[unisog] Google Desktop (cNET inquiry)

Saqib Ali docbook.xml at gmail.com
Mon Feb 13 23:42:08 GMT 2006


> I'll play devil's advocate for a minute and say that this
> doesn't seem to be too different than GoToMyPC.

GoToMyPC doesn't send my confidential files to their servers for
"anywhere access"

> Hotmail, p2p, IM ???

I agree with you. I see Google Desktop as just another product.
Nothing evil about it. I think most people are are trying to find a
technological way of stopping their faculty/students from using Google
Desktop. Where simple User Awareness and Training will suffice.

Many technical vulnerabilities are best countered with simple
awareness training. The fact that confidential information got leaked
due to Google Desktop, shows a lack of awareness training.

Awareness / Training should NOT comprise of threats (i.e. re-imaging
of computers, disciplinary action, firing). In fact this is very
counterproductive, and do nothing to educate.

The User Awareness / Training sessions should explain why a certain
action might cause a leak of confidential information.

People on some other mailing list have suggested, re-imaging a desktop
where Google Desktop desktop is detected as a countermeasure. I think
this will be most counterproductive, and users will find a way to
avoid detection.
--
Saqib Ali, CISSP
http://www.xml-dev.com/blog/
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15



More information about the unisog mailing list