Google Toolbar Vulnerable ! (CastleCops)
Google Toolbar, is one of the latest utilities able to permit a hack attack and allow intruders to deploy malicious applications. Aviv.Raffon has reportedly found a way to exploit a Google Toolbar vulnerability.
Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button. This can allow an attacker to convince the users that his button comes from a trusted domain. This button can then be used to download malicious files or conduct phishing attacks (e.g. show a login form of a bank).
Google has acknowledged this and are already working on a fix. Until a fixed version is provided, it is suggested that you avoid adding new buttons to the toolbar.
More at Source
Monday, December 31, 2007
Thursday, December 27, 2007
Google Knol: Not Setting the World On Fire
(Seeking Alpha)
Google (GOOG) has become the new EF Hutton: when it speaks, people listen. So when I first heard about Google Knol I was curious and intrigued: a true competitor to Wikipedia? A new spin on expert networks? An easier way to discover high value content? These are all areas about which I have a high degree of interest and some degree of knowledge.
But after reading the description on the Official Google Blog and thinking about it here is what I've concluded: NO BIG DEAL. Unless I am missing some big conceptual point here (which is always possible, of course), I don't see any benefits to creators of high-value content that don't already exist - and are perhaps manifest in better ways - through personal blogs and message forms, vertical search engines and Wikipedia.
(Seeking Alpha)
Google (GOOG) has become the new EF Hutton: when it speaks, people listen. So when I first heard about Google Knol I was curious and intrigued: a true competitor to Wikipedia? A new spin on expert networks? An easier way to discover high value content? These are all areas about which I have a high degree of interest and some degree of knowledge.
But after reading the description on the Official Google Blog and thinking about it here is what I've concluded: NO BIG DEAL. Unless I am missing some big conceptual point here (which is always possible, of course), I don't see any benefits to creators of high-value content that don't already exist - and are perhaps manifest in better ways - through personal blogs and message forms, vertical search engines and Wikipedia.
Thursday, December 20, 2007
8 bold predictions on Google's next moves
Insiders offer their insights on the Internet behemoth.
(Computer World)
December 20, 2007 (Computerworld) -- There's little doubt that Google Inc. is indeed king of online media. In August 2007 alone, Google captured 57% of worldwide market share among search engines, with more than 37 billion search inquiries, according to analyst firm comScore Inc. in Reston, Va.
Add to that a mind-boggling stock price of $711 per share on Nov. 5. Not surprisingly, this dominance has led to endless rumors about where Google is headed next.
Insiders offer their insights on the Internet behemoth.
(Computer World)
December 20, 2007 (Computerworld) -- There's little doubt that Google Inc. is indeed king of online media. In August 2007 alone, Google captured 57% of worldwide market share among search engines, with more than 37 billion search inquiries, according to analyst firm comScore Inc. in Reston, Va.
Add to that a mind-boggling stock price of $711 per share on Nov. 5. Not surprisingly, this dominance has led to endless rumors about where Google is headed next.
Google Toolbar: A New Malware Threat
(Team Think Blog, ZDNet.com)
Now there’s another source of potential malware to worry about. A researcher has released code that shows how a hacker can use the Google toolbar to get users to install malicious software or expose themselves to a phishing attack by installing a new toolbar button.
The report from TrendLabs Malware blogsays that the attack uses a “…specially crafted link to that refers to the button’s XML file, which when clicked displays a dialog box summarizing the details of the button to be installed.”
The hacker manipulates the URL within the dialog to make it appear non-malicous by adding special redirector strings. Trust is increased, improving the likelihood that the user will click on the link. Once installed, the user must click the link to install the malicious code or launch a fake log-in process.
According to the report, Google classifies the attack as non-critical due to the steps required for its execution. Google is said to be looking at a way to fix the bug.
The attack affects Google Toolbar 4 for Internet Explorer and Firefox as well as Google Toolbar 5 for IE.
Read also:
Google And The Big Brother Nomination
(Search Engine Watch)
(Team Think Blog, ZDNet.com)
Now there’s another source of potential malware to worry about. A researcher has released code that shows how a hacker can use the Google toolbar to get users to install malicious software or expose themselves to a phishing attack by installing a new toolbar button.
The report from TrendLabs Malware blogsays that the attack uses a “…specially crafted link to that refers to the button’s XML file, which when clicked displays a dialog box summarizing the details of the button to be installed.”
The hacker manipulates the URL within the dialog to make it appear non-malicous by adding special redirector strings. Trust is increased, improving the likelihood that the user will click on the link. Once installed, the user must click the link to install the malicious code or launch a fake log-in process.
According to the report, Google classifies the attack as non-critical due to the steps required for its execution. Google is said to be looking at a way to fix the bug.
The attack affects Google Toolbar 4 for Internet Explorer and Firefox as well as Google Toolbar 5 for IE.
Read also:
Google And The Big Brother Nomination
(Search Engine Watch)
Wednesday, December 19, 2007
Erase Your Search Tracks (BusinessWeek)
Most people probably don’t realize that their online searches are tracked by search engines such as Google, Yahoo, and Microsoft. With a new feature called AskEraser, Ask.com is hoping to give people control over the privacy of their online searches.
It’s a real issue for some people, especially given the uproar that ensued last year when AOL let slip search data from 650,000 users, some of which got tied to specific individuals.
AskEraser, launching on Tuesday, will let people delete records of their future search queries from Ask.com’s servers. That includes the user’s IP address and the text of the search queries. However, search query info will continue to be sent to Google, which runs ads on Ask. (There’s much more detail at Search Engine Land.)
Most people probably don’t realize that their online searches are tracked by search engines such as Google, Yahoo, and Microsoft. With a new feature called AskEraser, Ask.com is hoping to give people control over the privacy of their online searches.
It’s a real issue for some people, especially given the uproar that ensued last year when AOL let slip search data from 650,000 users, some of which got tied to specific individuals.
AskEraser, launching on Tuesday, will let people delete records of their future search queries from Ask.com’s servers. That includes the user’s IP address and the text of the search queries. However, search query info will continue to be sent to Google, which runs ads on Ask. (There’s much more detail at Search Engine Land.)
Tuesday, December 18, 2007
2007 Search Blogs Awards : Nominations Now Open
(Search Engine Journal)
Search Engine Journal is now opening nominations for blogs to be included for this year’s Search Blogs Awards in the following categories: […]
(Search Engine Journal)
Search Engine Journal is now opening nominations for blogs to be included for this year’s Search Blogs Awards in the following categories: […]
Monday, December 17, 2007
Is Google a Grinch or a good guy? (The Guardian)
The giant search engine has been accused of 'stealing Christmas' from companies by changing how it ranks results. Sean Hargrave finds out if their complaints are valid.
The giant search engine has been accused of 'stealing Christmas' from companies by changing how it ranks results. Sean Hargrave finds out if their complaints are valid.
How to stop javascript from websites infecting clients
(SANS Internet Storm Center)
Greg wrote in to ask how to protect users in his organization from getting infected with malware by visiting websites for business reasons that got hacked.
Knowing we like to recommend to disable javascript by using e.g. Firefox+NoScript, he asked for other solutions aside of disabling javascript as it's not an option in his environment.
So went looking for success stories with our audience and you came up with: […]
(SANS Internet Storm Center)
Greg wrote in to ask how to protect users in his organization from getting infected with malware by visiting websites for business reasons that got hacked.
Knowing we like to recommend to disable javascript by using e.g. Firefox+NoScript, he asked for other solutions aside of disabling javascript as it's not an option in his environment.
So went looking for success stories with our audience and you came up with: […]
Sunday, December 16, 2007
Googlepedia is coming (THE AGE, Australia)
Google is working on a new internet encyclopedia that will consist of material submitted by people who want to be identified as experts and possibly profit from their knowledge.
The concept, outlined late on Thursday in a posting on Google's official blog, poses a potential challenge to the nonprofit Wikipedia, which has drawn upon the collective wisdom of unpaid, anonymous contributors to emerge as a widely used reference tool.
Google is working on a new internet encyclopedia that will consist of material submitted by people who want to be identified as experts and possibly profit from their knowledge.
The concept, outlined late on Thursday in a posting on Google's official blog, poses a potential challenge to the nonprofit Wikipedia, which has drawn upon the collective wisdom of unpaid, anonymous contributors to emerge as a widely used reference tool.
Saturday, December 15, 2007
Smile! You're on Google's camera
(NEWS.com.au)
THE controversial Google Street View project has arrived in Australia taking snaps in our major cities and towns.
The project has already captured images at street level in 17 US cities and attached them to the highly popular Google Maps online application.
It was launched in the US in May, and quickly attracted controversy after claims several images breached privacy.
Some images identified men outside strip clubs, women sunbaking in parks and even captured a woman's g-string as she emerged from her car.
(NEWS.com.au)
THE controversial Google Street View project has arrived in Australia taking snaps in our major cities and towns.
The project has already captured images at street level in 17 US cities and attached them to the highly popular Google Maps online application.
