdomain hygiene. Disable or delete unused accounts and decommission or secure unused subdomains/staging environments. Every deactivated subdomain is one less risk.

Also, tackle email exposure. You may use email aliases for addresses that are easily searchable. I personally use aliases for almost everything, especially online shopping. So rather than afam@yourdomain.com, you use newsletter@yourdomain.com. This will shield your primary inbox from being listed in public databases.

Last but not least, conceal domain registration details. A WHOIS lookup service can show if your personal information is publicly visible; if so, enable domain privacy protection via your registrar.

The bigger picture

TheHarvester is a mirror that displays exactly what someone may find about you online if they know where to look. For me, it started as a simple scan but quickly became a realization that the web remembers too much—connections, emails, and forgotten pages.

Awareness is key—you can’t take control if you’re uninformed. While this tool is great for managing an organization’s domain, it’s also useful for personal sites. Regular checks are a small habit that ensures your online presence is secure.