Home

Someone at Google is flunking security ergonomics

June 22, 2012

User experience, starting a few weeks ago:

Using the Little Snitch firewall, a program called “ksfetch” wakes up every hour or so, asking for permission to connect to the world.
I check to see that it is Google software update related, decide that is okay, and give it eternal permission.
A little while later, even though it has eternal permission, I am bothered again. And again, and again, and again, and again, and again.
WTF?

What’s happening is that the Google Software updater (“Keystone”, apparently) frequently writes out a new version of ksfetch, and because it is a new application, firewalls like Little Snitch decide that it has not been approved for access. Why this fails security ergonomics is that it is very annoying, and it trains people into the bad habit of automatically approving access by anything named “ksfetch”; if I were writing a virus, I’d be sure to call it “ksfetch”.

You can see people attempting to figure this out on a Google product forum here. There’s one reply from someone who might be with Google, but they’re clearly not getting it.

Posted by dr2chase
Filed in Bug reports
8 Comments »

8 Responses to “Someone at Google is flunking security ergonomics”

  1. psteckler Says:

    June 22, 2012 at 6:25 pm

    Of course, a better name for this program would be “kvetch”.

    Like

    Reply
  2. pbchase Says:

    June 22, 2012 at 10:50 pm

    How about ‘ksnitch’?

    Like

    Reply
  3. Gary Hillis Says:

    June 26, 2012 at 1:04 pm

    So change the update interval. To change it to once a week (604800 seconds), in Terminal enter: defaults write com.google.Keystone.Agent checkInterval 604800

    Like

    Reply
  4. Bernhard Says:

    June 30, 2012 at 3:39 am

    u can get rid of this by

    defaults write com.google.Keystone.Agent checkInterval 604800

    Like

    Reply
  5. Fred Says:

    July 28, 2012 at 6:55 pm

    I’m on a Mac, and get this: although I deleted google chrome AND the googlesoftwareupdate directory, and blocked google earth from accessing, KSFETCH is STILL attempting to connect. So the obvious question is: where the f*ck does it reside. Anyone got an idea, I’d be happy to learn.

    Like

    Reply
    • dr2chase Says:

      July 28, 2012 at 7:08 pm

      What works well enough is the advice in two comments above — change the checkInterval to a long time, like once a week (or more, doing the obvious math). If you need to get an update, clicking “About Google [whatever]” from the menu bar fires up ksfetch then and there, and presumably you okay that.

      Another option that I saw I think on the google discussion of this problem is to allow ALL applications to access the Google update servers; presumably, that is not a useful website for Bad Guys to access.

      Like

      Reply

Leave a reply to Bernhard Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.