NETWORK WORLD NEWSLETTER: TIM GREENE ON VPNS 11/16/04 Today's focus: The potential security danger of Google's Desktop Search
Dear [EMAIL PROTECTED], In this issue: * The implications of Google Desktop Search to your SSL remote ��access system * Links related to VPNs * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=8840 _______________________________________________________________ THE 2005 IT ROADMAP: Future Vision - Attend the Technology Tour Event of the Year! Where is IT headed? Which technologies are the new must-haves? Which look good now but are dangerous risks? Find out first and see solutions free at this exclusive reserve-now-or-you're-on the-outside-looking-in event! http://www.fattail.com/redir/redirect.asp?CID=88447 _______________________________________________________________ Today's focus: The potential security danger of Google's Desktop Search By Tim Greene Google Desktop Search is a great tool for finding stuff on a PC, but it can also be a threat to SSL remote access security. The search tool doesn't have any known exploitable vulnerabilities, but it creates a separate database of material that PCs gather during SSL remote access sessions. Conventional cache-cleaning agents used by many SSL remote access vendors can't purge this data without purging the entire Google Desktop Search indexed store. Here are the implications: A remote access user could connect to an SSL remote access box, do some corporate business and logoff knowing that the SSL gear wiped clean all the temporary files, cookies, e-mails, documents, etc., that were stored during the session. Then someone else could come along, logon to the same machine, use the Google tool to search for records of the session and find them because they were stored separately in a cache that the cache-cleaner didn't wipe out. One of the benefits of SSL remote access gear is that virtually any PC can be used to access the corporate network, giving remote users the flexibility to use their home PC, a borrowed PC or one in an Internet kiosk or hotel lobby. As more and more people adopt the handy Google Desktop Search tool, the fewer machines can be wiped clean after SSL sessions. This will reduce the flexibility that is a big attraction of SSL. This problem can be dealt with. Whale Communications, for instance, has a patch that lets customers check whether remote PCs are running Google Desktop Search before allowing them to connect. If they are running it, or if they refuse to allow inspection to determine whether they are running it, the Whale gear can deny access altogether or restrict it to data that isn't sensitive. Aventail says its Aventail Secure Desktop, a virtual desktop created for SSL remote sessions and then destroyed when the session ends, prevents Google Desktop Search from storing data from the sessions. The exception is what URLs were accessed. Other vendors will no doubt follow suit. Google says it has not addressed the problem yet, and a spokesman was unsure whether that was on the product's roadmap. RELATED EDITORIAL LINKS The Extended Enterprise Issue Network World, 11/15/04 http://www.nwfusion.com/ee/2004/ _______________________________________________________________ To contact: Tim Greene Tim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, core switching and local phone companies. You can reach him at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=8840 _______________________________________________________________ ARCHIVE LINKS Breaking VPN news from Network World, updated daily: http://www.nwfusion.com/topics/vpns.html Archive of the VPN newsletter: http://www.nwfusion.com/newsletters/vpn/index.html _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
