Is Google Desktop Evil?

I've been in Law Enforcement for over 10 years. I can tell you that if your private stuff is stored on a server, then YES it is subject to search by a Law Enforcement organization! A Law Enforcement agency will need to get a subpoena and show probable cause however, so it's not like it's an open market.

EDITOR'S NOTE: Probable cause... it's a Good Thing!

Technical White Paper from University of Michigan's IT Security group

http://safecomputing.umich.edu/tools/download/gd_security.pdf

gave me reason to be concerned. You do not need to be an administrator to install plug-ins that extend the indexing or sidebar capabilities of Google Desktop. Such plug-ins can be written by anyone. This is noted solely because, historically, security problems have been incorrectly associated with applications when, in reality, the problems originated in poorly written extensions.

As noted earlier, Google Desktop indexes the web sites you visit and keeps a cached copy of those pages. By default however, this does not include pages viewed over HTTPS. However, this is a configurable preference and if this preference is set inadvertently by a user or by other malware, you could be indexing and caching (in the clear) sensitive information that is normally encrypted via SSL.

Google may not be evil, but it isn't secure and probable cause vanished in the Patriot Acts interpretation (or misinterpretation.)

EDITOR'S NOTE: Yes, but... is Joe User likely to fiddle with plugins and change the default setting to index secure pages? Somewhere along the line, users have to take responsibility for their actions.

Probable Cause...Against Whom, giving access to what? So if a law enforcement agency has Probable Cause against a company such as an ISP or even Google, are all individuals records subject and open to inspection (including the offsite backups of _possibly_ more than 30 days worth of data). Does the said company have the right to tell the individuals their data is potentially being read? Does it have to?

The problem is not that Google is or not evil, but rather that like any tool, it has costs and benefits. Fire can cook food or burn a home; depending on the knowledge and expertise and attention to detail of the person setting the fire.

I work in a healthcare environment, and the risk of even accidental revelation of private patient data is simply not worth it. None of our staff would intentionally broadcast patient data, but using Google Desktop does make it more of a risk.

Google Desktop, like every other tool, has appropriate and inappropriate uses. Match the tool to the task, and for now, keep Google Desktop out of healthcare environments. Not because of a problem with the software, but because the users of the software are only human.

EDITOR'S NOTE: In an enterprise environment where the privacy of client data is paramount, I can understand your extra caution. But it seems MUCH more likely that one of your peers might expose private data in an email, than by using the Search Across Computers feature in G Desktop. Remember... this is something you must explicitly turn ON. And even so, the (encrypted) data cannot be accidentally exposed. It would require a court order to obtain the data. And I'm sure any such files would still be protected by HIPPA laws. So your exposure seems vanishingly small.

I would not put anything on the internet that I would consider private whether it be email or website or searches or whatever. I don't think Google is "evil" any more so or less than Yahoo or AOL. I don't feel secure about "probable cause" either is since the NSA tapped into phone conversations of American citizens with NO probable cause or court order. If you don't want it public, don't put it out there!

EDITOR'S NOTE: I assume you're referring to the recent news about the gov't obtaining phone calling records from several telecomm providers. There's a BIG difference between listening to phone calls and simply knowing who called who, and when.

So, the government or an ex-spouse or whoever could subpoena your information from Google. This seems to imply that those same individuals *couldn't* subpoena your *entire pc*, get a warrant to enter your home, and just take it with them. Or at least your hard drive, removable media, etc. Which they can, if probable cause is given. If I were going to request a subpoena for that kind of information, I wouldn't even mess with Google. Why settle for a subset of the total information on a computer? -- I'd go straight for the pc.

Still, it is of some concern in the current political climate, in which it doesn't appear to be necessary to demonstrate any kind of probable cause, or even let you know your stuff is being looked at.

Of course, I personally am a lover of convenience, and am amused at the idea that I might just be creating more (dry & boring!) 'noise' for 'the powers' to wade through. So I'll probably avail myself of Google Desktop's 'search across computers' feature. Besides. Hiding in plain sight is awesome.

Regarding the NSA's alleged 'tapping into phone conversations': the Google Desktop scare is very much like the twisted story regarding the NSA. If you want the convenience of Google Desktop, you have it. If you want to have the same access but just a little extra work, use a VNC app, and search your desktops on your own.

When Google Desktop search came out, i became aware of the ramifications,by reading their privacy policy. It's one of the reasons I don't use this app. Charlie (previous post) is perfectly correct by advocating the use of a VNC app. Far more secure. Besides, their indexing takes way too long and is too intrusive and CPU intensive, just like the MS Indexing service.

Does a jealous or vindictive spouse need probable cause in a divorce case? Do they make ANY backups of the data? If so, how long are the backups retained?

Thank all of you ,I used firebird wed browser and I hav`t to "OK" what is set(as SPY ware) or not!

I feel enpowerd by this, but ,I have alot to learn !

I love google,it has always, just been there for me ,like a friend. I used google news as home page for now,and not any other stuff. Thank you for writing in. God Bless America

I wonder about those people who said GOOGLES DESKTOP IS EVIL. i'm afraid there maybe something wrong with them.I used google so many times, i found nothing.If it was,google may not be seen at the screen of our computers and we may not see or use it again.

In this case;for those who said that,i ask them to appologize google.

Don't be so sure Google is respecting your privacy. Google, Yahoo, Microsoft,and other other companies routinely spy for the Chinese government. Also, Google recently provided information to the U.S. government on searches related to the flu and other illnesses - and we must take them at their word that IP addresses were not a part of the information they provided the feds. Read this CNET article:

http://news.cnet.com/What-Google-censors-in-China/2100-1030_3-6031727.html

and this article from engadget:

http://www.engadget.com/2007/01/19/microsoft-google-and-others-developing-code-of-conduct/

Remember boys and girls, the price of liberty is eternal vigilance!