The user experience
I like Google’s tools. I use GMail and google. My Find It! Keep It! tool provides shortcuts to Google’s web, book, froogle, news and scientific paper searches. So I downloaded Google’s desktop mac hoping for a faster Spotlight.
Like the folks at TidBits, I found it slowed down my computer significantly when indexing my drive. However one can turn it off using the System Preferences panel it installs. Like that I can let it index stuff at night.
Press Command twice and a search panel shows up, which will show the first 10 results. To see more, your browser will be opened to display the results as page that looks like google’s generic search page, so it’s running a small web server.
It runs as root, and does not respect your update statistics settings
Google Desktop installs itself as root: the index is at /Library/Google/Google Desktop/Index/(some directory which only root can access). This means it can access anything on your machine and do anything it likes. It doesn’t need to and on a first date, I don’t trust anything that much. Every user on the machine will have their content indexed, even if they don’t agree. You could say that Spotlight also runs as root, but people using an operating system written by Apple do have to trust Apple.
If you choose to enable Usage Statistics on Google Desktop, it allows Google Desktop to send crash reports and to collect a limited amount of non-personal information from your computer and send it to Google. This includes summary information, such as the number of searches you do and the time it takes for you to see your results, and application reports we’ll use to make the program better.
Well I didn’t, but Little Snitch tells me that a program called StatsUploader wants to talk to dc-in-f99.google.com every 30 odd minutes so. I happen to trust Little Snitch as I used it to help me make sure that Find It! Keep It! wasn’t loading anything from the Internet (unlike most other “internet page saving solutions”, such as those that use WebArchives).
It silently installs an Input Manager
Find It! Keep It! crashed, and the crash started neither Apple’s CrashReporter nor my built in CrashReporter which is extremely odd. Given my past bad experience with Input Managers, I used Find It! Keep It!’s input manager panel to see whether I had acquired a new one. Indeed I had. It lurks in /Library/InputManagers/GoogleModLoader.
Now this bothers me. I did NOT agree to have an InputManager installed. InputManagers in /Library/InputManagers are loaded into EVERY application running on the computer for every user. So what the #!$! does it do? Simply running
in the Terminal tells us that it loads modules.
Further investigation using OTX shows that indeed it crawls a Google/Mods directory and loads modifier bundles into the applications specified by the key GoogleModTargetApplications in some dictionary somewhere. It also appears to do a fair amount of stderr, debugging, pthread and system logging.
If you attach gdb to a running copy of Safari, you can see that SafariSearchResults.gmod and SafariWebHistory.gmod from /Library/Application Support/Google/Mods/ are now loaded by typing info sharedl. One thing they do is to add a new item to your google searches: “About 34 results stored on your computer”. I’m guessing that SafariWebHistory allows pages you just visited to be found with google desktop.
Nevertheless, Input Managers should not be installed silently. They can easily cause system instabilities and this particular mechanism could be diverted by third parties to install unauthorized gmods in a place no one knows about: a big security risk. Given the furore over Unsanity’s Smart Crash Reporter, I’m surprised Google installs this. It’s not like anybody worries about Unsanity’s secret plans of world domination.
It also installs a Kernel Extension
John Gruber over at Daring Fireball found where the injected code lives and noticed that they’re also installing a kernel extension!
Again kernel extensions aren’t something that should be installed silently as they could very easily impact the system’s stability.
For instance, it includes the nice message “socred_fini() failed, which is a known bug with Apple’s socket filters. Sorry but you have to reboot”.
cd /Library/Google/Google\ Desktop/GoogleDesktopDaemon.bundle/Contents/Resources
sudo strings GDFSNotifications.kext/Contents/MacOS/GDFSNotifications
I’m have no idea what its doing with the sockets, but a guess would be that they might need something like that to inform Google Desktop when a file changes to reindex it or for their snapshot capability.
Hopefully future versions of Google Desktop will respect user preferences, clearly request the right to install any Input Managers and allow paranoid people like me to give it limited permissions (eg: a single user’s permissions). Alternatively they could release its source code, as they have done with MacFUSE so that we know what it’s doing. In the mean time, I’m uninstalling it.
Hopefully Leopard will draw attention to Input Managers which will prevent nasty surprises. That’s not to say they’re all bad. They just shouldn’t be installed without a user’s consent.
Changed on Thursday 5 April to add some more information, and clarify it