It was launched in the US in May, and quickly attracted controversy after claims several images breached privacy.
Some images identified men outside strip clubs, women sunbaking in parks and even captured a woman's g-string as she emerged from her car.
Friday, December 14, 2007
Google Indexing Even Faster?
(Search Engine Guide)
Over the last year I have really noticed a decrease in the time it takes Google to index pages, specifically articles and blog posts. Pages being indexed used to take days and then hours and now I am noticing minutes. This is without being logged into my Google Account.
Earlier this year I got the chance to attend Google's Searchology where they announced the integration of Universal Search results and later that afternoon I sat at the same table as Larry Page where he elaborated that Google would eventually like to be indexing instantaneously. Larry's vision was to index content as a user was writing his/her blog post/article.
(Search Engine Guide)
Over the last year I have really noticed a decrease in the time it takes Google to index pages, specifically articles and blog posts. Pages being indexed used to take days and then hours and now I am noticing minutes. This is without being logged into my Google Account.
Earlier this year I got the chance to attend Google's Searchology where they announced the integration of Universal Search results and later that afternoon I sat at the same table as Larry Page where he elaborated that Google would eventually like to be indexing instantaneously. Larry's vision was to index content as a user was writing his/her blog post/article.
Thursday, December 13, 2007
Are the people telling Google it’s time for a redesign?
(Between the Lines | ZDNet.com)
Might it be an idea for Google to consider a slightly more modern, more visual, more, well, human and visionary welcome than that of a sixty-year-old croupier in Reno whose varicose veins are playing up?
(Between the Lines | ZDNet.com)
Might it be an idea for Google to consider a slightly more modern, more visual, more, well, human and visionary welcome than that of a sixty-year-old croupier in Reno whose varicose veins are playing up?
Tuesday, December 11, 2007
Google India engineers build voice-based search feature
(SiliconIndia, India)
Bangalore: The India research lab of Google, is building a voice-based search feature for markets in India. The voice-based search feature will allow phone users to ask for information on neighbourhood restaurants, services and theatres, reported Livemint.
(SiliconIndia, India)
Bangalore: The India research lab of Google, is building a voice-based search feature for markets in India. The voice-based search feature will allow phone users to ask for information on neighbourhood restaurants, services and theatres, reported Livemint.
Monday, December 10, 2007
Search Engine Spam - What You Don't Know Can Hurt You (Search Engine Guide)
If you are a small business owner, you may have spent a fair amount of time learning about the generally accepted ways to improve your search rankings. What you probably glossed over or skipped all together was reading about the tactics used to game or "cheat" your way up the search engines.
You may be thinking "but I'm not planning to spam the search engines!" That's great, but are you absolutely positive the SEM firm you're thinking about hiring feels the same way? If you know nothing about those tactics, how can you be certain your company or your SEM firm aren't using them.
Mike Moran, who writes about search marketing for Revenue magazine, has written an excellent three part series for the magazine aiming to help people get a solid overview of search engine optimization spam tactics.
If you are a small business owner, you may have spent a fair amount of time learning about the generally accepted ways to improve your search rankings. What you probably glossed over or skipped all together was reading about the tactics used to game or "cheat" your way up the search engines.
You may be thinking "but I'm not planning to spam the search engines!" That's great, but are you absolutely positive the SEM firm you're thinking about hiring feels the same way? If you know nothing about those tactics, how can you be certain your company or your SEM firm aren't using them.
Mike Moran, who writes about search marketing for Revenue magazine, has written an excellent three part series for the magazine aiming to help people get a solid overview of search engine optimization spam tactics.
Saturday, December 8, 2007
'Zombie' exploits cached by search engines
(Computer World)
More than a year after first coming to light, the caches of major search engines are still providing a safe hiding place for malicious code, a security company has revealed.
The latest warning comes from security company Aladdin Knowledge Systems Ltd., which logged an attack against a university Web site that was eventually traced back to just such a "poisoned cache." The originating site had been taken offline, but the code from it was still able to spread by living on in the caches of a major search engine.
To make matters worse, cached malicious code could circumvent URL filtering systems because they would stop only the original site address and not the site as found via a search engine indexing it from cache.
(Computer World)
More than a year after first coming to light, the caches of major search engines are still providing a safe hiding place for malicious code, a security company has revealed.
The latest warning comes from security company Aladdin Knowledge Systems Ltd., which logged an attack against a university Web site that was eventually traced back to just such a "poisoned cache." The originating site had been taken offline, but the code from it was still able to spread by living on in the caches of a major search engine.
