icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Gmail File System Detection

Medium

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote client is using the Gmail File System (GmailFS), an application that allows users to use their Google email account as a virtual drive. Users can treat the GmailFS as if it were an additional drive within their computer. They can drag-and-drop files into the drive. There is an inherent risk with 1) storing data on a public mail server 2) passing data to/from the public mail server in plaintext and 3) allowing anonymous users to possibly inject files into the virtual file system.

Solution

Ensure that the use of Gmail File System aligns with your organization's acceptable use and security policies.