Slashdot Mirror
Google Desktop Search Functions As Spyware
dioscaido writes "Users of the Google Desktop Search software beware -- it indexes your files across all users on your PC, bypassing user protections. The Google cache feature allows all users to browse the contents of messages and files it has indexed, irrespective of who is logged in. 'This is not a bug, rather a feature,' says Marissa Mayer, Google's director of consumer Web products. 'Google Desktop Search is not intended to be used on computers that are shared with more than one person.'" Reminds me of a Neal Stephenson essay: "The Hole Hawg is dangerous because it does exactly what you tell it to. It is not bound by the physical limitations that are inherent in a cheap drill, and neither is it limited by safety interlocks that might be built into a homeowner's product by a liability-conscious manufacturer. The danger lies not in the machine itself but in the user's failure to envision the full consequences of the instructions he gives to it."
Whether or not Google intended this, I take great pause at knowing any e-mail I write or read on a PC with Google Desktop Search could be called up and read by a complete stranger.
This application is intended for single user machines which pretty much limits it, in most cases, to home machines. I don't have complete strangers roaming around my house so it is not an issue for me.
Mayer dismissed my concern that this is a security issue. She points out that you can configure Google Desktop Search not to index Web pages or specific domains. That would prevent Google Desktop Search from indexing and caching the URL "mail.yahoo.com".
So what part of that did the reporter not understand? Finally, this is not mandatory software. A user has to hunt it down, download it, and install it. So don't use it if it is a problem for your computer. Now, I am not trying to be a jerk and some of this is said with tongue planted firmly in cheek. Still, you gotta wonder why people need to find things to be upset about. I am not sure why this irks me so much, maybe I should drink less coffee.....
http://www.busyweather.com/
From reading the article, there is no indication that protected files were actually read. In fact, pretty much everything he talks about seems to have been pulled from the web cache. With default security on Windows XP, each user's cache is accessible to the other users. As are everyone's Outlook data files. This is not great security, but that is not Google's responsibility.
So, I'd be really interested to know if the desktop search application runs as an admin process, or with system rights. Unless it does, this article is nothing but hot air. Google indexes files that you can read anyway? OMG!!! This is teh suxxorz!!!
And spyware? Hardly. Nothing in the article even comes close to suggesting that all of this indexed information is transmitted anywhere.
Floating face-down in a river of regret...and thoughts of you...
Keep in mind that once you have physical access to the machine, all bets are off.
However...
Google's tool could be a danger if someone figures out a way to launch it remotely, by getting a user to click a link, or through some Windows exploit. If so, it's plausible that a remote attacker could gain access to the cache and use the information to gain administrative access to the machine.
---
"I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours."
-Sir Stephen Henry Roberts
yeah, certainly not "spyware" in any usual sense of the word if the information isn't being made available or transmitted off the box.
Unless you add the path to the preference option of the user that you don't want to be indexed. This also isn't release software. Its beta toy tools stuff. You know, the kind that says "use at your own risk."
The Hole Hawg is dangerous because it does exactly what you tell it to.
Yes, well computers in general are dangerous because they are very good at doing exactly what you tell them to do. For better OR for worse.
Per Square Mile, a blog about density
Since when does this constitute spyware? To my knowledge, spyware sends information to a third party without the user's knowledge.
It indexes all the files that you'd have access to anyway...
Can't see what the fuss is.
My Journal
I spent a year in Iraq looking for WMD and all I found was this lousy sig.
This is a weak argument by Google. Saying that this tool is only for single-user systems is just a cover for laziness. Why in hell would an operating system implement a system of file permissions if security weren't an issue? Since the tool functions the same whether or not the system is single-user, Google is implicitly admitting they're lazy and don't care if their software can be used to spy on others. I don't see a problem with a tool that indexes all users' files, but I do have a problem if it doesn't restrict file listings when used by non-administrators. How hard could that be to implement?!
"'This is not a bug, rather a feature,' says Marissa Mayer"
If it were really intended as a feature, Google would have developed the option to install for individual users or accros all users.
Windows users have had "home" directories that are inaccesible to anyone except themselves and a domain administrator since NT4 was released. If this Google tool is allowed to index things it's not suppose to index, then that's not Google's fault, and it's certainly not Microsoft's. It's the fault of whomever configured that machine. AFAIK NTFS security has not been comprimised yet.
And the "spyware" tag? Love it. FUD works both ways, doesn't it?
I just installed Google Desktop today, but so far I'm pretty impressed. Even though it's still indexing, I haven't noticed any difference in speed.
Google Desktop isn't spyware, because it makes what it is doing clear before you install it. Of course it reads your files; that's how Google works. As long as my data doesn't go back to Google, I couldn't care less.
And actually, if everyone could choose just some of our files to make available publicly, think how much more useful Google would be.
Maybe that's their plan. Get everybody to index their disks, and than offer killer p2p on Google.com.
