[unisog] Google Desktop (v4)

Josh Fiske jfiske at clarkson.edu
Fri Feb 10 20:44:37 GMT 2006


We have not found a good way to ban this on a large scale, but I would be 
very interested to see the results of your testing.  If you're able to 
come up with a specific listing of IP addresses that the google desktop 
uses to upload files to, would you be willing to share it with us?


-- Josh
- - - - -
Joshua Fiske, Network and Security Engineer
Clarkson University, Office of Information Technology
(315) 268-6722 -- Fax: (315) 268-6570
jfiske at clarkson.edu

CONFIDENTIALITY:  This e-mail (including any attachments) may contain 
confidential, proprietary and privileged information, and unauthorized 
disclosure or use is prohibited.  If you received this e-mail in error, 
please notify the sender and delete this e-mail from your system.

Michael Holstein <michael.holstein at csuohio.edu> 
Sent by: unisog-bounces at lists.sans.org
02/10/2006 02:09 PM
Please respond to
UNIversity Security Operations Group <unisog at lists.sans.org>

UNIversity Security Operations Group <unisog at lists.sans.org>

[unisog] Google Desktop (v4)

By now, I'm sure we've all had a restless night over the latest Google 
Desktop. Particularly the "access my documents from anywhere" feature 
(meaning copies are stored on Google's servers and indexed there).

EFF article : http://www.eff.org/news/archives/2006_02.php#004400

Clearly, this has *huge* implications for HIPAA and FERPA.

Since I haven't seen any writeups on the latest version of this, I'm 
actively "infecting" computers with it to see if I can come up with an 
effective block strategy.

Before I re-invent the wheel on this one, has anyone else (that's not 
using a proxy) come up with a good way to ban this network-wide?

I was hoping that resolving *desktop.google.com to localhost would work 
.. but I don't hold a lot of hope.


Michael Holstein CISSP GCIA
Cleveland State University
unisog mailing list
unisog at lists.sans.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20060210/b75d951e/attachment.htm

More information about the unisog mailing list