Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Desktop Search Under Fire

CmdrTaco posted about 10 years ago | from the be-aware-people dept.

Security 444

AchilleCB writes "Cnn and many other sources are jumping on the Google-privacy-bash bandwagon, they are carrying stories warning of more privacy implications regarding Google's Desktop Search, "if it's installed on computers at libraries and Internet cafes, users could unwittingly allow people who follow them on the PCs, for example, to see sensitive information in e-mails they've exchanged. That could mean revealed passwords, conversations with doctors, or viewed Web pages detailing online purchases." ... Type in "hotmail.com" and you'll get copies, or stored caches, of messages that previous users have seen. Enter an e-mail address and you can read all the messages sent to and from that address. Type "password" and get password reminders that were sent back via e-mail."

Sorry! There are no comments related to the filter you selected.

*YAWN* (-1, Flamebait)

Anonymous Coward | about 10 years ago | (#10591288)

Security Diversion (5, Interesting)

stecoop (759508) | about 10 years ago | (#10591290)

warning of more privacy implications regarding Google's Desktop Search

So the actual problem is that public computers aren't secure? Google Desktop Search doesn't do anything more than what a halfway good script kiddies can do. I say that all public computers install the software and plug the permissions problem on the OS. If everyone can SEE the insecurity then the users will either
  1. become aware
  2. find alternatives
  3. clamor to have the problem fixed
  4. Another law will be written (don't let it get to this).
    Choose one or proactively make a "none of the above choice" by doing something about it.
    PS we almost freaking died out here - it's been an over an 1 1/2 since the last story.

Re:Security Diversion (5, Insightful)

Jucius Maximus (229128) | about 10 years ago | (#10591304)

Exactly. Google desktop search doesn't find anything that wasn't there before. It just is better at organising and mining it than a human being.

Re:Security Diversion (0, Redundant)

gstoddart (321705) | about 10 years ago | (#10591546)

xactly. Google desktop search doesn't find anything that wasn't there before.


Wouldn't the windows search provide the exact same ability if it was enabled? I agree, google has just indexed the data and made it more easily searchable.

Re:Security Diversion (2, Insightful)

dresgarcia (251585) | about 10 years ago | (#10591348)

Slow news day. . .Its all on the OS. . .ALL ON THE OS. The os is what makes those files available for google search to find. By the way. . . maybe if the computers were cheaper people would put money into security. . .instead of spending it all on the cost of the PC.

Re:Security Diversion (1)

Osrin (599427) | about 10 years ago | (#10591388)

so you're advocating cheaper PCs as the answer to the industries ills... you're the second person to do that tis week.

You might be onto something.

Re:Security Diversion (1)

jocknerd (29758) | about 10 years ago | (#10591540)

[BLOCKQUOTE]. . . maybe if the computers were cheaper people would put money into security. . .instead of spending it all on the cost of the PC[/BLOCKQUOTE]

No, but they wouldn't pirate [com.com] according to Steve Ballmer.

Price? (5, Insightful)

cbr2702 (750255) | about 10 years ago | (#10591571)

By the way. . . maybe if the computers were cheaper people would put money into security. . .instead of spending it all on the cost of the PC.

Computers are now at $400 [microcenter.com] . When computers were $1500, people had no money for security, and they still don't.

Re:Security Diversion (1)

rhsanborn (773855) | about 10 years ago | (#10591353)

Users won't clamor to have it fixed though. The ignorant masses will continue to imput sensitive information and have it compromised. The google desktop search simply makes it a little more apparent.

Re:Security Diversion (0)

Anonymous Coward | about 10 years ago | (#10591368)

Just be sure if you use at office/work environment and have this app installed/, use discretion of files stored on pc.

Re:Security Diversion (5, Insightful)

antarctican (301636) | about 10 years ago | (#10591375)

I wouldn't blame Google for this, I'd say Google has unwittingly discovered existing problems with shared computers and caching.

From what I understand, Google's desktop only caches what's already on the machine's hard drive. So all this "sensitive information" that it's finding is already there for those who know how to find it, and take the time to.

This is a wake up call for how much personal information is actually kept on our desktop machines.

Re:Security Diversion (5, Insightful)

RealProgrammer (723725) | about 10 years ago | (#10591390)

[...] If everyone can SEE the insecurity then the users will either
  1. become aware
  2. find alternatives
  3. clamor to have the problem fixed
  4. [...]

The clamor will be, at best, "Make Google stop!"

People who don't understand how things should be done are befuddled when confronted with the way they are done.