Does anybody *else* think that would be awesome?
Seems like every step Google has taken to make searching more integrated into our life and software has been shot by the media saying it's "too intrusive", and this is on BETA software and BETA programs that Google are running.
This says that either Google's far too ahead of it's time, or that the media really needs to grow up. Google's policy is that their software does no evil, it's the user's responsibility to make sure that they are not evil with it. Besides, if someone wanted to write a trojan to scan all of a user's files and report back somewhere, it could be done a lot easier than hacking GDS.
Face facts people; Google's here to stay, and they're here to help.
"Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
This won't create any kind of fiasco. First off, it's not spyware, and the only person who suggested it, did so on a relatively unknown blog. "Spyware" won't even cross the minds of non-Slashdot readers, nor should it.
I don't respond to AC's.
The locate command was designed to get around the terribly slow transversal of directories when looking for a particular filename. It suffered the same basic design flaw in that it did not take user permission into account. The slocate (s as in secure) was designed to get around this obvious flaw. I'm a tad surprised Google didn't see this one coming. Maybe they've been hiring a few too many PhDs and not enough folks with real experience :-)
"[Google Desktop] indexes your files across all users on your PC, bypassing user protections. "
If this is true, then the problem lies with your operating system not the application. How is it that Google Desktop was allowed to bypass user protections? Maybe because there are actually no protections at all?
If you read the report the problem isn't that Google is bypassing protections, it's that some other application is caching the information - likely Internet Explorer or Firefox is setup to save web passwords. Google is just taking advantage of this knowledge.
So where is the security violation? It was already on your PC, you just didn't realize it until Google Desktop came along. Good thing it did, or you wouldn't have realized it until someone loaded up Internet Explorer's password database and showed it to you.
Joseph Elwell.
Does it install itself onto your PC without your permission? No.
Does it gather personal information and send it to Google? No.
Does it run secretly in the background, with no way to remove it save an anti-spyware tool? No.
Does it allow you to access anything you couldn't access without it? No.
How is this spyware again? Or even a security threat? As another poster pointed out, this tool doesn't access anything you couldn't access through Explorer.
What's this, is Slashdot helping to spread FUD?!? Say it ain't so!
I think it's funny that the people complaining about Spyware use SlashDot which often serves DoubleClick ads. And the author who links to PCWorld which has a few DoubleClick and Avenue A, Inc. ads. The DoubleClick threat as defined by SpyBot reads, "Use information about your web surfing... that could include any information, like accounts and passwords." The threat for Avenue A, Inc. reads "They say they no longer do tracking."
--I smoked my sig.
Users of the Google Desktop Search software beware -- it indexes your files across all users on your PC, bypassing user protections.
This is just too misleading to be accidental. Talk about bias.
So dioscaido, you are suggesting Google defeats NTFS users/groups directory permissions and encryption?
No?
Oh.
Yeah, that's what I thought. Completely irresponsible journalism at work folks.
Basically this utility works NO DIFFERENT than "Start-->Search-->Search IN files", except that noobs don't know how to use Search properly, and Google search is "prettier". Oh, and MS's brain dead Search can't peek inside compressed files. Whoopie-do.
If I were more cynical, I'd chalk this fear-mongering up to someone with a lot of Yahoo stock, or someone afraid their wife/husband will find email evidence of an extra-marital affair. By default in Windows, ALL USERS CAN READ EACH OTHER'S FILES.
Nothing to see here, move along..
DISCLAIMER: I own no Google or Yahoo stock.
PC World has long been a Microsoft yellow journalism rag. It's just Microsoft Corp.'s Department of Monopoly Security at work.
Really, the Google tool is simply very powerful and is merely exposing the low default security in Windows profiles to the masses--but it's nothing me and the parent haven't known for 4 or 5 years now..........
Nothing to see here.
Cool! Amazing Toys.
Better do some research before trolling. The Desktop engine has a service that monitors where are you browsing. When you access any of the Google sites (or any site thats on the Sites.txt, I asume), the EXE changes the HTML on-the-fly, inserting the results from your harddrive on the Google page. The same goes to the main page (thats why you see the Desktop Engine link).
:: Andrea
Anime Wallpapers
Sorry, but indexing everything in "Documents and Settings" regardless of which user is running the program is a security issue ... especially for your typical family situation where mom and dad may have files they don't necessarily want junior to see. Or, for that matter, in an office environment with roaming profiles off.
And I don't buy the excuse of all the Google apologists who say "it's your own fault for not securing your Windows config correctly." Sorry, but there is no way to "secure" Windows while still allowing all users on a machine to install programs, which is a user requirement even in many corporate environments I've seen. (Pointy-headed boss won't tolerate having to get IT guy to come over to install something every time a new version of RealPlayer comes out.) So the reality is that in many situations, all users on a machine are running in Power User or Administrator mode, and they have access to everything on the hard drive.
