[Full-disclosure] blocking Google Desktop
toddtowles at brookshires.com
Fri Feb 10 21:11:28 GMT 2006
> Upon launching, Google Desktop made several HTTPS connections to both
> www.google.com and desktopservices.google.com. It used IE's proxy
> settings - we have an ISA cache/proxy that does integrated
> auth. If it handled NTLM auth, I'm sure it can do basic
> proxy auth as well.
> However, blocking it on the network-level doesn't do a whole
> lot of good
> for corporations with a large mobile population. They connect
> elsewhere (home, client site, hotel, etc.), and your
> proprietary data is still making it to Google.
Looks like a great target for Pharming attacks. Thanks for all your data
sent to me over an SSL connection. =)
Full-Disclosure is hosted and sponsored by Secunia.