Watch google

Discussion in 'privacy general' started by Jooske, Oct 15, 2003.

Thread Status:
Not open for further replies.
  1. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Again some critics and tests on the site here
    http://google-watch.org/
     
  2. cl0ck

    cl0ck Registered Member

    Joined:
    Sep 15, 2003
    Posts:
    50
    Location:
    Southeast Asia
    ya, i believe most of wat the site says, especially about google's ' everlasting cookie'
    that's why i never allow cookies from google
    but google is still a great search engine tool anyway
     
  3. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Jooske - I just did a Google search of your name and read a letter that you wrote to ZNet. Your privacy was not protected. I discovered this some time ago that when I did a search of my screenname that many of my posts appeared on the Google site with links. :mad:
     
  4. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    Actually, I think most of what ever factual on the site's is correct. But then again, there's nothing really very dangerous about what facts it reveals.

    Others seems to be whining on principle, ie monopolys are bad and speculation about the power they wield or could wield over the web.

    And a large part is about Search engine optimisation, pointing out weaknesses in the ranking algothrim (blogs etc) , but again not really security concerns


    The cookie business is a bit strange, but easily handled by all competent browsers.
     
  5. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    :eek: :mad: :doubt:

    Wow.. I just did a search of Google for my screen name and came up with several listings! Things are definitally "getting out of hand"! I am discusted by the amount of "spying" and "sneaky" practices that are employed by many companies/orginizations on the net. Between Pop ups/unders, Spyware, Adware, ect.

    Steve Gibson(www.grc.com) had a interesting segment on "cookies", explaining that back in the early days of the Net they were designed only to help guide people around a web site, and that they did not stay with you. I guess things have changed...lol

    Sometimes I feel I wil never be able to secure my computer from all of these different threats! Some days I feel like just "pulling the plug" on my computer! :doubt:
     
  6. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    That's what search engines do.
     
  7. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Yes, but why phone numbers and screen names? Ok, topics, forums, yes, but why is it that when I search for something in google, I end up getting assalted by pay ads, unrelated topics, and sketchy websites that really have little or no info on the search topic. Although I have recieved spyware from clicking a link.... Yes Google is the "BEST" search engine but I have read several of the posted links and it apears they have put $$ and advertizers before everything else! I understand they are out to make $$$, but there is No reason for the cookie that expires in 2037, or the toolbar that acts like spyware! Just my opinion though..... :rolleyes:
     
  8. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Last night I did a SpyBot scan of my computer and came up with the DSO Exploit. :mad: I read the details and was referred to Greymagic.com/adv/gm001_ie for further details. The link given did not work too well but with a bit of fiddling I was able to get the information I was seeking. It appears there is a leak in the Google tool bar which allowed this Exploit to access a computer. Google was supposed to have fixed this vulnerability back in 2002 but if the Exploit I had was from Google, then they have done nothing to rectify the problem. I initially assumed it was a security hole in IE which needed, I think, the patch Q328970. Upon checking my installation history I have that patch so that leaves Google as the culprit. Am I misunderstanding the whole situationo_O? Symantec on the other hand, states that this Exploit is spread via email. I have not had any email that I need to be concerned about. So, who is right on this issue. o_O Maybe our experts here can sort this out. :)
     
  9. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Peaches4U,

    This is the security hole Spybot S&D finds: http://www.securitytracker.com/alerts/2002/Feb/1003689.html

    And the fix Spybot S&D will apply if you choose to do so, is the one described here: http://sec.greymagic.com/adv/gm001-ie/

    Regards,

    Pieter
     
  10. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Very interesting. Anti-Virus can detect this method wich is nice but still a major flaw, since if you change the code and various form you can still execute the script.... wich could be very unhealty.... wich would really crap out...
     
  11. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Thanks for responding Pieter. So, am I correct in my thinking that I have to make the registry change [as per greymagic] in order to be protected against this Exploit?
     
  12. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Peaches4U,

    Not completely sure. I think MicroSoft fixed that vulnerability, but they may have used a different method.
    I couldn't find it. If I come across it I will post.

    Regards,

    Pieter
     
  13. Unzy

    Unzy Registered Member

    Joined:
    Nov 2, 2003
    Posts:
    1,098
    Location:
    Belgium
    Hi all;

    I was under the impression that if you fixed the DSO exploit with SpyBot, it made a little alternation in the registry (DWORD setting) in order to fix that security hole?

    Isn't fixing it with spybot enough or are there more actions needed?

