Google Desktop Search is useful enough for me to keep it installed, but I wouldn't say that it works well.
- The file I'm looking for is often missing from Google Desktop Search's index. Even the filename is missing. I can't tell if it decided to skip the file because of its extension, contents, location, or changed-on date. Sometimes touching the file gets it indexed, but sometimes it doesn't.
- It "caches" old versions of files often enough to take up disk space unnecessarily, but not often enough that I can rely on it for a revision history when I break something.
- Since Google Desktop Search is slower than www.google.com, leaving "Show Desktop Search results on Google Web Search result pages" checked makes it slow down web searches.
- It gets much slower if I add num=100 to the URLs. A search with num=100 usually takes 3 seconds. This would be ok if it streamed the results, but I just don't see anything for 3 seconds. (There's no UI for adding num=100, so it's not really fair to complain.)
- "Show Desktop Search results on Google Web Search result pages", which is checked by default, elevates any XSS hole in www.google.com to a read-my-files hole.
- Google Desktop Search uses an interesting scheme to mitigate XSS and CSRF holes: it includes a hash in every URL, even the root. The hash includes the path and sometimes includes the query parameters. If the hash is missing or doesn't match, it returns "Invalid Request".
- Clicking a link to an .exe file in search results runs it without any warning.
- The web site doesn't mention the current version number. The program doesn't have a "Check for upgrades" link, and if checks automatically, it makes no indication of that fact.
- Any web page can detect whether you have Google Desktop Search running by loading an image (or perhaps any URL) from http://127.0.0.1:4664/.
- The index is stored in a predictable location. "File upload holes", which let sites read your files if they know the filenames, are common in web browsers. File upload holes that require no user interaction are usually fixed quickly. But file upload holes that do require user interaction are not always fixed quickly. Two file upload holes requiring user interaction that I reported in 2000 are still present in IE and Firefox.