Damon Cortesi's blog

Musings of an entrepreneur.


| Comments

Google Desktop, now with the ability search across remote computers.

Information Police

I have one word. Scary.

Dear Google,

Did you do your due diligence when programing this “sweet new feature”? Did you have an independent third party come in and do a security analysis of this feature, from both a black box perspective as well as a source code analysis? Have you really thought this through, because damn…I see a lot of potential for abuse here.

Dear Google,

What happens when I happen to put my credit card number in a text file because I’m doing some research (or some random website happens to use HTTP instead of HTTPS for order information). What happens when that gets uploaded to your servers? What happens when someone manages to subvert your algorithm and turns your wonderful search across computers into search across all computers.

Oh wait…it’s beta. Nevermind then. That means it doesn’t really matter. Or perhaps it’s my own fault for putting that data there in the first place…I really should have known better. I didn’t expect somebody to reverse engineer your protocol and manage to gain access to my confidential information.

Google, I like and respect you, I really do. You’ve managed to do some good things in the past, but you are really starting to put me on edge. This seems like a wonderful feature in theory…but the instant the integrity of your systems gets compromised…scary. Now you not only have the information people intended to make public, you have the information people did not intend to make public as well.