Re:Security Diversion (4, Interesting)

lpp (115405) | about 10 years ago | (#10591473)

Why is this an OS issue? In Linux or OS X what's to stop me from writing a similar application? If I run the harvester part as a background process run as root (i.e. Administrator on Windows), I'll be able to grab everything. If the client is allowed to communicate with this daemon in order to pull up the information, I'll still see your stuff, unless you've encrypted it.

But encryption is atypical as yet. And on a public terminal you aren't likely to be logging in as another user anyway, but rather as an unprivileged guest account. But then the harvesting and viewing could all happen without root/Administrator access.

Re:Security Diversion (4, Insightful)

DunbarTheInept (764) | about 10 years ago | (#10591483)

But you're forgetting the mentality of the average user.
1 - I didn't notice X before.
2 - I performed action Y.
3 - Now I notice X.
4 - Therefore Y must be the cause of X, regardless of what all those geeky pinhead types have to say about it. Don't they know the customer is always right?

The end result will be the google gets blamed for exposing what was there all along, an nobody is going to let facts get in the way of their own personal perceptions.

In Latin... (4, Informative)

hawkestein (41151) | about 10 years ago | (#10591583)

We refer to this fallacy as post hoc ergo propter hoc [wikipedia.org] .

(Well, not "we". I don't actually speak Latin).

GNAA MR.SPOCK (-1, Troll)

logicispower (824232) | about 10 years ago | (#10591292)

GNAA supplies arms, expertise to Iraqi Freedom Fighters GNAA supplies arms, expertise to Iraqi Freedom Fighters September 21, 2004 GNAA Headquarters, Nigeria In a surprise move early this morning, the GNAA announced its new policy of open support for Iraqi Freedom Fighters, pledging aid and expertise to the troubled region. GNAA spokesman Gary Niger appeared on the Orly Factor this evening to field questions about the alliance. What follows is an unedited transcript of his response to a question on the GNAA's motives for alliance. "I don't think it's surprising. We were initally skeptical of these people's ability to deliver, since we discovered that Jews, not arabs were the ones responsible for WTC 9.11 NEVAR 4GET. After the Nick Berg affair, we got interested." "We looked over the Saddam Loyalist\Radical Fundamentalist adgenda and found that we had a lot in common with these guys. These guys are really focused. Just look their insistance that women keep their homely faces covered at all times, to keep men focused on men, the way our Gay Nigger God, Allah intended." "But what really sealed the deal was compassion. When we looked over their financial records, we were shocked. These brave, oily men are out there on the streets of Fallujah every day, risking their tight asses, and they're not seeing even 1% of the revenue associated with their heroic actions." "Look at the Nick Berg video. Here you have a great artistic vision, marred not only by poor equipment, but also by the scheming jews at Ogrish.com who unjustly stole their copyrighted material and made a huge profit on it. It's unconscionable." "Fortunately, we at the GNAA believe in freedom, and we believe in helping out the underdogs. That's why I'm so pleased to present the freedom fighters of Iraq with the following gifts:" "To prevent further exploitation, we are assigning our top programmers to share our DRM (Dong Rights Management) technology with these valiant men. Biometric Dong Recognition is becoming widely recognized as the most secure means of identity establishment, and with our new vibrating scanners, it's easier than ever." "While these guys don't lack heart, their VHS camcorders have got to go. We're supplying not only three professional Betacam SP units, but also 25 Canon XL1s camcorders, for agents in the field. This will greatly increase not just the number of beheadings caught on tape, but also the quality." "Say goodbye to grainy, choppy beheading videos. The next time you see some poor bastard getting his shit lopped, it's going to be in 3 CCD quality, with image stabilization. With Canon's XL lens mounting system, you can now be decapitated with Mohammeds's (PBUH) full blessing, at potential focal ranges between 24 and 17,280 mm." "And of course we'll be encoding it all with 'Terrorist's Choice' OGG Theora\OGG Vorbis." "Finally, I would like to present one gross of top of the line Husqvarna 3120XP chainsaws. We've all watched with embarassment at the struggling efforts of these spindly-armed arab boytoys. Now, junk lopping can be accomplished in a fraction of the time, even by the pathetically malnourished." "This is a great day for both the GNAA, and the movement to free Iraq from its oppressors. Allah Al Akbar. Jews did WTC." Mr. Niger concluded his speech by blasting semen into Mr. O'Reilly's eyes, effectively ending the debate. About Iraqui Freedom Fighters Iraq has long been known as the world's premiere terrorists to meet, greet, and defeat their zionist oppressors. With the Israel-led coalition forces squatting on holy sites, Iraq is a modern day decapitation bonanza. Iraq's Freedom Fighters are well known as the world's most industrious head-choppers. About Husqvarna Chainsaws Husqvarna is considered by many as one of the top brands of Chainsaws in the world. Husqvarna saws are used exclusively by forestry and loggers on the west coast. If those saws can hold up out there, then the home owner/freedom fighter has a saw for life. Husqvarna saws are some of the lightest in their class, and each one packs maximum lopping power. About GNAA: GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Re:GNAA MR.SPOCK (0)

Anonymous Coward | about 10 years ago | (#10591492)

I dunno where you've been living, because the quality of Husqvarna equipment has dropped drastically in the past few years. Stihl chainsaws and grasscutters are t3h shizzlest these days. I should know, as I spent a good part of the summer doin' some heavy duty cutting stuff with one. The Stihl equipment was much better compared to the Husqvarna stuff I've previously used. The real pros, too, use Stihl saws (and prefer them over the more expensive, yet less reliable Husqvarnas). So shut your mouth.

fp (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#10591293)

fp!

Web-mail need not apply (0, Insightful)

Anonymous Coward | about 10 years ago | (#10591295)

Searching through e-mails only works if you're using a mail client, why would someone in a cafe use Outlook to check their email?

Re:Web-mail need not apply (4, Informative)

bhtooefr (649901) | about 10 years ago | (#10591323)

Webmail checked with Internet Explorer DOES apply. ANYTHING visited with Internet Explorer applies.

Re:Web-mail need not apply (1)

bhtooefr (649901) | about 10 years ago | (#10591381)

Flamebait? I'm not attacking IE, I'm mentioning that any site visited with IE gets logged (and the item pulled out of cache, IIRC) by Google Desktop Search. In a future version, it might support Opera or Firefox, in which case webmails visited by those browsers would also apply.

Re:Web-mail need not apply (1)

jdunlevy (187745) | about 10 years ago | (#10591387)

That would apply on a public terminal even without the Google app installed. And to any browser keeping the history, story cached copies of visited pages...

Re:Web-mail need not apply (1, Redundant)

Em Ellel (523581) | about 10 years ago | (#10591345)

Not if it is also caching the web pages you visited - including webmail.

Re:Web-mail need not apply (1, Insightful)

Anonymous Coward | about 10 years ago | (#10591408)

https is not cached. if your webmail isnt using ssl then, once again, this is not google's problem.

Re:Web-mail need not apply (1)

Nukenin (646365) | about 10 years ago | (#10591572)

One of Google Desktop's configurable preferences: "Include secure pages (HTTPS) in web history"

This was discussed before! (5, Insightful)

Discotechnica (699121) | about 10 years ago | (#10591296)

It's not google's fault that other programs leave data out in the open. The search tool does nothing a regular user couldn't do!

Mod down that troll (0)

Anonymous Coward | about 10 years ago | (#10591364)

OH please. Google could easily exempt obviously private data. Go away troll.

Re:Mod down that troll (3, Insightful)

a55mnky (602203) | about 10 years ago | (#10591441)

Why do you assume that it is Google's responsibility to determine what may or may be "obviously" private.

People need to be responsible for the own actions.

Re:Mod down that troll (5, Insightful)

RealityMogul (663835) | about 10 years ago | (#10591508)

A few points here:

GDS runs as a system service and has access to everything.

Google got in bed with MS on this one as they only cache MS Office type docs.

GDS could easily cache file security attributes and filter accordingly based on the logged in user.

You'd all be having a fit if this happened on Linux.

Re:This was discussed before! (2, Informative)

lukewarmfusion (726141) | about 10 years ago | (#10591367)

I agree. If you're sending sensitive information in email, it's your fault. If you're concerned about privacy and you're using a public computer, it's your fault.

Google archives information. You gave it information.

Again? (5, Informative)

whysanity (231556) | about 10 years ago | (#10591297)

Didn't we already determine [slashdot.org] that Google [google.com] has stated Desktop Search [google.com] is not for use on multiple-user machines [google.com] and that you can always retrict domains, directories [google.com] and result types [google.com] from inclusion despite the fact that the files are still publically accessible [slashdot.org] .

Re:Again? (3, Insightful)

rhsanborn (773855) | about 10 years ago | (#10591415)

Microsoft also states that for security you should disbale ActiveX. The government says you shouldn't smoke. Your parents warn you about strangers, and Santa Claus tells you to be nice.

Just because people have been warned, doesn't mean that they will take the advice. Many, if not most, actually will ignore the advice because it is a hassle. Stories like these hopefully wake people up a bit. Unfortunately, the blame is placed on google unfairly.

and how is this googles problem? (5, Insightful)

Ummagumma (137757) | about 10 years ago | (#10591306)

...google provides this tool, for personal use. Any libraries/public terminals that ALLOW the desktop search are the real problem here, not the desktop search agent itself.

I've been using the desktop search for a week, and find it indispensible now. But, like any good, powerful tools, it can be misused, in a mis-configured enviornment.

Basically, just watch where you surf on a PUBLIC machine. duh.

Re:and how is this googles problem? (3, Informative)

Jucius Maximus (229128) | about 10 years ago | (#10591332)

"Basically, just watch where you surf on a PUBLIC machine. duh."

And clean your browser cache and history afterward. Where do you think it finds the info it returns?

Re:and how is this googles problem? (1)

macklin01 (760841) | about 10 years ago | (#10591575)

Basically, just watch where you surf on a PUBLIC machine. duh.

And watch where your email contacts surf, too. (Since their cached data includes the emails you sent to their hotmail account and vice versa.) I guess this just helps illustrate that you should never rely on email for sensitive / private communication, as you have no guarantee on how well it's handled once it arrives in their inbox (or during transmission, for that matter). -- Paul

I wonder.... (0, Offtopic)

Anonymous Coward | about 10 years ago | (#10591309)

how difficult it would be to make an Open Source version of a desktop search.

Re:I wonder.... (1, Insightful)

Anonymous Coward | about 10 years ago | (#10591410)

man slocate

Reasonable thing to comment on! (5, Insightful)

francisew (611090) | about 10 years ago | (#10591315)

Isn't it time that media start to put up opposition to services that compromise privacy in fundamental ways? I think this bandwagon is one that isn't so bad to have going on.

Google does great things, but without such opposition, they might not keep all issues in proper perspective. The things they mention are very important.

Re:Reasonable thing to comment on! (1)

Lovedumplingx (245300) | about 10 years ago | (#10591384)

Somebody posted this after you.

"Blaming the knife company when the kid cut itself playing with the knife"

I think it's apt. Google is only providing a tool they think people would like. How some imbecile in a library uses this tool is the libraries problem and the library should be taking measures to protect their security.

Re:Reasonable thing to comment on! (1)

julesh (229690) | about 10 years ago | (#10591386)

Google does great things, but without such opposition, they might not keep all issues in proper perspective. The things they mention are very important.

The problem is, though, that this isn't Google's fault. All they're really doing is drawing attention to a problem that previously existed anyway, and the media are now shooting the messenger.

Re:Reasonable thing to comment on! (0)

Anonymous Coward | about 10 years ago | (#10591412)

Isn't it time that media start to put up opposition to services that compromise privacy in fundamental ways?
Maybe they should target something besides Google, like maybe IE. That's what's really causing the privacy problems. Google just allows you to more easily get what is already available.

Re:Reasonable thing to comment on! (1)

Trigun (685027) | about 10 years ago | (#10591420)

But I thought information wanted to be free? At least they're not selling it.

Re:Reasonable thing to comment on! (3, Insightful)

francisew (611090) | about 10 years ago | (#10591458)

I agree with the replies to my comment. Google isn't doing anything worse than what is already available.

Does that mean that they should releaase a tool that has some serious privacy-invasion concerns?

The fact that they are hugely popular, and that people might otherwise never realize the inherent privacy risk is exactly why I think it's good that this extra attention is being paid to google.

... and yes, I think IE vulnerabilities are terrible. I think people should switch to more secure browsers. But I'm not discussing browsers right now...

Re:Reasonable thing to comment on! (1)

ajayvb (657479) | about 10 years ago | (#10591517)

Thats why I think its a good idea for them to claim it's in Beta. It's probably a full-fledged product with a few minor bugs in its working, but putting it out in the open gives them the luxury of feedback from a million eyeballs. I'm sure that once they have this figured out( and most such objections/concerns addressed), we'll also see an Enterprise edition, with more bells and whistles.

Re:Reasonable thing to comment on! (1)

francisew (611090) | about 10 years ago | (#10591587)

Gmail is also in beta. A lot of people are using it.

Just because it's beta doesn't mean that they should temporarily ignore serious privacy issues. They have partly addressed security concerns by allowing the service to be turned off, but I'd bet that in order to protect ones-self, system caches would need to be wiped before re-enabling the desktop search.

I think it's good to let the 'million eyeballs' know what the implications of using it are.

Re:Reasonable thing to comment on! (1)

Richard_at_work (517087) | about 10 years ago | (#10591530)

Everything brought up by this tool is data that you are not cleaning up yourself after use. You ask if its time for the media to start putting up opposition to services that compromise privacy, I ask if its time for the media to start putting up opposition to those people who think its everyone elses job to protect their privacy. You are putting that data on the disks - into the public domain essentially, you are responsable for cleaning it up afterward, noone else. You expect noone to go through the wallet you left on the bus? You expect noone to read the shopping list you dropped in the mall? You expect noone to read the mail you opened and discarded in the street? Stop blaming other people and start to protect your own privacy, I dont want to clean up after you.

