lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <416FDB5C.4050308@fas.harvard.edu>
From: krstic at fas.harvard.edu (Ivan Krstic)
Subject: Google Desktop Search

DogoBrazil wrote:
> The research came
> with a bit more than I expected 'cause the engine  went to some webmail 
> based accounts: Yahoo and MSN. I could click in the results and opened 
> my Yahoo Mail inbox page without a password. Maybe some password lost in 
> my HD? Maybe some page cached? 

http://desktop.google.com/index.html enumerates the file types that 
Google Desktop Search currently indexes. Your IE cache and Outlook 
correspondence will also get indexed, so you could have been looking at 
either a page from your browser cache, or a page you manually saved to 
your hard drive. The program itself most certainly does not include 
functionality to index remote, web-based mailboxes such as Yahoo and MSN.

Ivan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