Security Analysts Still Leery About Google Desktop 2

Some are wary of opening the door to the tool's powerful desktop search capabilities; the problems involve leaving sensitive data lying unprotected on users' desktops.

In spite of Googles efforts to placate the concerns of its enterprise audience, some security experts are still leery about opening the door to the powerful desktop search capabilities packed into the companys release of Google Desktop 2 on Monday.

"This is a very powerful tool, potentially with a bidirectional metaphor," said James Governor, principal analyst and founder of the analyst firm RedMonk. "Its indexing all this stuff on your desktop and doing something on the Web. Whos to say thats not a potential breach?"

Google Desktop 2 is the second beta of Google Inc.s desktop search tool, which it first unveiled in October 2004.

This version goes far above and beyond the first beta. For example, added features such as the Sidebar go beyond finding information on a users computer to personalizing an array of information on users e-mail, news, weather, photos, stocks and RSS and Atom news feeds, all based on their Web browsing history.

"We really focused on first, not only making desktop search faster and easier, but second, helping people to find new information through the Sidebar," said Nikhio Bhatla, product manager for Google Desktop. "We wanted to let people just sit back and let the Web come to them."

Enterprises believe that some of that information is best not found, however.

When Google first unveiled Google Desktop Search (since renamed as Google Desktop) in October, security experts and IT administrators were alarmed to find that the tool had the ability to reveal personal and confidential information in search results, including returning password-encrypted Microsoft Office files that were available to users without the password, pages from secure sites that display corporate data from Web-based enterprise applications, or personal information such as financial services accounts and medical records.

Google responded to enterprise trepidation when it released an enterprise version of Google Desktop Search in May.

The enterprise version enables administrators to restrict indexing of, or access to, files.

It also allows administrators the ability to block communications back to Googles server for automatic updates of the software—a cause of concern that initially plagued security analysts with the consumer version of the product.

"I worry about data leakage from my desktop back to Google," said Bruce Schneier, chief technology officer at Counterpane Internet Security Inc. "Is information on what Im searching for going upstream? I didnt know [when he first looked at Beta 1 of Desktop Search]. So Im less likely to use it."

According to Bhatla, password-protected documents are no longer indexed in the enterprise version.

In this current release of the consumer version, Desktop 2, Google has also added a feature to encrypt the index so that all files are protected from access if a laptop or computer is stolen.

Desktop 2 also supports multiple users on one computer. If multiple people use a single computer and have their own, individual Windows accounts, each person can install and run Google Desktop and know that their information is inaccessible to other users—a major concern with Beta 1, as evidenced by feedback left on the subject by an eWEEK reader.

"[The idea that] in order for you to be able to view the files and browser caches of other users on the system, you must be the system administrator … are not quite true," wrote the reader, "clarkalex."

"On [Windows] XP maybe, [but] on other Windows systems a user can install software as a regular user account with no problem and can open up other users files with no problem," the reader wrote.

"This is because the default permissions are Everyone Full Control on a Windows system. This even applies to the users folder in Documents and Settings. There are still plenty of Win2K systems out there. The security policies would have to have been modified to make your statements true. Or the owner of the files that were to be kept secret would had to have changed the ntfs permissions on them. (Assuming ntfs was the file system in the first place.) On a Win2K system, generally there would be nothing stopping a regular joe from downloading [Google Desktop Search], installing it, and being able to see whatever he wanted. That would indeed be a security threat."

Next Page: Multiple-user systems use is still not advisable.