I've always had a bad feeling about google desktop, the application that enables things like searching your computer with google. It just seemed to me very difficult to make an app like that completely secure, and the functionality it provides doesn't seem worth the risk. At least, not yet.

This week, a security expert showcased a CSS-related security hole that allows a would-be intruder to use Internet Explorer to access the information on your computer and execute remote commands via Google Desktop.

In all fairness, despite my concern I can't really blame the desktop app. According to the article, the flaw isn't in Google's product per se; it's in Internet Explorer. In addition to Google Desktop, the exploit could be used to access any number of other applications that use a similar setup.

-Posted by Dave