Comments on: Security holes in Google Desktop Search fixed http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/ Jesse Ruderman on Firefox, security, and more Tue, 06 Jan 2009 21:15:05 +0000 http://wordpress.org/?v=2.5 By: Jesse Ruderman http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/#comment-1473 Jesse Ruderman Mon, 25 Jul 2005 10:25:57 +0000 http://www.squarefree.com/2005/05/05/security-holes-in-google-desktop-search/#comment-1473 It hasn't been fixed, but David Baron has been working on it on and off. See https://bugzilla.mozilla.org/show_bug.cgi?id=147777. It hasn’t been fixed, but David Baron has been working on it on and off. See https://bugzilla.mozilla.org/show_bug.cgi?id=147777.

]]> By: Felipe Gomes http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/#comment-1469 Felipe Gomes Mon, 25 Jul 2005 06:53:11 +0000 http://www.squarefree.com/2005/05/05/security-holes-in-google-desktop-search/#comment-1469 Jesse. what was the solution for bug 57351? It seems like a hard problem to solve.. Jesse. what was the solution for bug 57351? It seems like a hard problem to solve..

]]> By: Adam http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/#comment-1467 Adam Mon, 25 Jul 2005 01:48:32 +0000 http://www.squarefree.com/2005/05/05/security-holes-in-google-desktop-search/#comment-1467 You don't need a hosts file like that if you have Adblock You don’t need a hosts file like that if you have Adblock

]]> By: David 'Zanchey' Adam http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/#comment-1456 David 'Zanchey' Adam Mon, 18 Jul 2005 13:39:55 +0000 http://www.squarefree.com/2005/05/05/security-holes-in-google-desktop-search/#comment-1456 Jesse - "Firefox, Windows XP, the Windows XP firewall, or my ISP could prevent "external" DNS names from resolving to "internal" IP addresses.like 127.0.0.1." If Firefox and Windows XP did this (and possibly the firewall), you'd break those wonderful hosts files filled with ad-server to 127.0.0.1 mappings (misguided though they might be). I think the first suggestion, GDS rejecting requests that don't have a host header of localhost or 127.0.0.1, is the better one. Jesse -

“Firefox, Windows XP, the Windows XP firewall, or my ISP could prevent “external” DNS names from resolving to “internal” IP addresses.like 127.0.0.1.”

If Firefox and Windows XP did this (and possibly the firewall), you’d break those wonderful hosts files filled with ad-server to 127.0.0.1 mappings (misguided though they might be).

I think the first suggestion, GDS rejecting requests that don’t have a host header of localhost or 127.0.0.1, is the better one.

]]> By: Larry Page http://www.squarefree.com/2005/07/17/security-holes-in-google-desktop-search/#comment-1455 Larry Page Mon, 18 Jul 2005 10:53:45 +0000 http://www.squarefree.com/2005/05/05/security-holes-in-google-desktop-search/#comment-1455 Just what was the objective behind this post? So you could claim some credit? Happy Ego Trip! Just what was the objective behind this post? So you could claim some credit?

Happy Ego Trip!

]]>