Review: Googling Security: How Much Does Google Know About You
Posted by Burhan Syed   
Book Reviews If I ask “How much do you know about Google?” You may not take even a second to respond. But if I may ask “How much does Google know about you”? You may instantly reply “Wait... what!? Do they!?” The book “Googling Security: How Much Does Google Know About You” by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself. Date: October 10, 2008

Vitals:

Title: Googling Security:How Much Does Google Know About You
Author: Greg Conti
Pages: 360
ISBN-10: 0-321-51866-7
Publisher: Addison Wesley Professional
Purchase: Googling Security:

Overview

If I ask “How much do you know about Google?” You may not take even a second to respond. But if I may ask “How much does Google know about you”? You may instantly reply “Wait... what!? Do they!?” The book “Googling Security: How Much Does Google Know About You” by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.

Drawing on his own advanced security research, Conti shows how Google's databases can be used by others with bad intent, even if Google succeeds in its pledge of "don't be evil". We cannot deny the fact that Google is the most utilized search engine on the world wide web, along with its wide range of applications. And this book discuss its wide applications with in-depth analysis from security perspective.

  • Google Search Engine - How your search queries reveal a bright picture of you or your company.
  • Gmail – How it could be used to track your personal network of friends, family and acquaintances.
  • Google's Map – How it could be used to track down your home and work location, your family and friends, travel plans and intentions.
  • Mobile – How cell phones plays a major role in one's privacy breach using Google's application. AdSense and DoubleClick - How these advertising tools can trace you around the Web.

Google has now become an integral part of our lives. It is not uncommon to hear references in casual conversation when someone questions us about something and we are unsure about it, we use the phrase ‘Just Google It’. Just imagine how much information over the past ten years we have poured into the hands of Google, which collected over time can paint a very accurate picture of ourselves on its servers.

The book focuses specifically on Google. However, the security issues detailed are just as relevant to Yahoo, MSN, AOL, Ask and the more than 50 other search engines. Have you ever give a thought what would happen when you submit your sensitive information to Google or to any other online company? And if it could

get spilled, lost, taken, shared, or subpoenaed and later used for identity theft or even blackmail? If no, then you should. This book is a wake-up call to get ourselves aware and a “how-to” self defense manual.

Review Summary

Chapter 1 “Googling” is an analysis of Google and its application. It also gives an outlook of how users reveal their information utilizing tools provided by Google. Conti says “Google is arguably the most powerful because of its wide range of popular free tools, top-tier intellectual talent, nearly infinite data storage, financial resources, and information-processing capabilities. Most important, however, is the information that Google captures as we use its wide range of popular free tools. Information is slippery, and it can be lost, taken, or deliberately disclosed.”

Chapter 2 “Information Flows and Leakage” talks about how your information is capable of transferring from one medium to another by means of network drives and other hardwares .

Chapter 3 “Footprints, Fingerprints and Connections” provides you the insight on how you leave your information for Google to trace you. Google and other online companies log what can be logged. Google does not provide any specific time estimates as to how long will they keep your information since they say 'We keep the information as long as we think its useful'. According to the author “Initially, this cluster will be anonymous, but over time, often a very short period of time, the sum of these can reveal the identity of users themselves or uniquely identify them when they appear on another, previously unused computing device”.

Chapter 4 – 6 examines the risks associated with major classes of online tools, including search, communication, and mapping. According to the author “Google has the power to make people disappear from the electronic universe, shape public perception, and blackmail world leaders and individual citizens. This power is ceded by each use of online free tools. Search is the core of Google's power and the key way we relinquish control over our destinies, one query at a time”.

Chapter 7 “Advertise and Embedded Content” Conti summarize this chapter as “Web browsing isn't a one-to-one conversation with a single web site. Instead, embedded content such as maps, images, videos, advertisements, web-analytics code, and social networking widgets immediately disclose each user's visit to a third party when that user merely views a page in his or her web browser”.

Chapter 8 “Googlebot” This chapter talks about Googlebot and its functionality. Googlebot is Google’s web crawling robot, which finds and retrieves pages on the web and hands them off to the Google indexer.

Chapter 9 “Countermeasures” This chapter talks about the countermeasure that can be taken to reduce the impact of information disclosure. It also discuss the technical aspect of security as to what tool and techniques can be used to add a layer to your security.

Chapter 10 “Conclusions and a Look to the Future” analyzes current trends and illustrates what future risks could lie ahead.

Conclusion

H.L.Mencken once said “The average man does not want to be free. He simply wants to be safe.” It would be unfair to say that Google does not protect the information we provide. “It is one of their valuable assets, so protecting it is clearly in their best interest to do so” . But information is a slippery thing. There is a saying in the security community that says 'Services can be fast, cheap, or secure (choose two).'

Since there are no free lunches available in this world and online companies provides us free online tools and we pay the price of our priceless confidential information unintentionally. Achieving security is a moving target and absolute security does not exist. However, precautionary measures can be taken to ensure a better security.

Besides other informative content, the most interesting thing I have found in this book is the way Greg Conti has translated the License Agreement in simple words that can made your eyes wide open. After reading this review you may comment that apparently I used Google against Google. But thats not true. I like and use Google services as much as the next guy that even my browser's Home Page is configured to Google, but their ultra-secretive habits make me very wary of them.

Comments
Dont think soWritten by Prajith on 2009-02-24 06:48:46
Yes, google is exploited much these days, but I think it is just because the security measures that they provided are not utilized properly. Google is just collecting information that is publicly available. 
 
i want to a users ip addressWritten by keerthicharan on 2009-03-05 03:05:11
hi im charan and im in love with a girl she deleted me and i want to whether she is online or not
Tracking is not publicly availableWritten by Debian Rules on 2009-04-09 03:53:04
'Google is just collecting information that is publicly available' 
 
No, it is not. 
 
Google collects and harvest a lot of information that isn't publicly available. 
 
V.g, tracking, even using your home router.
Google knows all..Written by magikh0e on 2009-04-29 22:08:10
Wonder how many people google their own names after reading this ;D

Only registered users can write comments.
Please login or register.

Powered by AkoComment!