Full Disclosure mailing list archives
RE: blocking Google Desktop
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 10 Feb 2006 15:11:28 -0600
Upon launching, Google Desktop made several HTTPS connections to both www.google.com and desktopservices.google.com. It used IE's proxy settings - we have an ISA cache/proxy that does integrated auth. If it handled NTLM auth, I'm sure it can do basic proxy auth as well. However, blocking it on the network-level doesn't do a whole lot of good for corporations with a large mobile population. They connect elsewhere (home, client site, hotel, etc.), and your proprietary data is still making it to Google.
Looks like a great target for Pharming attacks. Thanks for all your data sent to me over an SSL connection. =) -Todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: blocking Google Desktop, (continued)
- Re: blocking Google Desktop Michael Holstein (Feb 14)
- Re: blocking Google Desktop sekure (Feb 14)
- RE: Some one needs their coffee. WAS: blocking Google Desktop Randall M (Feb 11)
- Re: blocking Google Desktop gboyce (Feb 11)
- Re: blocking Google Desktop Nick FitzGerald (Feb 11)
- Re: blocking Google Desktop gboyce (Feb 11)
- Re: blocking Google Desktop Michael Holstein (Feb 10)
- Re: blocking Google Desktop Jason Mayer (Feb 10)