http://news.yahoo.com/news?tmpl=story&cid=1093&ncid=1093&e=4&u=/pcworld/20050802/tc_pcworld/122066

Getting In Via Google

Although security software can identify when an attacker is performing reconnaissance work on a company's network, attackers can find network topology information on Google instead of snooping for it on the network they're studying, he said. This makes it harder for the network's administrators to block the attacker. "The target does not see us crawling their sites and getting information," he said.

Often, this kind of information comes in the form of apparently nonsensical information--something that Long calls "Google Turds." For example, because there is no such thing as a Web site with the URL "nasa," a Google search for the query "site:nasa" should turn up zero results. Instead, it turns up what appears to be a list of servers, offering an insight into the structure of the U.S. National Aeronautics and Space Administration's internal network, Long said.

Combining well-structured Google queries with text processing tools can yield things like SQL passwords and even SQL error information. This could then be used to structure what is known as a SQL injection attack, which can be used to run unauthorized commands on a SQL database. "This is where it becomes Google hacking," he said. "You can do a SQL injection, or you can do a Google query and find the same thing."

theres lots more on the site.......

Eca, please pardon my ignorance.

I didn't see anywhere in the article you linked where it mentioned toolbars. Nor, to me did it imply that using toolbars was a security risk.

If I missed something please point it out.

m

Tool bars are designed to let THEM advert and track your progress in searches. There is a small backdoor in them to let this happen.
It really dont take much to monitor whats happening, and them find the protocols to use it. Thats what the artical is about.
Using the Search ability of the toolbar, logs your search. then they can suggest other location for advert. Its then stored.

Another point, is that Advertisers are NOT nice, they will do anything to get onto your computer. They can make an advert/popup that installs what THEY want. Google, DT,... no one is safe. And a hacker/spammer would love it, as you may WANT that 1 advert/popup and not block it.

One thing many dont understand..ANYTHIGN that shows/displays on your machine must be placed in ram or on hard drive. Once there, it has ALOT of options of what it can or cant do, but IE really dont care. ActiveX and Java can do almost anything on your computer.

What I got out of the article was that specifically desgined querries on the google website would reveal information about SQL servers (most of which probably don't have any toolbars installed).

Google toolbar has the option to turn off any information being sent back to google.
When you get right down to it a toolbar, or any software for that matter is made by people who are either malicious or there not. In the case of google toolbar I sincerally doubt that they are doing any tracking other than what they cleary state in their EULA (which you can disable if you choose).

Regardless, I have never had an ad delevered to me by google other than the sponsered links on their website.

I am sure most people are monitored much more through cookies they allow than any legitimate toolbar they may have installed.


m