And there is a big difference between browsing random Documents and Settings directories looking at someone else's files (that's called snooping, and it requires at least some technical skill) and inadvertently pulling up someone's private files every time you Google something.
Blame Microsoft for having an unsecure OS. Blame sysadmins or home users for their less-than-paranoid security practices.
But blame Google too. Shipping a piece of software whose default configuration is to completely ignore individual users' privacy (stuff in my Documents folder is mine, stuff in Joe's Documents folder is his) is bad.
while i can understand why some people might be leary of the security implications here, how in the world does this qualify as spyware? it doesn't pop up annoying adds, it doesn't send my data to some secret gathering place, it doesnt report any of my habits to any other person (unless thay also have physical access to my computer and can search for that information)
oh yeah, got ahead of myself. spyware is the new virus. its just a word one person uses to scare another person when neither one really knows what they are talking about. nothing to see, move along...
If I don't put anything here, will anyone recognize me anymore?
Well said.
However, the problem is that Google actually tries to portray a benign image. Although I must admit that so far they have kept that up.
However, as an AC has pointed out in this thread, that is the problem of being a public company.
Although your motives may be benign, you're under the control of your share-holders. At which point all bets are off and you will be scrutinised very closely.
The problem as I see it is in the startlingly easy way google desktop search makes intrusion possible, sometimes even without the person searching intentionally looking into other user's data. Any keyword I type is an instantaneous hook into the world of the other user who used the pc before me. That is what I find scary.
/. user. It only indexes files in your Documents directory, it only indexes a handful of files (.doc, .xls, .txt, .html files for example). It has SEVERAL limitations that are annoying. For example: I want it to index my java source code and javadocs for the project I'm working on. However, it refuses to index them.
But that's just it. It's a SEARCH tool. It's supposed to find things that you don't know about. If it didn't, it wouldn't be a very good search tool. This should not be installed on public computers. And, if you are personally are concerned about it, there are products out there that will store all that sensitive information (browser history, email files) on a USB drive that you plug into the public computer before use.
As it is, I don't know how useful it will be to the average
Also, it doesn't index my Firefox cache or history, nor does it index my Thunderbird mail files.
In other words, nice try Google, but it's not useful to me (yet).
Don't count your messages before they ACK.
Considering that the essay is largely about the superiority of Unix, and the blindness of the prevailing PC/Mac culture to the existence of Unix, the PC/Mac dichotomy presented here seems oddly appropriate.
Of course this notion of "downloading" a compressed version is dumb. Harper Collins just needs to add mod_gz to their web server, so they can transparently compress for most modern browsers.
Google Desktop recognizes and intercepts the web page as it is read by IE and Firefox and changes the HTML.
I doubt that Google, or any other company dedicated to develop software, could do such a silly application. In any case, it would be Windows fault if their supposed protected files could be ready by a user (or application) not authorized. Also, as somebody already pointed, nobody is forcing you to donwload and install this tool, if you wanna use it then do so, it's free and it's easy.
Alexis Bellido
I agree 100% it should honor the ACLs, but I wonder if we could do anything else?
We essentially have the google bot on our machines, would it be good to honor the standards the realbot uses?
Would it pick up and honor my robots.txt file?
Will we start seeing meta tags inside emails and word documents and stored pages to exclude from indexing?
liqbase
I'd like to think that the long range plan here is to make people aware of how useless Microsoft software is for people who are interested in protecting their data, thereby raising interest in real operating systems like Linux and OS X.
Too bad the versions for those platforms aren't available yet, because then the Google response could be the perfect "That's just because you're using a worthless OS. Try one of these..."
My
"Of course, all this seems silly as linux has had proper file permission settings forever whereas Windows has just recently added that feature."
Windows has had proper file permission settings since Windows NT 3.5 shipped September 1994. Slackware 1.0 (I consider this the first viable installable distribution) shipped August 1993. That's a whole year different. Percentage wise, Linux has had proper file permission settings 10% longer than Windows.
Not to mention, Windows ACL are more fined grained than what most Linux distributions offer.
To preempt the argument that Windows defaults are insecure: I am comparing the technical abilities of the systems out of the box; which are the tools an administrator may use to configure what he feels are "proper file permission settings."
Although I thought most of your post was quite intelligent and interesting, I have to take offence (for Google) to this statement:
In an hour or two I created a VBScript class that could host on the user's machine and use local HTTP to access this data. (snip) This is obviously bad since you could just start searching for passwords and possibly get them.
If I have comprimised a machine to the point that I can CREATE a script AND execute it, basically the you're fucked. All your base are belong to me. I could ftp the ENTIRE harddrive to myself. Or just the password cache. Google can obviously do nothing about this since I have OS level access.
Even if Google were to "lock it down" and not run a server, I could easily write a script to open their app, do a search, and then ftp the screen scrapings.
using System.Awesome;