Bookmark this Search Engine Industry News And Resource.
Desktop search features and newer computer indexing tools such as Google's Desktop Search could cause security risks.
The reason is simply because companies that use the Secure Sockets Layer (SSL protocol) to remote access or VPN, these protocols could copy content accessed during any SSL session and make it available to anybody that later uses the same computer.
Caches created by PC search tools get around the security many SSL vendors have put in place to purge cached data from remote machines as secure sessions shut down. These so-called cache-cleaning agents wipe out temporary files created during SSL sessions, but they don't wipe out the copies made by the search tools.
"You could end up caching and indexing files you don't want cached and indexed on machines outside your control," says Dan Harman, remote access administrator for real estate developer Lewis Group in Upland, Calif., which uses SSL remote-access gear made by Whale Communications Ltd.
One touted benefit of SSL remote-access technology is that any machine with a Web browser can be used to access a corporate network securely. The downside is that the PCs might not be owned by the corporation, so any number of unauthorized users could have access to them. "This tends to negate user authentication," says Rick Fleming, CTO of Digital Defense Inc., a vulnerability assessment company.
Besides Google's product, such search engines are made by Blinkx, Copernic Technologies Inc., ISYS Search Software and X1 Technologies Inc. Yahoo Inc. and Microsoft Corp. are said to be on the verge of having them, too.
SSL VPN vendor Aventail Corp. says its Secure Desktop, a virtual desktop for SSL sessions that are destroyed when the session closes, prevents files downloaded during the session from being viewed by Google Desktop Search.
To solve the problem for its customers, Whale has a software upgrade that detects whether Google Desktop Search is running on a remote PC. If so, access to the corporate network is denied or restricted. The company is developing similar upgrades to address nine other desktop search engines, says Whale Chief Technology Officer Noam Ben-Yochanan.
Google Desktop Search makes it easier to find data on PC hard drives and doesn't address these security concerns, a Google spokesman says. Customers can manually turn off Desktop Search or put it on pause during SSL remote-access sessions to avoid having the sessions cached by the search engine, he says.
Ben-Yochanan says he installed Google Desktop Search on a PC, opened an e-mail attachment, altered the document, sent it as an attachment, then deleted the file from the hard drive. Desktop Search retained a copy of the original attachment and the modified version.
Fleming says such tools pose similar threats to shared PCs on corporate LANs. So a person working the 4 p.m.-to-midnight shift could access all the data accessed by the person working the 8 a.m.-to-4 p.m. shift, including personal human resources data or Internet banking information, he says.
Similarly, if a network administrator uses a random desktop to reconfigure a firewall, a desktop search engine will record those settings and the password used to gain access, Fleming says.
It also makes it easier for attackers to search machines they have taken over, says Fred Felman, vice president of marketing for Zone Labs Inc.
Source: ComputerWorld.comPosted by seomasters at November 26, 2004 12:49 PM | TrackBack