Google Desktop Search Under Fire

AchilleCB writes "Cnn and many other sources are jumping on the Google-privacy-bash bandwagon, they are carrying stories warning of more privacy implications regarding Google's Desktop Search, "if it's installed on computers at libraries and Internet cafes, users could unwittingly allow people who follow them on the PCs, for example, to see sensitive information in e-mails they've exchanged. That could mean revealed passwords, conversations with doctors, or viewed Web pages detailing online purchases." ... Type in "hotmail.com" and you'll get copies, or stored caches, of messages that previous users have seen. Enter an e-mail address and you can read all the messages sent to and from that address. Type "password" and get password reminders that were sent back via e-mail."

I wonder....

how difficult it would be to make an Open Source version of a desktop search.

how is it...

[CAIMLAS]

how is it that mass media gets their balls twisted in a knot over something they don't understand when it involves an up-and-coming company with good practices, but when it comes to international politics, they like to walk on by the heinous deeds?

Re:so...people are stupid

[DunbarTheInept]

Some public kiosk systems do a better job on privacy than others. I have personally verified that the internet access stations on the local campus (Sun-based, not MS Windows-based) do in fact clear the cache and the history when you log out and let them restart. (Verified by unplugging the network cable and hitting the same site a second time - works if both visits occur within one login, but fails if you log out between.) Also the URL display history is wiped, and the HTML form data history is wiped. (Can't see the answers someone else typed into an HTML form.) Additionally, the cookies are wiped too. It does a pretty good job all around.

The problem? It uses a motif-style window manager and most people don't understand how to close the browser window. (There is no single-click way to do it - you have to pick 'close' from the titlebar menu.) People keep hitting the icon minimize button and thinking that's good enough, and thus walk away from the machine with their previous session still there as an icon you can click on and restore. If you quit out of the browser, then it kills X and restarts, which is what you're supposed to do, and in the process it cleans the entire trail of your stuff.

I've noticed the IT staff has gone around and put up signs telling people that the safe way to "log out" and clear all their private information is to press CTRL-ALT-BACKSPACE. Obviously they are getting people to ensure they close everything down by getting them to inelegantly kill X, but it does work and they don't have to explain what is really going on.

Re:Security Diversion can we say: FILELIGHT 2.x?

[davidsyes]

Hey,

The maker of FileLight should tweak their tool to act as a GNU site-finder-reminder. With some help from KDE, Gnome and others, it could be tied to:

--the kernel for the "core-geeks", hehehe
--the GUI for the user
--file logs for sysadmins or network types
--browser cache for site designers or troubleshooters
--tmp file for those who need it (can be done now)
--Arrays, for cluster analysers

But if it is able to parse and present delimited files it would be greater still. But, file logs are not necessarily following a consistent parsing or delimiter scheme.

I like FileLight, and tho I don't use it much, other than to make sure nosy people in the Library have some eye-candy to visually snort, I think it would be even BETTER if KDE/GNOME/Xfce4 and others help hook FileLight into their GUIs.

Then, tie this into the various browsers, and make it:

--Session-aware
--user-aware (so root can aggregate all of them)
--frequency-sensitive
--file-size-inquisit ive

and more...

For parents and places where kids (or adults, too) need to be monitored, this took would be pretty neat.

I'm gonna have to look of FileLight's PayPal icon.