Re:Reasonable thing to comment on! (1)

That's Unpossible! (722232) | about 10 years ago | (#10591573)

Isn't it time that media start to put up opposition to services that compromise privacy in fundamental ways?

Yes, as long as they are commenting on the right services. For example, WHY are these machines setup in such a way as to allow this private information to be stored in the first place?

Google Desktop is the messenger.

Oh come on (5, Insightful)

savagedome (742194) | about 10 years ago | (#10591327)

First of all, GDS does not bypass security or username/passwords. These files are accessible via the IE cache using Windows Explorer anyway. The index is stored in %USERPROFILE%\Local Settings\Application Data\Google\Google Desktop Search

Plus, why are these people have rights to install GDS on library computers? The libraries need to take notice by using a policy control to begin with.

Its a GOOGLE DESKTOP SEARCH tool. It says SEARCH in a screaming font. If that doesn't ring these people's bells, then they need to buy hi-fidelity headphones that are used by chronic deaf.

Blaming the kinfe company when the kid cut itself playing with the knife.

Re:Oh come on (1)

saintp (595331) | about 10 years ago | (#10591461)

Actually, I think it's more like blaming the company that sold the sharpening block. All of the info that Google turns up is already readily available on the computer! They've just made it more accessible. If you're the kind of idiot who gets a password reminder emailed to you on a public terminal, then it's not Google's fault when you get pwn3d. It's yours.

As an aside, we run SunRay thin clients for our public internet kiosks. Want the browser cache? Sorry, it's housed safely on the server.

Surpirising (1)

kinrowan (784107) | about 10 years ago | (#10591331)

I don't think so.

We all are aware that privacy and Google are a potentially dangerous combination, why is this surprising?

KeyLoggers anyone.. ? (2, Insightful)

Manip (656104) | about 10 years ago | (#10591337)

So if I have user rights on public computers to install software for all users and store large data stores of cached information that is accessible to everyone it would be very simple to exploit that in order to install way more effective spying software such as keyloggers, remote monitoring software and other such software.

Notice people that write this software are the same group that use clippy to help them use Word and the same people that think anti-virus means complete security. Nuff Said!

This obvious fear mungering on the part of the media. Clueless as always.

Its a beta! (2, Informative)

dj245 (732906) | about 10 years ago | (#10591338)

Sheesh, I'm sure it will go through many more revisions before the thing is actually released as final. Where are these muckrakers when the legislature and the president pass laws that invade privacy?

When you remove the obscurity... (5, Insightful)

Kiaser Zohsay (20134) | about 10 years ago | (#10591342)

...it becomes easier to see the "security through obscurity" really doesn't work. It's not that a desktop search compromises security, it's that the security wasn't there in the first place.

Stupid is as Stupid does (-1, Flamebait)

Anonymous Coward | about 10 years ago | (#10591344)

And if you are giving out/using personal and sensitive information on a *public* machine well shit!

D U H!

Excuse me (0)

Anonymous Coward | about 10 years ago | (#10591346)

But who on earth would be so incredibly intelligent to install somethin like the google desktop search on a public computer?

There may be other valid concerns about google desktop search and privacy, but this is just silly.

How is this really a concern? (4, Insightful)

aidoneus (74503) | about 10 years ago | (#10591357)

It's not as if Google didn't document this [google.com] . If you're installing this on a public system without any real form of user access control, then you're asking for trouble. Google desktop doesn't do anything that an end-user wouldn't be able to do with a little cache snooping and looking in temp files. Really, Google Desktop doesn't belong on this open of a type of system, and in addition one really shouldn't be using such an insecure system for anything very sensitive.

Maybe Google just needs to make the warning a bit more obvious, like a hug "WARNING: Google desktop allows you to search all files on this computer" or something.

-jason

Re:How is this really a concern? (0)

Anonymous Coward | about 10 years ago | (#10591472)

Maybe Google just needs to make the warning a bit more obvious, like a hug

Wow... Google really is a friendly search engine. :)

Re:How is this really a concern? (1)

NekkidBob (807988) | about 10 years ago | (#10591481)

Even better, since this is what really happens: "WARNING: Google Desktop Search does exactly what we say it does!!!"

