Fading Impression  


Boardwalk :: Forum List Feedback Technology
Usman
Visitor
 
 Google Desktop Vulnerabilities - 2006/04/02 17:24 This thread discusses the Content article: Google Desktop Vulnerabilities

What's the issue? I love GDS, I've been using it since the day they announced it.

It doesn't show any more information than the built in Windows search or the built in Outlook search provides. It logs IM conversations, but you can turn that off. You can also tell it to ignore certain directories, like those where you have passwords saved. That actually makes it MORE secure than the Windows search.

GDS blocks all outside requests, and there's no way for you turn that off. Google doesn't want other people to be able to search your computer because they sell their expensive search appliances to do that.

The ONLY way for other people to access GDS is if you install a proxy or a port redirector. And if a hacker can install one of those on your PC, he's already got total control over it.
  | | The administrator has disabled public write access.
Azeem
Admin

Admin
Posts: 56
graph
Karma: 0  
Re:Google Desktop Vulnerabilities - 2006/04/02 17:26 Lets say you have a laptop.... and you take it to work... you leave your desk for a few mins. Someone sees you have GDS installed.. and they type username... and boom they figure out your username for lets say Amazon.com or Buy.com. Once someone knows one of your user names and passwords they can try all the popular sites and if you use the same PW everywhere which many people do you'll be in for some trouble..

I dunno maybe its just my imagination... maybe I should test it for myself. Ill install it on my sisters PC or one of my cousin's and see what I can dig up
  | | The administrator has disabled public write access.
Usman
Visitor
 
 Re:Google Desktop Vulnerabilities - 2006/04/02 17:27 So can you explain to me how, using GDS, you can get my Amazon username and password? I'm not saying it's impossible, but I just don't know how to do it.

Or do you actually store you passwords in a plain text file or something?
  | | The administrator has disabled public write access.
Azeem
Admin

Admin
Posts: 56
graph
Karma: 0  
Re:Google Desktop Vulnerabilities - 2006/04/02 17:28 yeah, thats one possibility, figuring one password out may be just enough. You think its a long shot? For clients I definitely store passwords. Lets say I was working on someones website. Of course I would need to store thier ftp info somehwere. And sometimes you have e-mails which are automatically sent to you when you create an account (lets say on a website dicussion board) which may state your username and password. In that case would suggest deleting such emails?
  | | The administrator has disabled public write access.
Usman
Visitor
 
 Re:Google Desktop Vulnerabilities - 2006/04/02 20:09 I think all of these issues are easily solved: just lock your computer when you walk away from it.

If you're on a domain, hit ctrl+alt+del and hit enter. If you're not, find some utility that does the same thing.

My computer at work is always locked if I'm not at my desk.
  | | The administrator has disabled public write access.
Azeem
Admin

Admin
Posts: 56
graph
Karma: 0  
Re:Google Desktop Vulnerabilities - 2006/04/02 20:09 I finally installed it... its reallly good!
  | | The administrator has disabled public write access.
Boardwalk :: Forum List Feedback Technology

Joomlaboard Forum Component 1.1.3 Stable
Two Shoes M-Factory