Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Google Hacker

Author
Message
heartbone
22
Years of Service
User Offline
Joined: 9th Nov 2002
Location:
Posted: 22nd Feb 2007 04:44
Link
Google bug could have let hackers into PC

A hacker would then have had free reign to use Google Desktop to search the victim’s machine, and possibly to take full control of the computer, according to Watchfire. The company’s founder and chief technical officer, Mike Weider, said the attack would have gone undetected by firewalls or antivirus software.

{what we should be thinking is}

Google backdoor discovered then locked.

This is another good reason not to put this sort of garbage on your systems.

I'm unique, just like everybody else.
Back to top
Profile PM Website
Agent Dink
20
Years of Service
User Offline
Joined: 30th Mar 2004
Location:
Posted: 22nd Feb 2007 05:03
Link
I hate anything that runs unnecessarily in the background. I don't voluntarily install any of that stuff. And the rest of the world should just bookmark things like google and weather pages. You won't have any need to have these stupid little desktop helpers when you can load your browser and click on one of your favorites to go right to that information you want.

I have no signature...
Back to top
Profile PM
Jeku
Moderator
21
Years of Service
User Offline
Joined: 4th Jul 2003
Location: Vancouver, British Columbia, Canada
Posted: 22nd Feb 2007 09:46
Link
The link doesn't work. Did the article say it's a backdoor, or are you just assuming that? I wouldn't put it past you

Back to top
Profile PM Website
Manic
22
Years of Service
User Offline
Joined: 27th Aug 2002
Location: Completely off my face...
Posted: 22nd Feb 2007 10:23 Edited at: 22nd Feb 2007 10:26
Link
Quote: "The link doesn't work. Did the article say it's a backdoor, or are you just assuming that? I wouldn't put it past you "


Oh my! "You said something I didn't like once, so now I'll presume you're lying when you're trying to warn me of something". Jeku, you're supposed to be a Mod. The Moderators are supposed to be reasonable, a quick google search could have corroborated the story if you were in doubt.

I know Heartbone has come out with some quite startling things before, but that was an out right attack.


The link works fine for me, its from The Times, a major English newspaper, I'd be inclined to believe it.

From the article;
Quote: "The Watchfire researchers discovered that the set-up was open to something known as a cross-site scripting attack, which lets an attacker place malicious code on a Google Desktop user’s computer. The PC could be infected a number of ways, including an infected e-mail attachment.
"


However, the article also says the problem was fixed on 1st February and as Google Desktop updates itself automatically, there's little need to panic.

Martin

I don't have a sig, live with it.
Back to top
Profile PM Email Website
dark coder
22
Years of Service
User Offline
Joined: 6th Oct 2002
Location: Japan
Posted: 22nd Feb 2007 10:31
Link
Quote: "The PC could be infected a number of ways, including an infected e-mail attachment."


Isn't that pretty obvious though? anyone can get infected via e-mail attachment, they don't exactly require this software for e-mail attachments to become a secuirity issue.

Back to top
Profile PM Email
Richard Davey
Retired Moderator
22
Years of Service
User Offline
Joined: 30th Apr 2002
Location: On the Jupiter Probe
Posted: 22nd Feb 2007 12:04
Link
Quote: "You won't have any need to have these stupid little desktop helpers when you can load your browser and click on one of your favorites to go right to that information you want."


The software in question allows you to fully search your local PC, not Google itself. It's hardly a desktop short-cut to opening your browser. It's very similar to Spotlight on the Mac.

And as for a cross-site scripting flaw to be considered a 'backdoor' is nuts. It was a bug (or rather a lack of data validation / checking). Bugs happen. Don't get your conspiracy theory knickers in a twist over it.

Quote: "I know Heartbone has come out with some quite startling things before, but that was an out right attack."


