Someone at Google is flunking security ergonomics

June 22, 2012

User experience, starting a few weeks ago:

Using the Little Snitch firewall, a program called “ksfetch” wakes up every hour or so, asking for permission to connect to the world.
I check to see that it is Google software update related, decide that is okay, and give it eternal permission.
A little while later, even though it has eternal permission, I am bothered again. And again, and again, and again, and again, and again.

What’s happening is that the Google Software updater (“Keystone”, apparently) frequently writes out a new version of ksfetch, and because it is a new application, firewalls like Little Snitch decide that it has not been approved for access. Why this fails security ergonomics is that it is very annoying, and it trains people into the bad habit of automatically approving access by anything named “ksfetch”; if I were writing a virus, I’d be sure to call it “ksfetch”.

You can see people attempting to figure this out on a Google product forum here. There’s one reply from someone who might be with Google, but they’re clearly not getting it.

8 Responses to “Someone at Google is flunking security ergonomics”

  1. psteckler Says:

    Of course, a better name for this program would be “kvetch”.

  2. pbchase Says:

    How about ‘ksnitch’?

  3. Gary Hillis Says:

    So change the update interval. To change it to once a week (604800 seconds), in Terminal enter: defaults write com.google.Keystone.Agent checkInterval 604800

  4. Bernhard Says:

    u can get rid of this by

    defaults write com.google.Keystone.Agent checkInterval 604800

  5. Fred Says:

    I’m on a Mac, and get this: although I deleted google chrome AND the googlesoftwareupdate directory, and blocked google earth from accessing, KSFETCH is STILL attempting to connect. So the obvious question is: where the f*ck does it reside. Anyone got an idea, I’d be happy to learn.

    • dr2chase Says:

      What works well enough is the advice in two comments above — change the checkInterval to a long time, like once a week (or more, doing the obvious math). If you need to get an update, clicking “About Google [whatever]” from the menu bar fires up ksfetch then and there, and presumably you okay that.

      Another option that I saw I think on the google discussion of this problem is to allow ALL applications to access the Google update servers; presumably, that is not a useful website for Bad Guys to access.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: