lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <45e46e0d.0fa42ca0.4367.4e75@mx.google.com>
Date: Tue, 27 Feb 2007 23:14:39 +0530
From: "Debasis Mohanty" <debasis.mohanty.listmails@...il.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Disabling Google Desktop Link Integration In
	Google Pages

GDS Desktop Link and Google.com Integration -
Bad Design or Necessary Evil?

The recent security advisory on Google Desktop Search (GDS) published by
Watchfire did not really surprised me as I was expecting more like this in
past 2 years. However, the fact that intrigued me to write this article is
Google has not yet bothered to provide it's GDS tool users the option to
disable GDS desktop link regardless of knowing this design will attract more
attacks in future as well. 

In this article, I'll discuss a bit about why the GDS issues revolves
primarily around the GDS Desktop link and how one can fix it permanently by
disabling it which will ensure that users can still use GDS without the fear
against exploits that are targeted towards the desktop link. 

Get the entire article here - 

Disabling GDS Desktop Link Integration In Google Pages
http://hackingspirits.com/vuln-rnd/vuln-rnd.html


Regards,
-d (aka T)


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