If he didn't do it in every single post you may have a point

Never trust a computer you can't throw out of a window
Back to top
Profile PM Email Website
BatVink
Moderator
21
Years of Service
User Offline
Joined: 4th Apr 2003
Location: Gods own County, UK
Posted: 22nd Feb 2007 13:28 Edited at: 22nd Feb 2007 13:31
Link
Quote: "You won't have any need to have these stupid little desktop helpers..."


I have to say, Google Desktop is life-changing. I use it in a browser (Customised Google Homepage) rather than from the desktop (other than search). But now I have docs, spreadsheets, email, notebook, news, weather, Dilbert , spelling and Grammar checkers, Wiki, links and search all in one place. I never have to wait til I get home to look at a letter I'm writing or check an archived mail. The Desktop Search is spot on, I can find reference to anything I've ever written in under 5 seconds.

I'd use whatever tool was made available to do this stuff, it just happens that only Google have what I want right now.



Back to top
Profile PM Email
Jeku
Moderator
21
Years of Service
User Offline
Joined: 4th Jul 2003
Location: Vancouver, British Columbia, Canada
Posted: 22nd Feb 2007 21:27 Edited at: 22nd Feb 2007 21:28
Link
Quote: "Oh my! "You said something I didn't like once, so now I'll presume you're lying when you're trying to warn me of something". Jeku, you're supposed to be a Mod."


I'm not even going to reply to that one. There are some conspiracy theorists on this site, and Heartbone is one of them---- I'm sure he'd admit that too. It was an honest question

Quote: "I know Heartbone has come out with some quite startling things before, but that was an out right attack."


Believe me, if I was attacking someone, they'd know it

Quote: "And as for a cross-site scripting flaw to be considered a 'backdoor' is nuts."


That's why I brought up the question in the first place. Every single piece of software is prone to bugs, and I'd venture to say 99% of released products have known bugs that aren't fixed. A backdoor would be a criminal thing, and wouldn't be easy to put in as most large companies have strict code-checking rules engineers have to abide by when submitting code changes.

Back to top
Profile PM Website
x1b
20
Years of Service
User Offline
Joined: 19th Sep 2004
Location:
Posted: 22nd Feb 2007 22:00 Edited at: 22nd Feb 2007 22:02
Link
This was a concern brought to my attention, yesterday. Part of my job is to check the SecurityFocus BugTraq's, each morning. This is among the barrage of the discussion about the remote vulnerabillity:

Quote: "In November of 2005, Matan Gillon discovered a vulnerability in Internet
Explorer in the way it handled the CSS import directive
(http://www.hacker.co.il/security/ie/css_import.html). He proved the
danger of the IE vulnerability by attacking Google Desktop.

This proof of concept proved a powerful demonstration of the browser
exploit and was successful for the same reason that our research into
Google Desktop's security was successful - because a link is maintained
between the public web site and the local web server. If Google had
disabled this link, or given the user the option to remove the link,
they would not have been vulnerable. Matan Gillon should receive credit
for recognizing the danger of this intersection.

We firmly believe that the integration between public web server and the
local web server is a very dangerous thing. While Google have put a
band-aid on the immediate issue, it becomes a matter of time before
another vector of exploit (either through the browser or web
application) allows similar access.

Best regards,
Yair Amit
Security Team
Watchfire (Israel) Ltd.

-----Original Message-----
From: Yair Amit [mailto:yairam_ng@watchfire.com]
Sent: Wednesday, February 21, 2007 4:03 PM
To: bugtraq@securityfocus.com
Subject: Overtaking Google Desktop

Hello,

A new research from Watchfire has revealed a serious vulnerability in
Google Desktop.

The attack, which is fully presented in a new Watchfire research paper
released today (available at
http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf), can
allow a malicious individual to achieve not only remote, persistent
access to sensitive data, but in some cases full system control as well.

Google Desktop is a popular freeware desktop search tool which offers
powerful indexing abilities along with an easy to use interface.
In many cases, Google Desktop manages highly sensitive information.
Therefore, the impact of a security breach in it is far-reaching.

