Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Copies Corporate Data to Google's Servers?

Posted by ryuzaki0 on from the not-me-seekrit-plans dept.

Penguinisto writes "According to Silicon.com, some CIOs have been seeing their company data being transferred to Google's servers as part of Google Desktop's functionality." From the article: "Mark Saysell, IT director at Coutts Retail Communications UK, said he is planning a network audit to find rogue installations, which will then be de-installed. New security measures will also be put in place to prevent further downloads. He said: 'Google has definitely over-stepped the mark and in turn is forcing IT departments to take a very draconian approach to machine security and web access.'"

11 of 295 comments (clear)

  1. more sensationalism by jbellis · · Score: 4, Informative

    This article is a joke. It's all about quoting people talking about how dangerous the new version of Google Desktop is when Google is very up-front about telling you what features will result in data being copied, and how to turn it off.

    IT'S DISABLED BY DEFAULT. You have to WANT to turn it on.

    Lousy reporting, is what this is.

    1. Re:more sensationalism by testrake · · Score: 4, Informative

      Perhaps "they" do a little research and determine that you can use GPO to disable the parts they don't want running?

      They can, in fact, disable the installation in at least two ways: GPO from Microsoft (Google for "Software Restriction Policy") OR GPO from Google (http://desktop.google.com/enterprise/index.html)

      The GPO from Google (part of the Enterprise download) is able to control many of the settings -- including the sharing of index data and encryption of the indexes -- on both the Enterprise Google Desktop and standard Google Desktop.

      Of course, a competent network administrator would already know that, right?

  2. snort signatures for network admins by farker+haiku · · Score: 2, Informative

    Snort signatures for the google desktop and download of google desktop can be found here.

    If you're really worried.

    --
    Your sig(k) has been stolen. There is a puff of smoke!
  3. From a healthcare perspective by PIPBoy3000 · · Score: 3, Informative

    There are certain laws in place that regulate how confidential patient information is passed around (HIPPA). I'm fairly certain that should an employee have such information on their desktop and it's copied up to Google, that would constitute a breach of those laws.

    Because of this, our desktop folks have decided that Google Desktop is not something that can be installed. It's a shame, too, as there's lots of "benign" features that we miss out on because of it.

  4. Re:CIOs, come on, go(ogle) for it! by Red+Alastor · · Score: 4, Informative
    On the other hand, Google Desktop should definitely default to not storing your data on anyone else's server.
    It is disabled by default. You can check the options during the install but it's clearly written that your files will be transfered to their servers. Of course people can't read but that's not Google's fault.

    But maybe they should default to disabled and not offer the choice during install. Just put it somewhere in the preferences where people who can't read won't go.

    --
    Slashdot anagrams to "Sad Sloth"
  5. Google provided a way to disable it, corporate-wid by Truist · · Score: 5, Informative

    It took a bit to dig this up, but it turns out that if you set the registry key:

    HKLM\Software\Policies\Google\Google Desktop\Enterprise -> disallow_ssd_service

    as a REG_DWORD to '1'

    Google Desktop won't let you use the "Search Across Computers" feature. (I tried it.) You can set that key in the group policy scripts relatively easily.

  6. An idea for the next revision! by MrJynxx · · Score: 2, Informative

    How about this. Why doesn't google pick some obscure port for getting this data, make it public, and if the corp security guys want to stop the google copy, block the port on the F/W, problem solved!!!!

    MrJynxx

  7. Re:Why Doesn't Google Do It Right? by Anonymous Coward · · Score: 1, Informative

    You can't search in an encrypted file. With a stream cipher, the ciphertext results are context dependent. Even if I encrypt the search term with the same key, I won't find it in the ciphertext. Google would have to decrypt back to plaintext to do the search.

    So, Google has your data, and Google can lose your data. Or else Google can't search your data -- in which case what's the point?

  8. Re:blocking by Anonymous Coward · · Score: 1, Informative

    Blocking desktopservices.google.com effectively breaks the search across computers function, but it also breaks some other functions in the google sidebar - such as rss news feeds. Of course blocking this at the proxy is only effective while the user is in your network. Once they take their laptop home...

  9. Re:Aside from the bitching, I have a real question by Anonymous Coward · · Score: 1, Informative

    It's sad that windoze users have to go and ask how to NOT install programs. If the OS were as secure as their "Trustworthy Computing Initiative" was full of crap the users would always be asking "How do I install programs". Why are end users installing stuff to begin with? Here's a rule of thumb....for every app they install on purpose, they have 10 malicious apps that are installed without their knowledge that evade the "science" of spyware and virus scans. Honestly....

    " It took a bit to dig this up, but it turns out that if you set the registry key:

    HKLM\Software\Policies\Google\Google Desktop\Enterprise -> disallow_ssd_service

    as a REG_DWORD to '1'

    Google Desktop won't let you use the "Search Across Computers" feature. (I tried it.) You can set that key in the group policy scripts relatively easily."

  10. Re:Google provided a way to disable it, corporate- by Truist · · Score: 3, Informative

    There is an Enterprise version of Google Desktop that you ask for, except maybe #2. But I don't think they use a specific port - I assume it's all web service-based.

    The 'hard to dig up' bit was because I had to download their Enterprise version, read its documentation, and interpret the Group Policy Template to figure out what the registry key was. If it was actually trying to roll something out company-wide they've gone to great lengths to make it easy.