    Cheers,
     
  14. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Hi Pieter. Thanks again.... I did not touch my registry until I am absolutely sure of what I am doing and why. I did peek in the registry but oh my, some of the stuff there is above my knowledge. o_O

    I just suddenly remembered that I may have gotten that exploit through an email. I now recall opening an email from a friend and when the page came up it was all a garble and unreadable. After about a minute, the page became readable. I thought that was weird and wondered about it especially because my friend had the same exploit which I helped her in cleaning her computer [she knows absolutely nothing about computers & security]. According to Symantec this exploit can be spread by email, so maybe that is how it happened for me. I did another Spybot scan last night & well as Panda and got a clean bill of health.

    My critical patches are all up-to-date including the one I received this a.m.
     
  15. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Unzy,

    You are right.
    This is what Spybot S&D does. (As described on the site I linked to.)
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
    Change the value of "1004" (DWORD) to 3.

    Hi Peaches4U,

    I think we are talking about two different exploits here. Do you have a link to the Symantec site you are referring to?

    Regards,

    Pieter
     
  16. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    :oops: That's it Pieter, this cold weather here is freezing my brain and my fingers!! :( :'( Definitely SpyBot picked up the DSO Exploit [I just checked the log in SpyBot] but when I checked Symantec for details I apparently typed DSS Exploit instead. :oops:

    I used SpyBot to do the fix - computer is running well & no other compromises since, except for me ... :oops: I need a fix from the cold here, like a long vacation in Australia or the Dominican Republic??

    My apologies Pieter for my error - I should have double checked before posting.
     
  17. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Cheer up Peaches4U, :)

    Happens to all of us at times.
    And it triggered a nice discussion. :)

    Regards,

    Pieter
     
  18. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :Dive knowen for over a year i use google to stalk you guys lol

    nothing says love like a restraining order lol
     
  19. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    That is not nice :) Are you still living up there in the Northwest by that lake...or are you eating on someone else's couch these days.
     
  20. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    STILL LIVEING IN THE NORTHWEST BY THAT LAKE LOL

    Im wo0rking for my dad i posted a few pics of the work we do

    you know i had no ideal how hard that man works til i started working for him makes you aprechiate a person more when you walk in his shoes

    seriosley i sugest if you can spend at leas one day with those you care about doing what they do all day you get a better understanding of them and a aprechiation for them

    hueman nature would be somuch better if we took the time to really understand one another rather then fear what the othewr thinks of ones self

    thats why most are so lonley in some degree or another

    should i e spell check this lol nahhhh to lazy lmao
     
  21. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    So you recommend that search engines should practice censorship and try to figure out what are telephone numbers on webpages and stop listing them? What about credit card numbers, what about your middle name? or your religion? or...

    If you want to blame anyone blame the lousy leaky incompetent webmasters of the sites whom you had trusted with your personal info. Googlebot and most trusted/reputable spiders respect the robots.txt, and do not index such sites. Even better password protect the sites!

    I have no idea what "Screenname" means, but I presume it means the handle or nick you use on forums. If you want to create a consistent indentity all over the internet by registering the same unique id in all the forums you visit, it's your choice, just don't blame the search engines, if you can be "tracked" this way.

    If you want to keep your cyber indentities seperate then don't do it or use a common id.

    And so what if they know a certain guy named say "xzzxyzsddf" is posting in say comp security and sex groups, if you are careful , they can't correlate it to your real offline id anyway.

    Please check your facts.

    First, google adwords programs only lists sponsored ads on the right side of the page, they do not appear "before everything" as you state

    Second, about irrelevant sites, this is a problem faced by all search engines, google is espically worse hit because webmasters try to fool it the most ,given it's popularity

    Third, receiving spyware from a click, again what do you expect google to do? To act as a global censor , figuring out which sites have spyware (assuming you could agree what those sites are in the first place) and banning those? In certain aspects, even the big sites are Cnet, have spyware. You expect google to act as judge and executor? Next I suppose you will be complaining google doesn't filter out sites with poor web design?

    Fourth - A toolbar that acts like spyware? This does not come into play unless you turn on the advanced page rank features. The page rank features tell webmasters how highly google "thinks" of a given page (PR from 0 to 10). So when you visit say wilders, it will show say a PR of 7.

    But unless google knows which site you are viewing how is it going to send the PR of the page?? Again this whole "spyware" crap is thrown out of proportion, because people latch on the fact that google has to be told which page you are visiting, before it can tell you what the PR is.

    I
     
Loading...
Thread Status:
Not open for further replies.