Not to be the bearewr of bad news but... (2, Insightful)

CliffH (64518) | about 10 years ago | (#10591362)

... the whole email argument is stupid as far is internet cafe's and libraries are concerned. I mean, come on. Do you honestly setup an email client for your ISP, download mail to a PUBLIC system, and then LEAVE IT THERE!!! If you want to argue about privacy concerns, argue about something that really breaches your privacy. These attacks on the desktop search are really pissing me off lately. Oh, and for those who who check their hotmail and yahoo or whatever, clear the bloody cache if the systems are setup to let you. Hell, they should do that by themselves if they are properly setup cafe or library machines anyway to protect your privacy. In fact, they should be setup so YOU CAN'T INSTALL APPS!!!! Damn I'm sounding shitty this morning. :) Ok, end of rant....

Signs of 'evilness'? (-1, Flamebait)

Anonymous Coward | about 10 years ago | (#10591363)

First the IPO, then helping opressive government, now this? What's next? Collecting $699 for SCO?! We must boycott Googoon NOW!!!

Kill the messenger. (4, Insightful)

scribblej (195445) | about 10 years ago | (#10591372)

Hey, that stuff is there whether you use Google to show it to you or not. I say we thank our Google Overlords for showing the masses how stupid it is to read e-mail or get passwords on a public terminal.

Great! Now all the world will know that I enjoy.. (-1, Offtopic)

Anonymous Coward | about 10 years ago | (#10591374)

pouring hot grits down my pants.

Google just made it easier (2, Informative)

Eric Giguere (42863) | about 10 years ago | (#10591376)

Nothing new here except that Google has all of a sudden made it easier to look up "private" information that is locally cached. The data is already there for someone who knows what to look at, after all, but now Google's made it easy to access. How is this different from typing something into the address bar of a browser and being presented with an "interesting" list of choices that were stored via the browser's autocomplete functionality?

Eric
Read a bit of Vioxx humor [ericgiguere.com]

Google Desktop Search - VNC pairing (1)

kevingc (824034) | about 10 years ago | (#10591378)

This evil thought just occurred to me. What if I installed tightVNC and used the no-tray icon trick on a target computer, then installed Google desktop search and set it's taskbar icon to "always hidden." A normal user wouldn't go looking for unfamiliar executable names in the ctrl-alt-del menu, so it would be possible to log a users activity through Google desktop search and retrieve it quickly through tightVNC.

Re:Google Desktop Search - VNC pairing (0)

Anonymous Coward | about 10 years ago | (#10591567)

With the kind of access you'd need ... why not just install a keylogger?

Okay so what happens when... (1)

Bitchxatbxworld.com (824118) | about 10 years ago | (#10591379)

When some teenage kid writes a worm that takes advantage of the google search and takes personal information off your computer. Hmm more like a trojan but you know what i mean. I will be able to probably send your ms money backup or your quicken backup straight over the internet back to him in an email. That is always fun to deal with. It is already easy to get that information why make it easier

(+5, Insightful) (0)

Anonymous Coward | about 10 years ago | (#10591480)

Shut the fuck up.

Re:Okay so what happens when... (0)

Anonymous Coward | about 10 years ago | (#10591566)

*blink blink*

WTF? Are you really as clueless as you sound? There are plenty of viruses/worms that root a box. They can use bloody Windows search to find MS Money files, because, guess what? When you've infected thousands of boxes, you don't care if they run a little slow.

I'm not even sure why I'm explaining this to someone who's quite evidently a total idiot.

so...people are stupid (1)

jmank88 (813483) | about 10 years ago | (#10591382)

what kinda of dumass checks very private email conversations on a public computer anyways?!?! thats their fault, not google's -jordan

Lurking privacy concern (2, Insightful)

indros13 (531405) | about 10 years ago | (#10591383)

When Google first announced this, the Google-fanboy in me said, "sweet, another computer thing improved by Google!" But I read a couple of the detractor's articles and realized that there are some things on a PC I just wouldn't want to share with others. While this is fine on my personal, one-man home computer, I wouldn't want to use a public computer with the Google Desktop installed.

What really gets me is the Slashdot response. If Microsoft had released similar search feature, it would be one more nail in the coffin of poor security, no matter what user advisories they had given. When Google does it, we all jump to say that Google expressly warned against using this on a multi-user box.

I'm guilty of it, too, but let's not lose sight of the goal--better privacy and security--just because one company has a better track record.

Re:Lurking privacy concern (5, Funny)

savagedome (742194) | about 10 years ago | (#10591558)

You are blaming the violet light maker when it finds those 'stains' on your bed sheet. The stains were already there. You just didn't know and now you are pissed that everybody found out!

It goes to show you. (1)

Locdonan (804414) | about 10 years ago | (#10591385)

Build a system that is idiot proof, and someone will build a better idiot!

