Zero Day Hole In Google Desktop 113
40by40 writes "A Web application security specialist has figured out a way to launch man-in-the-middle attacks against a computer with a fully patched Google Desktop installed. With knowledge of the Google Desktop security model (a combination of one-time tokens, iFrames and JavaScript), hacker Robert Hansen figured out a way to sit between a target launching a Google search query and manipulate the search results to take control of other programs on the desktop. From the article: 'This should drive home the point that deep integration between the desktop and the web is not a good idea, without tremendous thought put into the security model. As Google's site is unencrypted, and they place their content that can run executables on their site, it can be subverted by an attacker," Hansen warns. Hansen's advisory comes just days after a Chris Soghoian's exposé of a similar man-in-the-middle attack scenario against a remote vulnerability in the upgrade mechanism used by a number of commercial Firefox extensions.'"
Easily solved (Score:5, Informative)
I've always thought that was a scary idea anyway, since my desktop content should be in a clearly-partitioned security domain from Web content.
Disable Indexing of Executables? (Score:4, Informative)
Re:Logical (Score:3, Informative)
Yes, Apache has a good reputation for security, but like most popular, complex programs, its history is far from exploit-free.
-snarkbot
A little more encryption? (Score:3, Informative)
Right now, any request to an encrypted Google search URL redirects you to www.google.com.
Re:A little over blown perhaps? (Score:4, Informative)
armchair OS designer's reading list (Score:4, Informative)
Although extreme hubris might combine with extreme resources (both dollars and talent) at Google to lead to the creation of an entirely new OS from the ground up, there may not be any need for that. The UNIX wheel is relatively round these days, particularly considering the Mac OS X / OSX example. Better yet, UNIX is nicely modular. If anyone devises a clever way to "avoid buffer overflow situations" it seems likely, on the basis of past evidence concerning technology development and adoption within UNIX systems in general, that it would be easier to integrate that language and compiler, or whatever technology it happens to be, into a UNIX operating system than it would be to create a fully capable system on top of it from whole cloth.
Since you seem genuinely interested in the topic, here are some reasonable books on operating system design which you might enjoy.
The Design and Implementation of the 4.4 BSD Operating System [amazon.com]
Design of the UNIX Operating System [amazon.com]
Operating System Design: The Xinu Approach [amazon.com]
UNIX Internals: The New Frontiers [amazon.com]
Mac OS X Internals: A Systems Approach [amazon.com]
Solaris Internals [amazon.com]
The other issues you raise are largely issues of interface design, which the open source community seems to do rather poorly, or at least not as well as it does other things. Google certainly does not need to re-invent the entire operating system wheel to improve URL integration, or provide a "minimalist" desktop interface, for example. They don't even need to strip features, really. Mac OS X, for example, provides enough of a minimalist default interface that novice computer users are comfortable with it. A Linux based OS from Google could take a similar approach, perhaps being even more spartan in the basic features, if that's really a desirable goal (which is another question entirely).
Re:Google imitating Microsoft security holes. (Score:5, Informative)
Firefox offers the exact same mechanism. Firefox extensions can contain (and run) executable code. (See below.)
As the Greasemokey security vulnerability [oreillynet.com] demonstrated, web pages can "script" Firefox extensions.
ActiveX = executable code + scripting from the web browser. Firefox extensions introduce the same risks as ActiveX.
Take for instance FoxyTunes [mozilla.org], which is listed on the Recommended Add-ons [mozilla.org] page. Download the XPI file, rename it to ZIP. Open it in WinZip or whatever. You'll notice several files:
DLL files are executable code on Windows. I'm assuming the *.linux and *.mac are similar. SO files are executable code under Linux, not sure why it has .file after it. I'm sure there are more extensions with executable code, that was just the first I looked at. Look for any extension that integrates with external software - almost always there will be a DLL or EXE.
Re:armchair OS designer's reading list (Score:5, Informative)
That's great. When you graduate beyond armchair reading, perhaps you might consider getting out of your chair and learning about actually designing an Operating System [osdev.org]? It's a very rewarding experience and teaches one about all the wonderful spagetti and legacy problems inherent in designs like Unix. It even shows how the greater resources present in modern computers can be utilized to reduce or eliminate the problems exhibited by previous OSes.
Comment removed (Score:2, Informative)
Re:pwnt! (Score:3, Informative)