Removing Widgets and Google widgets

[Georgetoon]

When installing some Google widgets, a message comes up with a warning of sorts.  when i went to install A Google Dictionary widget, it stated::

Google has not tested or verified the features or security of this third party Gadget. Please confirm that you want to install:

Dictionary
http://bobtxt.googlepages.com/eDictionary.gg

Description: Dictionary from Dictionary.com

Required permissions:
  Reads content of local files and directories
  Creates or modifies local files and directories
  Queries or modifies the status of hardware devices
  Accesses network
  Accesses personalization data
  Executes native code and local applications

Well, i have a couple of thee installed. How safe are they?  If they are not safe (or questionable), how do I remove the from my Widget app?

[T6]

i never installed google widgets so this could be useless for you

/home/thenameofyouruser/.kde4/share/apps/plasma/plasmoids

contains plasmoids installed in your system, different from the ones that came with kde4

could also contain the widgets from google

edit:  yes, there you will find the widgets

i just installed one and made crash plasma so unsafe because all was fine for four months until i installed one

about the list, i remember a post talking about how to remove the entry but couldn't find it

[Georgetoon]

i never installed google widgets so this could be useless for you

/home/thenameofyouruser/.kde4/share/apps/plasma/plasmoids

contains plasmoids installed in your system, different from the ones that came with kde4

could also contain the widgets from google

edit:  yes, there you will find the widgets

i just installed one and made crash plasma so unsafe because all was fine for four months until i installed one

about the list, i remember a post talking about how to remove the entry but couldn't find it

Thanks!:) I found the location, thanks for the directions. I'll continue to look for the previous post you mentioned. seems to me there has top be a way of removing widgets.

[T6]

i'm currently experiencing other problems that seems to be a lack of design in kde, something that wasn't working in kde3 either, between other details still not working fine in kde4(problem migrated from kde3)

i have searched but there is not a way yet, no idea if kde 4.4 improves this

to remove these items from the widget list you need to remove the corresponding files in

/home/thenameofyouruser/.kde4/share/kde4/services

it should a icon representing the widget you just deleted with the name.desktop

i'm sorry i didn't posted this but i had a system lockup(another unrelated abandoned post) so i forgot to post it

[Georgetoon]

I posted to KDE.org's forum. I'll post here when they answer.

thanks again for your help.

[Georgetoon]

KDE.org's answer:

As with anything installed from the internet, it could be Malicious. In the case of the example above, assuming it functions it is probably safe. However the list of permissions requested is quite high.

Now, I'm a bit concerned.

Google, however, disputes Hansen’s theory of it’s “vetting process for gadgets”.  They stated that it regularly scans all of their gadgets for malicious code, and in the “very rare” case where one is discovered, they immediately blacklist it. They also go on to state that they have not added any new “inline” gadgets since November of 2007.  Inline gadgets are those which have access to user account information. They also explain that authors of any existing inline gadgets are not able to modify them in any way.

I'm not at my PCLinuxOS system at the moment....but I believe I installed A WikiPedia Search, a quotes.com gadget and an analog clock.

How am I to know these are malicious, if they are?

[T6]

they did answered!   

this is the old same concern with linux, windows and virus

in windows a unknown app not being detected by the antivirus will basically do a party in your pc, virus, rootkit, malware, spambot, fake ativirus scam and other tricks that a windows machine let happen for his insecure nature, everyone, even under user account can install and run almost every app they want, not the case on linux

as you know, linux will require root privileges for important stuff, this kind of apps are powerful but encapsulated on linux

a direct attack to your machine form this kind of apps is not common but not impossible

it is the same situation with firefox addons, you don't know who developed it, don't know if it does more than what you know or need

this days is hard to trust on anyone isn't?

for me, i loaded two google widgets and plasma crashed so my advice for you is don't rely on google widgets but if you have a real use for a specific widget, test it, monitor it to see what it does

other than that, i don't see how to trust on a app i can't see the source code or find someone who guarantees the security state of the app and to be honest, i don't like google in general 

[Georgetoon]

it is the same situation with firefox addons, you don't know who developed it, don't know if it does more than what you know or need

Good point!  I've got many, many Firefox add-ons!  It's the same situation!

the Google Gadgets I installed work very well.  Again, nothing complicated and I don't think they are malicious. however, I'm not going to install any others.  i did query the Google forums, so I hope to get an answer there regarding security.

Thanks again.

[T6]