|
Google Spyware? Bad Guys & Spies Using Google Desktop Search
Author:
Mike Banks Valentine
I
suppose I was naive when I cheered the new Google Desktop Search
tool thinking it was ONLY a great way to help ease my computer
info-glut and help organize my hundreds of hard-drive stored documents,
emails and files. It seems that now I have to worry about how
bad guys and busybodies will use it to spy on me!
<http://shorl.com/hafegoprepreka>
(RealitySEO.com)
The
Google Desktop Search Tool Poses a Security Risk to users of public
or networked computers according to a new Information Week article.
If you use public computers at work or at libraries, internet
cafes, Kinko's or the local Mailboxes Etc. store, now you've got
to worry that previous users of that public machine, or worse,
the business owner or employees, have installed Google Desktop
Search on that machine to purposely spy on you! <http://shorl.com/jafydygeprumu>
(Information Week)
It's
possible to retrieve secure pages from the Desktop Search memory
of machines running the program. While it is possible to turn
off that function - bad guys using Google Desktop search specifically
to spy on you won't be turning it off, eh? So now I've got to
find it and turn it off every time I use a public computer.
Although
I wrote previously of my love for the Google desktop search tool
- it appears to have a BIG downside. The slippery slope of good
tools being used for illicit purposes could destroy a great piece
of software because it is simply too powerful.
The
public will be up in arms over Desktop Search and Google may have
to withdraw it from public Beta. Though Google seems to have weathered
the storm over a similar uproar about the searchability and thus
the privacy of their beta G-mail webmail, it could be a bigger
storm brewing over Desktop search. We'll watch for comment from
privacy advocates on the subject.
At
this point it is tempting to simply shrug and say, "I hope
Google figures out how to stop illicit use of the Desktop Search
Tool," it's not likely. More likely is that it will become
one more headache to network administrators at businesses who
have to write scripts to stop the installation of Desktop Search.
Small business owners must now find a way to stop employees from
installing it on public computers at internet cafes, just as they
must currently watch for key logging software and other spyware
on public computers.
We'll
all have to be extremely cautious when using public machines at
those small businesses and libraries and we'll have to check for
the Google Desktop Search icon in the system tray of virtually
every computer we use to be certain that our use is not monitored.
Protecting
private passwords for online banking sessions while in Kinko's
and keeping online job searches out of the view of our bosses
will get even tougher for employees using networked machines at
work.
I'm
STILL in love with Google Desktop Search on my own machine at
home but now fear Google Desktop Search on public machines. The
issue doesn't stop with Google because both Microsoft and Yahoo
are racing to develop a desktop search of their own.<http://www.pandia.com/sw-2004/58-totalsearch.html>
It means
they'll all have to either make it possible for ALL users to disable
their desktop search tools temporarily or create entirely different
machines for public use.
I've
long made it a practice to open the browser preferences to clear
the web history and dump the cookies from machines I've used at
conference press rooms and internet cafes in dozens of cities.
That drops my web mail passwords and online banking sessions from
the cache, so I don't have to fret over who might be able to retrieve
passwords after I'm gone. I do it automatically now every time
I use a public machine.
But
now I've got to look for Google Desktop Search before I use a
public machine and turn it off while I'm using that machine. Grrrrr!
You have to take the good with the bad I suppose. (Right click
the icon and choose "Exit")
There's
a lot to love about Desktop Search but I simply HATE that others
can use it to spy on me. I have no doubt that it will be used
by both bad guys for identity theft and by nosey snoops and busy-bodies
who will be virtually looking over my shoulder in secret.
I'm
sure Desktop Search will be used by parents to monitor instant
messaging chats, emails and internet travels by their kids and
possibly by spouses to check up on their sweethearts. I'm not
at all concerned that anyone will use my home machine and Google
Desktop Search to check up on me. (Although I've been startled
at phrases that turn up in the occasional spam from my Outlook
in-box from Google Desktop Search results) I'm more worried that
people will use it as a spying tool on public computers.
I've
also written before on the privacy risks of Google online searches
in an article on how to protect yourself from the Google Reverse
Phone Lookup. You can enter any phone number in the search box
at Google and see the owner of that phone numbers' name, their
address and a map to their front door! Google seems to be too
powerful for its own good sometimes.
Fortunately
there is a phone lookup opt-out method at Google,<http://www.google.com/help/pbremoval.html>
but the databases they draw upon pose a bigger problem. I address
additional opt-out methods in the article (linked below) but it
seems impossible to escape determined snoops.<http://www.website101.com/Privacy/reverse-phone-lookup.html>
I'll
continue to use Google Desktop Search on my home machine and will
continue to love the tool for my web centered work online to search
client emails, documents and previously visited researched web
sites. But now I'll be far more wary - on public machines - of
bad guys and of Google Desktop Search. Damn those bad guys!
About
the author:
Mike Banks Valentine practices Search Engine Optimism at: http://SEOptimism.com
As a privacy advocate, his love of search technology sometimes
clashes with his privacy concerns at: http://PrivacyNotes.com/privacy_blog/
This article is available online at:<http://privacynotes.com/privacy_blog/2004/10/google-desktop-search-security-risk.html>
with working links to web resources.
Click
here for more articles on this topic.
{--} |