All joking aside, if you know what it can do, and
you use it, who is to blame? Not me! Not google!
YOU ARE!

I have seen this program in use, and yeah! it seems
to be useful, but I know where I keep my stuff,
so I don't have these problems! Keep your stuff sorted
and know what the heck you doing, and everything should be fine.

On a side note, this reminds me of the idea of the internet license.

Actually, this is the opposite (1)

exp(pi*sqrt(163)) (613870) | about 10 years ago | (#10591389)

Google Desktop is making available to people information that they don't realize is already being stored on computers. Before Google Desktop you might leave a public PC and think you've safely logged out. Now you can ue Google Desktop to discover how much sensitive information you've actually left behind and do something about it.

Public PCs need dyanmic users (1)

desertfish (571552) | about 10 years ago | (#10591404)

One solution would be to force log-ins/log-outs of public PCs. You'd have to go to the librarian or coffee jerk and request a "user card," which is just a slip of paper with a dynamic username/password generated by an administration machine. That admin machine has remote access to the public machines, and can make a new, dynamic user (e.g., pubsuer_230) by the batch for the day or even on-the-fly. Or just update an LDAP table that all the public machines look to... The account expires in 24 hours and-- pfft!-- so do all of the files in that account's home directory (or Documents and Settings).

Public Computers? (3, Insightful)

lcde (575627) | about 10 years ago | (#10591407)

Wah. Don't install it on public computers. They don't need to search through files anyways.

library users? (5, Funny)

Texodore (56174) | about 10 years ago | (#10591409)

What is someone going to find if they install this on a library computer? livejournal.com pages? Orlando Bloom pictures? Lyrics to an Eminem CD? chat sessions with pinkkitty5555?

Thanks ! (1)

Braingoo (771241) | about 10 years ago | (#10591413)

Now I can go do this stuff this Info is Gold! If it where not for CNN I would have never thought of that!

why (1)

eblis (140713) | about 10 years ago | (#10591414)

why does a public place need the google search tool installed?

--J--

Re:why (1)

farlcow (671869) | about 10 years ago | (#10591535)

I think an even better question is why would anyone access any private information from a public computer?

Credit Cards? (1)

cherokkester (823375) | about 10 years ago | (#10591418)

If you type your credit information, social security number, etc on a PUBLIC computer then you are asking, nay, begging to get screwed. And not in a pleasant way.

The point is well taken, but.... (1)

Moby Cock (771358) | about 10 years ago | (#10591423)

The idea of insecurities on public machines is not new. Obviously. However, these insecurities are made much more user friendly by the Desktop Search. It used to be script kiddies that could crack the cafe or library computers, now it seems it could be many people. I think the media is right to raise this issue and people should be wary of the Desktop Search on public terminals

That said...

Can anyone think of why the Desktop Search app would be installed on a library public terminal or internet cafe machine? I used a terminal at my library and it was running Solaris with Firefox and was nicely locked out for all other apps. Is this unusual? What are other public terminals using?

Terminal (1)

brainus (804653) | about 10 years ago | (#10591427)

The fact is that anything new that Google does will come under attack, regardless of its usefulness or security implications. They can't attack the usefulness, in this case, but installing it on a public terminal would not be possible if the security of the terminal were not lax in the first place.

I admit that the same argument can be used with almost any product.

A Spy Machine of DARPA's Dreams (0, Flamebait)

gestapo4you (590974) | about 10 years ago | (#10591438)

"It's a memory aid! A robotic assistant! An epidemic detector! An all-seeing, ultra-intrusive spying program!

The Pentagon is about to embark on a stunningly ambitious research project designed to gather every conceivable bit of information about a person's life, index all the information and make it searchable."

http://www.wired.com/news/business/0,1367,58909, 00 .html

Would Google Desktop Search be a great part in achieving this?

You bet.

Excuse me but...... (1)

samberdoo (812366) | about 10 years ago | (#10591442)

users could unwittingly allow people who follow them on the PCs, for example, to see sensitive information in e-mails they've exchanged. Wouldn't the same users leave cookies, history and temporary files that could be viewed by anyone following them? If so many people are ignorant of this fact, isn't the duty of the library or "cybercafe" to post a notice about this possibility and what to do to protect yourself?

Intent (3, Insightful)

Traa (158207) | about 10 years ago | (#10591448)

Some considerations:

In favor of google: I do think they had the intent on creating a usefull tool.

In favor of google: As far as I know, all the information that their desktop search tool exposes can be found in simular ways using a veriety of tools including MS windows own 'find-in-files' search options. In other words, their desktop search tool doesn't go out and break user-protected barriers.

