A clever hacker has discovered a vulnerability
in Google Desktop
, exploiting a man-in-the-middle attack that could lead to someone becoming unknowingly compromised. It is a somewhat complicated attack and would require that the attacking person would have access to your local network or some other way of accessing data being transmitted between you and Google's servers:
Regardless of its difficulty, it brings out a good point in that the more integration between a desktop and a remote server, the higher the chance of something going wrong, especially with unencrypted data. That's not what companies like Google and Microsoft want to hear, who are pushing for web applications and even remote work environments as a next step in desktop and office computing.
Google has their own security team, and doubtless they'll be looking at this problem. While I disagree with the assertion that models like Google Desktop are flawed, there's clearly room for improvement and risking personal security is definitely not something Google wants to get a name for.