To make matters worse, cached malicious code could circumvent URL filtering systems because they would stop only the original site address and not the site as found via a search engine indexing it from cache.
Friday, December 7, 2007
Baidu: A Search Engine Searching for New Direction
(Beijing Review, China)
Baidu: A Search Engine Searching for New Direction Baidu, the world's largest Chinese search engine, has expanded its activities in recent months
(Beijing Review, China)
Baidu: A Search Engine Searching for New Direction Baidu, the world's largest Chinese search engine, has expanded its activities in recent months
Thursday, December 6, 2007
Ve haf vays of making you search
(The Sidney Morning Herald, Australia)
"Google is massively invading privacy," the study [made by Boffins Hermann Maurer, chairman of Graz University's Institute for Information Systems and Computer Media] said, with the company able to access knowledge about individuals and companies, but not bound by national data protection laws.
"Google's open aim is to know everything there is to know on Earth," the researchers concluded. "It cannot be tolerated that a private company has that much power: it can extort, control, and dominate the world at will."
A Google spokesman said in a statement: "These allegations are premised on numerous inaccuracies, conspiracy theories and fundamental misunderstandings about Google's products and services. They're completely without foundation and, frankly, a little strange.''
(The Sidney Morning Herald, Australia)
"Google is massively invading privacy," the study [made by Boffins Hermann Maurer, chairman of Graz University's Institute for Information Systems and Computer Media] said, with the company able to access knowledge about individuals and companies, but not bound by national data protection laws.
"Google's open aim is to know everything there is to know on Earth," the researchers concluded. "It cannot be tolerated that a private company has that much power: it can extort, control, and dominate the world at will."
A Google spokesman said in a statement: "These allegations are premised on numerous inaccuracies, conspiracy theories and fundamental misunderstandings about Google's products and services. They're completely without foundation and, frankly, a little strange.''
Wednesday, December 5, 2007
Press Release SEO Tips
(Online Marketing Blog)
Many search marketing tactics come and go, but one channel of promotion that has steadily evolved is the practice of optimizing press releases for search engines.
While it’s true that the future of the traditional press release has been up for debate over the past few years, wire services and the web sites they syndicate content to continue to produce results for the clients of savvy public relations professionals and online marketers.
(Online Marketing Blog)
Many search marketing tactics come and go, but one channel of promotion that has steadily evolved is the practice of optimizing press releases for search engines.
While it’s true that the future of the traditional press release has been up for debate over the past few years, wire services and the web sites they syndicate content to continue to produce results for the clients of savvy public relations professionals and online marketers.
Tuesday, December 4, 2007
Spyware top threat, CompTIA says (eChannelLine)
"While spyware has always been somewhere on the radar, it's been generally down the list of concerns -- definitely within the top 10 but not in the top two or three, which is the case this year. That was a bit of surprise, as it's taking up so much time and causing so many problems for organizations," Ostrowski told eChannelLine.
Spyware has moved up in rank to take the number one spot of security threats to organizations right now, but over the long term, spyware is slightly less of a concern, the report found. Spyware took the top position of current threats, followed by lack of user awareness (54 percent), viruses and worms (49 percent), authorized user abuse (44.2 percent) and browser-based attacks (41.5 percent).
"While spyware has always been somewhere on the radar, it's been generally down the list of concerns -- definitely within the top 10 but not in the top two or three, which is the case this year. That was a bit of surprise, as it's taking up so much time and causing so many problems for organizations," Ostrowski told eChannelLine.
Spyware has moved up in rank to take the number one spot of security threats to organizations right now, but over the long term, spyware is slightly less of a concern, the report found. Spyware took the top position of current threats, followed by lack of user awareness (54 percent), viruses and worms (49 percent), authorized user abuse (44.2 percent) and browser-based attacks (41.5 percent).
Monday, December 3, 2007
No Thanks, Google, We'll Keep Our Own Data
(CBS News)
Readers responded to Tuesday's column about Google's plan to being offered a robust online data storage plan with great skepticism.
(CBS News)
Readers responded to Tuesday's column about Google's plan to being offered a robust online data storage plan with great skepticism.
Sunday, December 2, 2007
Malware Poisoning Results for Innocent Searches
(eWeek)
Tens of thousands of malware-serving pages, crafted to reach a high search engine ranking, are showing up in the first page of returns from Google, Yahoo and Live.
(eWeek)
Tens of thousands of malware-serving pages, crafted to reach a high search engine ranking, are showing up in the first page of returns from Google, Yahoo and Live.
Subscribe to:
Posts (Atom)