Hi Geeks, I found this book intresting. So, I wish to share....
Book: "Googling Security: How Much Does Google Know About You" Overview If I ask “How much do you know about Google?” You may not take even a second to respond. But if I may ask “How much does Google know about you”? You may instantly reply “Wait... what!? Do they!?” The book “Googling Security: How Much Does Google Know About You” by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself. Drawing on his own advanced security research, Conti shows how Google's databases can be used by others with bad intent, even if Google succeeds in its pledge of "don't be evil". We cannot deny the fact that Google is the most utilized search engine on the world wide web, along with its wide range of applications. And this book discuss its wide applications with in-depth analysis from security perspective. Google Search Engine - How your search queries reveal a bright picture of you or your company. Gmail – How it could be used to track your personal network of friends, family and acquaintances. Google's Map – How it could be used to track down your home and work location, your family and friends, travel plans and intentions. Mobile – How cell phones plays a major role in one's privacy breach using Google's application. AdSense and DoubleClick - How these advertising tools can trace you around the Web. Google has now become an integral part of our lives. It is not uncommon to hear references in casual conversation when someone questions us about something and we are unsure about it, we use the phrase ‘Just Google It’. Just imagine how much information over the past ten years we have poured into the hands of Google, which collected over time can paint a very accurate picture of ourselves on its servers. The book focuses specifically on Google. However, the security issues detailed are just as relevant to Yahoo, MSN, AOL, Ask and the more than 50 other search engines. Have you ever give a thought what would happen when you submit your sensitive information to Google or to any other online company? And if it could get spilled, lost, taken, shared, or subpoenaed and later used for identity theft or even blackmail? If no, then you should. This book is a wake-up call to get ourselves aware and a “how-to” self defense manual. Review Summary Chapter 1 “Googling” is an analysis of Google and its application. It also gives an outlook of how users reveal their information utilizing tools provided by Google. Conti says “Google is arguably the most powerful because of its wide range of popular free tools, top-tier intellectual talent, nearly infinite data storage, financial resources, and information-processing capabilities. Most important, however, is the information that Google captures as we use its wide range of popular free tools. Information is slippery, and it can be lost, taken, or deliberately disclosed.” Chapter 2 “Information Flows and Leakage” talks about how your information is capable of transferring from one medium to another by means of network drives and other hardwares . Chapter 3 “Footprints, Fingerprints and Connections” provides you the insight on how you leave your information for Google to trace you. Google and other online companies log what can be logged. Google does not provide any specific time estimates as to how long will they keep your information since they say 'We keep the information as long as we think its useful'. According to the author “Initially, this cluster will be anonymous, but over time, often a very short period of time, the sum of these can reveal the identity of users themselves or uniquely identify them when they appear on another, previously unused computing device”. Chapter 4 – 6 examines the risks associated with major classes of online tools, including search, communication, and mapping. According to the author “Google has the power to make people disappear from the electronic universe, shape public perception, and blackmail world leaders and individual citizens. This power is ceded by each use of online free tools. Search is the core of Google's power and the key way we relinquish control over our destinies, one query at a time”. Chapter 7 “Advertise and Embedded Content” Conti summarize this chapter as “Web browsing isn't a one-to-one conversation with a single web site. Instead, embedded content such as maps, images, videos, advertisements, web-analytics code, and social networking widgets immediately disclose each user's visit to a third party when that user merely views a page in his or her web browser”. Chapter 8 “Googlebot” This chapter talks about Googlebot and its functionality. Googlebot is Google’s web crawling robot, which finds and retrieves pages on the web and hands them off to the Google indexer. Chapter 9 “Countermeasures” This chapter talks about the countermeasure that can be taken to reduce the impact of information disclosure. It also discuss the technical aspect of security as to what tool and techniques can be used to add a layer to your security. Chapter 10 “Conclusions and a Look to the Future” analyzes current trends and illustrates what future risks could lie ahead. Conclusion H.L.Mencken once said “The average man does not want to be free. He simply wants to be safe.” It would be unfair to say that Google does not protect the information we provide. “It is one of their valuable assets, so protecting it is clearly in their best interest to do so” . But information is a slippery thing. There is a saying in the security community that says 'Services can be fast, cheap, or secure (choose two).' Since there are no free lunches available in this world and online companies provides us free online tools and we pay the price of our priceless confidential information unintentionally. Achieving security is a moving target and absolute security does not exist. However, precautionary measures can be taken to ensure a better security. Besides other informative content, the most interesting thing I have found in this book is the way Greg Conti has translated the License Agreement in simple words that can made your eyes wide open. After reading this review you may comment that apparently I used Google against Google. But thats not true. I like and use Google services as much as the next guy that even my browser's Home Page is configured to Google, but their ultra-secretive habits make me very wary of them. Cheers, -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
