System7

Spread the word, information is free.

Archive for category google

DNS Performance & Security…

Jun 11

Posted by The Gunslinger in google, news, security | No Comments

I’ve gotten tired of Road Runner’s DNS redirection/hijacking service which I opt out of yet it keeps coming back.  I decided to do some DNS benchmarking, comparing my assigned ISP name servers against publicly provided DNS such as Google.   The results were very surprising.  It turns out I have less latency and hops reaching some of the publicly available DNS servers instead of those provided by my ISP (the servers actually resolve lookups faster).

Here’s what I did:

  1. Download and run DNS Benchmark (Windows or Wine): http://www.grc.com/dns/benchmark.htm
  2. Add your ISP assigned DNS servers into the DNS benchmark tool for comparison (Windows: ipconfig /all  Linux: cat /etc/resolv.conf)
  3. Load any additional public DNS servers into the tool: publicly provided DNS
  4. If public DNS is faster, configure your machine for hardcoded DNS (not to pickup from DHCP).

Coincidentally, Symantec has just released their own version of a public DNS that provides malware filtering.  You can read The H article here.  Symantec’s “secure” DNS servers are 198.153.192.1 and 198.153.194.1

Tags: ,

Google beta’s SSL for web searches

May 24

Posted by The Gunslinger in google, news, privacy | No Comments

According to this H article, Google is beginning to beta a new feature of providing SSL for their standard web search service. As one commenter noted, Google is still collecting the same information from your searches but this will limit 3rd parties from eavesdropping on your search queries. Remember SSL doesn’t guarantee absolute privacy as there’s Moxie Marlinspike’s work, chance of CA intermediaries, and your employer loading their own trusted CA’s into your corporate devices.

Tags: , ,

Google & Privacy

Apr 16

Posted by The Gunslinger in google, news, privacy | No Comments

Bruce Schneier recently posted an article about the erosion of privacy.  Specifically how the social networking sites are accelerating this “privacy decay.”  Along with attacked social networking sites he through in Google.  I just came across an interesting Forbes article where a Google engineer rebukes Schneier. You can find that article here: http://www.forbes.com/2010/04/12/privacy-facebook-gmail-technology-security-google.html

Two interesting tidbits in the article are Google’s privacy control pages which you may not be aware of:

  1. Google Dashboard – Control your Google privacy settings for all of google’s applications
  2. Ads Preferences Manager – Control whether ads are tailored to your viewing habits or not.  You can opt out here.  *Warning this site sneakily redirects through doubleclick.net — bastards!

Try something new…. AskEraser….

Nov 13

Posted by The Gunslinger in google, privacy | 1 Comment

I’ve been looking around for a new search engine besides Google.  I’m worried about giving them all the business and their privacy policy scares me.  They’re collecting more and more of our information and no one seems to notice.  (Take a look at Google’s new Dashboard if you want to see what they’re collecting on you)  I’ll admit, I haven’t started running my own MTA again but I’m getting close. Do you want my public key?  I hope you have one.  There’s guys in Utah and St. Louis looking through your email contents as I write this….

Anyways…back on track….

It’s not the easiest task comparing privacy policies even if you limit your search to the big players (google, yahoo, bing, baidu, ask, altavista).  Besides Scroogle which is a Google proxy — returning scrubbed results cookie free, most of the large search engines are very similar with their policies.  They all store some type of tracking cookie and say they can use this to target specific advertisements towards you and or share with third parties.  HOWEVER, all is not lost, I did come across the Ask.com AskEraser.  Navigate over to Ask.com and in the top right corner you’ll see “AskEraser On | Off”  turn this guy and check your cookies for yourself….it does make a difference…

When enabled, AskEraser will completely delete your search queries and data from Ask.com servers, including: your IP address, User ID and Session ID cookies, as well as the complete text of your search query–all within a matter of hours,

We’ll have to take Ask’s word that they’re actually removing our search data from their servers unless someone has a better idea?  Raid one of their NOCs on a Friday night hoping to bribe the night security guard with a pizza and a hooker? (maybe the pizza and a mountain dew would be enough)

Google Hacking

Jul 15

Posted by The Gunslinger in google | No Comments

Google hacking has been around for a while but unfortunately it is still very relevant.  Basically because the Google crawler is so powerful you can use this to your advantage to discover sensitive data.  You can find password files as well as locating vulnerable versions of web servers, forum software, etc….

Google hacking database: http://www.hackersforcharity.org/ghdb/

Google Wave

Jun 14

Posted by The Gunslinger in google, news | 1 Comment

At the recent Google I/O conference in San Francisco the next big Google project was announced, Google Wave.  Imagine being able to instant message and collaborate with multiple people in real time.  Now chat rooms have been around for a while real time collaboration is a new concept. Wave is so much more than an IRC chatroom; Wave allows users to include rich media in the conversations as well as adding people on the fly.  You can add users to the “Wave” at anytime.  New users added to a Wave can then “Replay” the Wave to see what they missed. A Wave is built using a tree structure which allows for the replay.

Imagine having a blog + chatroom + flickr all with collaborative “wiki” abilities.  I’ll be the first to admit it is difficult to wrap your head around.

Definitely check out the developer preview video here.