There are lot of people that think the new Google Desktop is great and revolutionary. However, there are several things wrong with it that make me stay away from it. Here's the short list (in no particular order):
- It hooks up WinInet.dll. Hooking up system level component and intercepting all incoming/outgoing traffic on my machine has nothing to do with my desktop search. (Btw, it's amazing how many antivirus programs Google Desktop is incompatible with because of this)
- They inject desktop search information in the Google web search results. While this might seem like a reasonable thing to do, it also means I should now be aware that when I do web search with somebody over my shoulder that I might be divulging private information.
- Google desktop can be installed only as admin. The only reason I can think of for this limitation is the WinInet.dll hooking up. I want desktop search to search my files - files that belong to me and I have exclusive access to them. I shouldn't have to be admin to search my data.
- It can be used only by the user that installed it. This means non-admins can't use it. That alone rules it out from my home machine, where admin user is logged only for Windows Updates and application installations.
- It can be installed by one user only. Another reason I can't use it at home, where my wife and I have separate accounts. What, Google doesn't think people are entitled to their own privacy on computers?
- It uses the browser as interface. Webpage is probably not the best way to list couple of thousand search results now, is it?
- It uses the browser as interface. That means that any search strings in the Google Desktop will show up in the Google.com page if you double-click on the Search for text box and you have Autocomplete for Forms enabled in the browser.
- It runs a webserver on your box. While it's supposedly listening for localhost requests only, it still means that every malicious webpage out there can possibly access it and do post back with the results to their server. A Java applet, for example, with 1px UI. Also, what are the chances that the desktop search page doesn't suffer from the same XSS exploit the main Google page suffers from? (You can search for Google Desktop Exploit on Google)
- It makes copies of your browser cache without warning me about this or giving me any option to clear its cache as well when I want to clear the browser cache. I have not tried this with Outlook email, but I wouldn't be suprsied if they do it for email as well. Btw, if they do it, it might be in direct violation of the email retention policies of some companies. (Of course, IANAL disclaimer aplies)
- It installs as a browser extension. Hm, I wonder why that is if it has hooked up WinInet.dll anyway.
- There is no way to limit the size of the Google Desktop index.
The list above is compiled from half a day looking at it. There might be other issues or plain wrong things with Google Desktop that I missed or overlooked. I'd be interested to hear what else people found out they don't like about Google Desktop.
Everybody knows that Google Desktop index all messages from AIM. It’s not really news in itself. The thing that most people don’t know is that if you turn off the logging property of your AIM it seems that Google Desktop index your messages anyway.
I know I can turn off indexing AIM in Google Desktop Preferences. But I shouldn't have to make my privacy choices there. I am aware that I've already made the explicit chioce of allowing Google to index my AIM chats. However, that does not implicitly allow Google Desktop to search my whole network traffic. The privacy preferences of the primary program that produces the indexed data SHOULD be respected. It's that simple.
Update 2: Removed the rethorical question about adding a keyboard logger. I want to keep this post just as a list of things that bug me in Google Desktop. I can talk about my paranoia in other posts. :-)