-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The latest version of Google Desktop 3, contains a new
feature called
'Search Across Computers' that has raised serious security
and privacy
concerns. By storing copies of a user's files on Google's
servers,
Google Desktop allows users to search through them from any
other
computer. The files that Google stores include web history
files (from
Internet Explorer, Firefox, Netscape, and Mozilla), Word
documents,
Excel spreadsheets, PowerPoint presentations, PDF files and
text files
in the "My Documents" folder.
With 'Search Across Computers' enabled, any document
from the above
list, when opened or edited, is stored on Google's servers.
There are
options for configuring what data is stored but, if
incorrectly
configured, users can unknowingly transmit copies of
restricted data to
be stored on Google's servers. It is possible to manually
purge all your
files from Google's desktop servers, however simply
uninstalling the
program can leave data on Google's servers for up to 60
days.
The campus System and Network Security office (SNS)
recommends that
individuals seriously consider the potential for information
stored on
their computers to be accessed by others if they enable this
feature of
Google Desktop 3 on their computers. If a system stores
restricted data,
it would be a violation of campus policy to allow Google
Desktop to
store copies of this data off-site.
While some of the features of Google Desktop 3 are
enticing, it is
important to understand how information is collected,
stored, and shared
through this application, and the potential privacy and
confidentiality
risks.
Craig Lant
Campus Information Security Officer
For more information, see:
Berkeley's IT Security-related policies and guidelines:
http://securit
y.berkeley.edu/pols.html
Google Desktop - Search Across Computers:
http://desktop.google.com/features.html#searchremote
Electronic Frontier Foundation:
h
ttp://www.eff.org/news/archives/2006_02.php#004400
Technical White Paper from University of Michigan's IT
Security group:
http://safecomputing.umich.edu/tools/download/gd_se
curity.pdf
Gartner - Manage Google's Desktop Search Now or Lock It Out
http://www.gartner.com/DisplayDocument?doc_cd=137896
ZDNet UK - Google admits Desktop security risk
http://ne
ws.zdnet.co.uk/internet/security/0,39020375,39253447,00.
htm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFD/OBz0utcLN0BLdARAojHAJ9oq5fZ013jMh2q5m73sSizs1SnmACf
e857
tU5f5LJd6cUvLh/+GPFyZuA=
=Eum8
-----END PGP SIGNATURE-----
------------------------------------------------------------
------------
The following was automatically added to this message by the
list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.be
rkeley.edu/>.
|