[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Disabling Google Desktop Link Integration In
From:       "Debasis Mohanty" <debasis.mohanty.listmails () gmail ! com>
Date:       2007-02-27 17:56:39
Message-ID: 45e46e0d.0fa42ca0.4367.4e75 () mx ! google ! com
[Download RAW message or body]

GDS Desktop Link and Google.com Integration -
Bad Design or Necessary Evil?

The recent security advisory on Google Desktop Search (GDS) published by
Watchfire did not really surprised me as I was expecting more like this in
past 2 years. However, the fact that intrigued me to write this article is
Google has not yet bothered to provide it's GDS tool users the option to
disable GDS desktop link regardless of knowing this design will attract more
attacks in future as well. 

In this article, I'll discuss a bit about why the GDS issues revolves
primarily around the GDS Desktop link and how one can fix it permanently by
disabling it which will ensure that users can still use GDS without the fear
against exploits that are targeted towards the desktop link. 

Get the entire article here - 

Disabling GDS Desktop Link Integration In Google Pages
http://hackingspirits.com/vuln-rnd/vuln-rnd.html


Regards,
-d (aka T)


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]