Against Google: Just because your intent is honerable doesn't mean you can ignore privacy concerns.

Against the media (CNN, et.al): No integrity to be found for a while now! Just plain bashing, advertising, manipulating, money-making propaganda.

my $0.02

Re:Intent (1, Insightful)

Anonymous Coward | about 10 years ago | (#10591541)

i dont get the privacy concerns. This is a tool DESIGNED to index PRIVATE material. That is the intent. so i dont think its a suprise that it may be installed in places it shouldnt because of public access. But honestly, what can google do, they entire tool is based on indexing material on a computer including private material.

Re:Intent (2, Insightful)

drinkypoo (153816) | about 10 years ago | (#10591586)

Incidentally, on both Windows 2000 and XP your cache files are stored in your Profile directory, which is not world-readable. Does google search allow you to retrieve documents to which you do not have permission? I don't think so. I installed it but I haven't even used it so I don't know what it shows in summaries... how much of the document is indexed?

Google Evil? NEVER! Microsoft Evil? ALWAYS! (0)

Anonymous Coward | about 10 years ago | (#10591450)

It's getting old, guys.

An 'objective' news for nerds site would be a pleasant change.

This is silly (4, Insightful)

tarnin (639523) | about 10 years ago | (#10591453)

How much privacy before or after usage of a system in a public place do these people think they actually get? They are public, not your home system.

Also, who would be sending private emails or requestion passwords via a public terminal and not know that this info could be seen after weither the Google utility is installed or not.

I'm called Overhype on this.

And why do they need it anyway? (1)

WilliamGeorge (816305) | about 10 years ago | (#10591467)

Okay, maybe it just me, but I don't see any need for search capabilities like Google's program on public-access computers. People use them for, what, like an hour at most (at a time)? If someone manages to "lose" something in that short of time and needs to use Google to find it again, they probably should not be let anywhere near a computer. Not to mention that this probably isn't installed on these computers by the IT staff, and temporary users shouldn't be able to install apps (like this one) anyway, so its a non-issue.

Why would it even be installed on a library box? (0)

Anonymous Coward | about 10 years ago | (#10591471)

or a cafe one also? Your just buying time on or using the system for general usage not for storing files.

Why doesn't the media report on the fact that most analysts were talking down googles' ipo since they tried to cutout the middlemen?

Or how one AG can manipulate the market by hinting at a investigation into at a industry, HMO's?

Its not the innovation thats scary (1)

farlcow (671869) | about 10 years ago | (#10591487)

The innovation itself is not what is scary. I think its a great idea to finally update the antiquated file seach programs we've been using for years. What's got people paranoid is that google is creating a standard data format to index all our data (web browsing info, emails, im chats, contents of our computers). With the plethora of security vulnerabilities out there it seems very dangerous and even naive to assume this information can't be gathered in mass quantities and then abused.

In other news (-1, Offtopic)

gorbachev (512743) | about 10 years ago | (#10591493)

People don't kill people, guns do.

Well (0)

Anonymous Coward | about 10 years ago | (#10591498)

with the reference to hotmail.com this is beginning to sound more and more like another MS astroturf campaign. I can imagine hotmail business has dropped off some since gmail has started, and gmail is still in beta testing.

how is it... (1, Offtopic)

CAIMLAS (41445) | about 10 years ago | (#10591505)

how is it that mass media gets their balls twisted in a knot over something they don't understand when it involves an up-and-coming company with good practices, but when it comes to international politics, they like to walk on by the heinous deeds?

more (1)

matdot (824258) | about 10 years ago | (#10591551)

more crap for the media to stir up regarding privacy acts on software creators/dotcoms. I faitly remember this happening to another big software company.

Don't forget 911 (3, Funny)

anorlunda (311253) | about 10 years ago | (#10591531)

Wait! If we don't search for every private bit of information on public computers, then we could be accused of missing potential advanced warning of the next 911 terrorist plot.

The Google engine should be required under The Patriot Act to forward everything that it finds on every public computer to Homeland Security at connectthedots.gov

Defensive measures such as logout and flushing the cache are acts of terrorism. :)

What is the problem here? (1)

GrandCow (229565) | about 10 years ago | (#10591548)

If library computers are not being locked down and letting random users install programs, then the Google Toolbar is the least of their worries. If someone is trying to harvest some passwords or just see what people are doing, a simple keylogger or any of the other hundreds of "hacking" tools out on the internet could be installed instead.

so what (1)

gnuLNX (410742) | about 10 years ago | (#10591555)

So don't use a PUBLIC computer for private matter....how hard is that?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?