Just found out about GoogleUpdate, a Google service that installs itself to check for updates to local Google installations continuously. I’m not entirely certain how often it checks, but I’m the kind who thinks checking for updates while the application is running should be enough… Shouldn’t it?

It basically ninja-installs itself as soon as you install a Google application (in my case, after a Google chat trial with David) and doesn’t really have an uninstaller. It came back even after I killed the process and disabled the service, because there were some extensions still active in Firefox; it appears to have given up now.

Some useful links: The invisible GoogleUpdate.exe, How to remove Google update.

While trying to figure out why my Mom’s iPod wouldn’t update to 1.3, I fired up Wireshark hoping to find out if iTunes was communicating with the old Win2K laptop. It turned out it wasn’t, so it looks like I’m going to have to plug it into the WinXP box to update it (worked last time, cross your fingers for me, please).

But the interesting fact is this: while looking at the updating list of requests and responses, I noticed a call to a Google domain was made, namely sb.l.google.com, in spite of the fact I wasn’t making a search, nor using GMail at the time. The request, of the form GET /safebrowsing/update?client=… came up again a few times.

It turns out Firefox makes use of the Google SafeBrowsing API (sb stands for SafeBrowsing), and calls it at intervals (in the first 5mn after browser launch, then within 15-20mn, then every 25-30mn is recommended) to update a database of domains suspected of phishing. It appears no request is made to the server while you’re browsing, Firefox stores the list locally and checks against it when you request an URL, then adds a warning just under the tabs if a domain is considered untrustworthy. It also pushes data to Google SB when it encounters a website that might be missing in the database.

This isn’t new. The inclusion of the API was introduced in Firefox’s code trunk in 2006, and back then, the Mozilla team pondered whether it would end up serving as a base for anti-phishing. Well, it did. And that’s news to me.

Personally, I have a little issue with this feature. Even if Google does the right thing and totally separates data, Firefox on all my computers essentially tells Google whenever I open and close a browser window. This information is marginal as far as privacy, but it’s yet another piece of personal information that ends up on Google servers.

Moreover, I usually can tell phishing requests rather easily on my own without requiring assistance. I disabled the tool by unchecking the “Tell me if the site I’m visiting is a forgery” option in Tools – Options – Security.

By the way, Wireshark 1.0 has just been released. A great tool to peek into the innards of your system’s communications.