Google Desktop contains several protection mechanisms to secure its
indexed data against remote intruders.

In this paper, we present a step-by-step attack flow that circumvents
Google Desktop's protection mechanisms and allows a malicious attack to
take place against Google Desktop users.

The attack is composed of web-application security flaws found in Google
Desktop along with exploitation of Google Desktop's tight integration
with the Google.com website.

The paper shows that it is possible to achieve a remote and persistent
access to sensitive data on attacked systems.
In addition, under certain conditions, it is also possible to covertly
inject and execute malicious applications on attacked systems, using
Google Desktop's own features.

The full paper can be found in the following link:
http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf
A demonstration of the attack flow can be found at the same page or at
the following link:
http://download.watchfire.com/googledesktopdemo/index.htm

Note:
-----
The Google Desktop security flaw was coordinated with the Google
Security Team.
Google has been responsive and recently issued a patch which mitigates
the risk of the attack.
We highly recommend all Google Desktop users to make sure they have an
updated version installed on their system.

This vulnerability was discovered by me with the cooperation of Danny
Allan and Adi Sharabani.

Best regards,
Yair Amit
Security Team
Watchfire (Israel) Ltd. "


If you're really into Information Security, then i'd suggest you apply to the mailing list at http://www.securityfocus.com/

Back to top
Profile PM
The Wilderbeast
19
Years of Service
User Offline
Joined: 14th Nov 2005
Location: UK
Posted: 23rd Feb 2007 15:12
Link
lol, just as well I un-installed Google Desktop earlier today, it cocked up my PC for some reason and won't let Symantec do it's Live Update thing


Back to top
Profile PM
Phaelax
DBPro Master
21
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 23rd Feb 2007 15:55
Link
Never installed any google/yahoo/aol/msn/etc desktop search bars and never will. No need for them. What the problem of just opening a browser?

Back to top
Profile PM Email Website
heartbone
22
Years of Service
User Offline
Joined: 9th Nov 2002
Location:
Posted: 25th Feb 2007 16:46 Edited at: 25th Feb 2007 16:54
Link
Thank you Manic.

Jeku, don't worry your comments are quite moderate compared to some lesser minds. When I was 4 years old I used to get the same sort of reactions when telling 9 year olds that there was no Saint Nick. Many people don't want the truth.

For the skeptics, go back into the Google caches and examine any controversy (mainly the 911 hoax & anti-Bush) and you'll ascertain that I've been proven correct time and again.

The pettiness of ignorant posters, I just ignore.

Second Google Desktop attack reported

Vulnerability to a little-known Web-based attack could allow an attacker to have access to any data indexed by Google Desktop

Phaelax I'm with you.
If I can't organize my own computer, then I'll use it disorganized.

I'm unique, just like everybody else.
Back to top
Profile PM Website
GatorHex
19
Years of Service
User Offline
Joined: 5th Apr 2005
Location: Gunchester, UK
Posted: 25th Feb 2007 18:23 Edited at: 25th Feb 2007 18:25
Link
Why install a program that lets some corportation / goverment spy on you files? Crazy

Redirecting IP/DNS is nothing new though coz game server cloning relies on the technique.

http://www.KumKie.com http://bulldog.servegame.com
Back to top
Profile PM Website
ionstream
20
Years of Service
User Offline
Joined: 4th Jul 2004
Location: Overweb
Posted: 25th Feb 2007 19:15
Link
Why can't we be friends? Get up and hug each other, and apologize!


I don't think Google would intentionally put a backdoor on everyone's computer, they'd have little to gain and they would know that it would be discovered. Simple programming oversight, guys.

That's not as bad as you think you said.
Back to top
Profile PM Website
Back to top

Login to post a reply

Server time is: 2024-11-18 07:30:00
Your offset time is: 2024-11-18 07:30:00