|Flaw in Google's New Desktop Search Program|
Discovered by researchers
| 1:05 pm on Dec 20, 2004 (gmt 0)|
From: [nytimes.com...] (registration required).
|The glitch ... could permit an attacker to secretly search the contents of a personal computer via the Internet. |
The problem lies in the fact that GDS intercepts all network connections going to Google and inserts local data into the results - but the researchers built a Java program which made requests to Google, took the local data and transmitted it remotely.
For users, there is apparently some silent updating going on to a new version. But isn't the problem, while apparently patched, an inherent, fundamental design flaw? Does this affect your confidence in using the product?
| 3:20 pm on Dec 20, 2004 (gmt 0)|
|Does this affect your confidence in using the product? |
Yes, I am going to unistall the desktop search ASAP. I'll wait until it's well out of BETA, before downloading it again.
BTW, here is a link where you don't have to sign up:
Google News [news.google.ca]
| 3:38 pm on Dec 20, 2004 (gmt 0)|
I never trusted it in the first place. Never downloaded it, and now probably won't. (Don't use the toolbar either, except for occassional peeks when someone else reports a PR update.)
| 3:43 pm on Dec 20, 2004 (gmt 0)|
WBF, I've never downloaded it either, and wouldn't trust anything that sent my local search queries to a third-party even if the data was proved 100% "safe" (which is a huge "if"). I even block all Google cookies.
I was merely wondering whether this problem is going to encourage users to look at the product with a more critical eye, rather than simply thinking that it's cool because of the Google label and not worrying about the security and privacy aspects.
| 6:41 pm on Dec 20, 2004 (gmt 0)|
IMHO, most "users" react to marketing far more than good sense. G has done an amazing job of creating brand awareness. I doubt that this will significantly impact them. I am already seeing more news stories that the problem is fixed than I am that that the problem exist(ed).
Look at how many years it took for the man on the street to take M$ security issues seriously.
On a side note, do you think anti-adware/spyware programs should flag G's cookie as a data-miner? Or, flag the toolbar as spyware? Now, that could cause some interesting changes.
| 6:54 pm on Dec 29, 2004 (gmt 0)|
I have uninstalled it a month ago, about problems with DVD burning, and I will not reinstall it. I think is better and secure any full offline application for searching in my HD.