5 replies to this topic

[Faken]

The Google Desktop Search Tool Poses a Security Risk to users of public or networked computers according to a new Information Week article. If you use public computers at work or at libraries, internet cafes, Kinko's or the local Mailboxes Etc. store, you've got to worry that previous users of that public machine, or worse, the business owner or employees, have installed Google Desktop Search on that machine to purposely spy on you!

Google Spyware? Bad Guys & Spies Using Google Desktop Search
By Mike Banks Valentine © Oct. 25, 2004

I suppose I was naive when I cheered the new Google Desktop Search tool thinking it was only a great way to help ease my computer info-glut and help organize my hundreds of hard-drive stored documents, emails and files. It seems that I have to worry about how bad guys and busybodies will use it to spy on me!
RealitySEO.com

The Google Desktop Search Tool Poses a Security Risk to users of public or networked computers according to a new Information Week article. If you use public computers at work or at libraries, internet cafes, Kinko's or the local Mailboxes Etc. store, you've got to worry that previous users of that public machine, or worse, the business owner or employees, have installed Google Desktop Search on that machine to purposely spy on you!

It's possible to retrieve secure pages from the Desktop Search memory of machines running the program. While it is possible to turn off that function - bad guys using Google Desktop search specifically to spy on you won't be turning it off, eh? So I've got to find it and turn it off every time I use a public computer.

Although I wrote previously of my love for the Google desktop search tool - it appears to have a BIG downside. The slippery slope of good tools being used for illicit purposes could destroy a great piece of software because it is simply too powerful.

The public will be up in arms over Desktop Search and Google may have to withdraw it from public Beta. Though Google seems to have weathered the storm over a similar uproar about the searchability and thus the privacy of their beta G-mail webmail, it could be a bïgger storm brewing over Desktop search. We'll watch for comment from privacy advocates on the subject.

At this point it is tempting to simply shrug and say, "I hope Google figures out how to stop illicit use of the Desktop Search Tool," it's not likely. More likely is that it will become one more headache to network administrators at businesses who have to write scripts to stop the installatïon of Desktop Search. Small business owners must find a way to stop employees from installing it on public computers at internet cafes, just as they must currently watch for key logging software and other spyware on public computers.

We'll all have to be extremely cautious when using public machines at those small businesses and libraries and we'll have to look for the Google Desktop Search icon in the system tray of virtually every computer we use to be certain that our use is not monitored.

Protecting private passwörds for online banking sessions while in Kinko's and keeping online job searches out of the view of our bosses will get even tougher for employees using networked machines at work.

I'm still in love with Google Desktop Search on my own machine at home but fear Google Desktop Search on public machines. The issue doesn't stop with Google because both Microsoft and Yahoo are racing to develop a desktop search of their own.

It means they'll all have to either make it possible for all users to disable their desktop search tools temporarily or create entirely different machines for public use.

I've long made it a practice to open the browser preferences to clear the web history and dump the cookies from machines I've used at conference press rooms and internet cafes in dozens of cities. That drops my web mail passwörds and online banking sessions from the cache, so I don't have to fret over who might be able to retrieve passwörds after I'm gone. I do it automatically every time I use a public machine.

But I've got to look for Google Desktop Search before I use a public machine and turn it off while I'm using that machine. Grrrrr! You have to take the good with the bad I suppose. (Right-click the icon and choose "Exit")

There's a lot to love about Desktop Search but I simply hate that others can use it to spy on me. I have no doubt that it will be used by both bad guys for identity theft and by nosey snoops and busy-bodies who will be virtually looking over my shoulder in secret.

I'm sure Desktop Search will be used by parents to monitor ïnstant messaging chats, emails and internet travels by their kids and possibly by spouses to check-up on their sweethearts. I'm not at all concerned that anyone will use my home machine and Google Desktop Search to check-up on me. (Although I've been startled at phrases that turn up in the occasional sp@m from my Outlook in-box from Google Desktop Search results) I'm more worried that people will use it as a spying tool on public computers.

I've also written before on the privacy risks of Google online searches in an article on how to protect yourself from the Google Reverse Phöne Lookup. You can enter any telephone number in the search box at Google and see the owner of that telephone numbers' name, their address and a map to their front door! Google seems to be too powerful for its own good sometimes.

Fortunately there is a telephone lookup opt-out method at Google, but the databases they draw upon pose a greater problem. I address additional opt-out methods in one of my articles, but it seems impossible to escape determined snoops.

I'll continue to use Google Desktop Search on my home machine and will continue to love the tool for my web centered work online to search client emails, documents and previously visited researched web sites. But I'll be far more wary - on public machines - of bad guys and of Google Desktop Search. Damn those bad guys!

About The Author
Mike Banks Valentine practices Search Engine Optimism at: SEOptimism.com. As a privacy advocate, his love of search technology sometimes clashes with his privacy concerns at: PrivacyNotes.com.This article is available online with working links to web resources.

[Jaymz]

This surprised me, I read it on CNN yesterday... this could harm Google's Rep as a trusted company.

[rc69]

all i have to say is that sucks for google. They were one of the 3 i-net sites that i acctually half trusted because of everything ive heard... then i come here google gets blown outta the water

this had better take a nice sharp turn for the better

[Jaymz]

If it helps, google did not intend for the software to behave this way. They truely set out to make something positive. They are working tirelessly to fix this as quick as possible.

[kenshin_warior]

Too bad, Google rock. I hope they fix this.

[Gio]

I highily doubt many companies in googles position would create software that would allow virtually anybody to moniter and gain information through networks and such. I doubt google did this on purpose, and I am sure they are doing what it takes to get it all fixed.