LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 1st, 2014
Linux Security Week: July 28th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Review: Googling Security: How Much Does Google Know About You Print E-mail
User Rating:      How can I rate this item?
Posted by Burhan Syed   
Book Reviews If I ask “How much do you know about Google?” You may not take even a second to respond. But if I may ask “How much does Google know about you”? You may instantly reply “Wait... what!? Do they!?” The book “Googling Security: How Much Does Google Know About You” by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself. Date: October 10, 2008

Vitals:

Title: Googling Security:How Much Does Google Know About You
Author: Greg Conti
Pages: 360
ISBN-10: 0-321-51866-7
Publisher: Addison Wesley Professional
Purchase: Googling Security:

Overview

If I ask “How much do you know about Google?” You may not take even a second to respond. But if I may ask “How much does Google know about you”? You may instantly reply “Wait... what!? Do they!?” The book “Googling Security: How Much Does Google Know About You” by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.

Drawing on his own advanced security research, Conti shows how Google's databases can be used by others with bad intent, even if Google succeeds in its pledge of "don't be evil". We cannot deny the fact that Google is the most utilized search engine on the world wide web, along with its wide range of applications. And this book discuss its wide applications with in-depth analysis from security perspective.

  • Google Search Engine - How your search queries reveal a bright picture of you or your company.
  • Gmail – How it could be used to track your personal network of friends, family and acquaintances.
  • Google's Map – How it could be used to track down your home and work location, your family and friends, travel plans and intentions.
  • Mobile – How cell phones plays a major role in one's privacy breach using Google's application. AdSense and DoubleClick - How these advertising tools can trace you around the Web.

Google has now become an integral part of our lives. It is not uncommon to hear references in casual conversation when someone questions us about something and we are unsure about it, we use the phrase ‘Just Google It’. Just imagine how much information over the past ten years we have poured into the hands of Google, which collected over time can paint a very accurate picture of ourselves on its servers.

The book focuses specifically on Google. However, the security issues detailed are just as relevant to Yahoo, MSN, AOL, Ask and the more than 50 other search engines. Have you ever give a thought what would happen when you submit your sensitive information to Google or to any other online company? And if it could

get spilled, lost, taken, shared, or subpoenaed and later used for identity theft or even blackmail? If no, then you should. This book is a wake-up call to get ourselves aware and a “how-to” self defense manual.

Review Summary

Chapter 1 “Googling” is an analysis of Google and its application. It also gives an outlook of how users reveal their information utilizing tools provided by Google. Conti says “Google is arguably the most powerful because of its wide range of popular free tools, top-tier intellectual talent, nearly infinite data storage, financial resources, and information-processing capabilities. Most important, however, is the information that Google captures as we use its wide range of popular free tools. Information is slippery, and it can be lost, taken, or deliberately disclosed.”

Chapter 2 “Information Flows and Leakage” talks about how your information is capable of transferring from one medium to another by means of network drives and other hardwares .

Chapter 3 “Footprints, Fingerprints and Connections” provides you the insight on how you leave your information for Google to trace you. Google and other online companies log what can be logged. Google does not provide any specific time estimates as to how long will they keep your information since they say 'We keep the information as long as we think its useful'. According to the author “Initially, this cluster will be anonymous, but over time, often a very short period of time, the sum of these can reveal the identity of users themselves or uniquely identify them when they appear on another, previously unused computing device”.

Chapter 4 – 6 examines the risks associated with major classes of online tools, including search, communication, and mapping. According to the author “Google has the power to make people disappear from the electronic universe, shape public perception, and blackmail world leaders and individual citizens. This power is ceded by each use of online free tools. Search is the core of Google's power and the key way we relinquish control over our destinies, one query at a time”.

Chapter 7 “Advertise and Embedded Content” Conti summarize this chapter as “Web browsing isn't a one-to-one conversation with a single web site. Instead, embedded content such as maps, images, videos, advertisements, web-analytics code, and social networking widgets immediately disclose each user's visit to a third party when that user merely views a page in his or her web browser”.

Chapter 8 “Googlebot” This chapter talks about Googlebot and its functionality. Googlebot is Google’s web crawling robot, which finds and retrieves pages on the web and hands them off to the Google indexer.

Chapter 9 “Countermeasures” This chapter talks about the countermeasure that can be taken to reduce the impact of information disclosure. It also discuss the technical aspect of security as to what tool and techniques can be used to add a layer to your security.

Chapter 10 “Conclusions and a Look to the Future” analyzes current trends and illustrates what future risks could lie ahead.

Conclusion

H.L.Mencken once said “The average man does not want to be free. He simply wants to be safe.” It would be unfair to say that Google does not protect the information we provide. “It is one of their valuable assets, so protecting it is clearly in their best interest to do so” . But information is a slippery thing. There is a saying in the security community that says 'Services can be fast, cheap, or secure (choose two).'

Since there are no free lunches available in this world and online companies provides us free online tools and we pay the price of our priceless confidential information unintentionally. Achieving security is a moving target and absolute security does not exist. However, precautionary measures can be taken to ensure a better security.

Besides other informative content, the most interesting thing I have found in this book is the way Greg Conti has translated the License Agreement in simple words that can made your eyes wide open. After reading this review you may comment that apparently I used Google against Google. But thats not true. I like and use Google services as much as the next guy that even my browser's Home Page is configured to Google, but their ultra-secretive habits make me very wary of them.

Comments
Dont think soWritten by Prajith on 2009-02-24 06:48:46
Yes, google is exploited much these days, but I think it is just because the security measures that they provided are not utilized properly. Google is just collecting information that is publicly available. 
 
i want to a users ip addressWritten by keerthicharan on 2009-03-05 03:05:11
hi im charan and im in love with a girl she deleted me and i want to whether she is online or not
Tracking is not publicly availableWritten by Debian Rules on 2009-04-09 03:53:04
'Google is just collecting information that is publicly available' 
 
No, it is not. 
 
Google collects and harvest a lot of information that isn't publicly available. 
 
V.g, tracking, even using your home router.
Google knows all..Written by magikh0e on 2009-04-29 22:08:10
Wonder how many people google their own names after reading this ;D

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
NSA keeps low profile at hacker conventions despite past appearances
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.