| 7:21 pm on Jun 21, 2002 (gmt 0)|
hey Roland, haven't seen you in a while :)
yup i noticed it, too. as always i tried to
configure the dll intern options.html with
the reshacker to do my custom options and layout...
it didn't work :(
although it's more likely that it has something to do with
the conflicts since the deinstallation of former releases
were not complete, the "downloaded program files" folder
saved version 1.1.56-deleon in a subfolder called "conflict.1"
well, i edited both GoogleNav.dlls but no effect...
i was too lazy to do some more research on it but
now that i see your post i think i'm gonna have a look
at it soon :)
| 7:37 pm on Jun 21, 2002 (gmt 0)|
hm i just saw that it's easier than i thought:
the location of the dll now is
\downloaded program files\conflict.1\googletoolbar_en_1.1.57-deleon.dll
(or \downloaded program files\googletoolbar_en_1.1.57-deleon.dll if installed clean),
former versions were all named googlenav.dll
| 2:17 am on Jun 22, 2002 (gmt 0)|
|It's scary because I was never asked if I wanted this upgrade or not. And you may see that the download date is 03/06/2002 and it was only activated today 21/06/2002. Will we see a google toolbar on the Lavasoft Ad-Aware list of spyware? |
Now you've got me seriously spooked. I downloaded the toolbar for my Explorer 5.5 on June 2. It was version 1.1.56. I know, because I wrote it down after checking "About Google Toolbar."
I checked today and magically I now have 1.1.57.
Here's what has me spooked. I only use Explorer maybe five minutes per day, and I use it with all ActiveX disabled, all active scripting disabled, and file downloads disabled. Google sidesteps all of this when they update the toolbar. Believe me, I would notice if I was queried before the update. Like I said, I use Explorer five minutes per day, and I'm very conscious that it's vulnerable.
In other words, Google has full access to my hard disk whenever I use Explorer, because the PageRank feature is phoning home to Google all the time. Every time it phones home, Google has the power to do anything at all to my hard disk.
Can anyone else confirm that their toolbar gets updated even when you have all this stuff disabled in Explorer?
Does this qualify as spyware?
| 2:28 am on Jun 22, 2002 (gmt 0)|
No I don't think so. It doesn't do anything but spy on every URL you go to (advanced option). But as far as reading your filesystem and spying on other things. No they don't do that.
| 2:38 am on Jun 22, 2002 (gmt 0)|
Mine has been updated without my permission also. Even the dastardly Microsoft asks first...
| 4:05 am on Jun 22, 2002 (gmt 0)|
[toolbar.google.com ] : Periodically, the Google Toolbar contacts our servers to see if you are running the most current version. If necessary, we will automatically provide you with the latest update to the Google Toolbar....
I recall seeing the first sentence when "accepting" the download of the toolbar. I believe you are agreeing to install whatever software Google chooses, limited by the restrictions on the website privacy pages. Caveat downloaditor.
| 5:12 am on Jun 22, 2002 (gmt 0)|
Okay, let me be sure I have this right.
"Those who have the toolbar installed agree that Google may scrutinize, download, and store in Google's archive, for future reference and in perpetuity, all files accessible to the toolbar on the user's computer."
Who's at fault? Both Google and Microsoft are at fault. When I set something in IE that says "disable file downloads" I expect this to mean what it says. It's worked okay a couple of times last year in that it stops a certain number of worms and viruses that may be trying to get in. But it doesn't do squat to stop Google's toolbar upgrades. To allow Google downloads like automatic toolbar upgrades, when I've checked everything in that huge security panel even remotely related to preventing this sort of abuse, is definitely a bug or a design flaw in IE.
Both Google and Microsoft are a menace to society. What's wrong with my analysis?
| 7:13 am on Jun 22, 2002 (gmt 0)|
depends. i'm sure msie has a build-in subroutie for downloading upgrades
etc. that involves checking the security settings set by the user.
now if google does not use this subroutine but has its own upgrade-engine
it's not ms's fault anymore...
i don't suppose google to make use of flaws, i rather think that the toolbar
does really have an own upgrade-engine and just doesn't check the security
settings (which of course would be possible and very easy)
| 4:42 pm on Jun 22, 2002 (gmt 0)|
I would not doubt for a second that the NSA and CIA don't have employees inside Microsoft. I know for sure the NSA does. I am sure there are plenty of ways into your computer without you worrying about Google Toolbar exploring your hard drive. You should be more concerned what Google will do with your browsing history. That is something you already allow them to watch and log.
It would be nice if there was a way to get them to purge that log.
| 7:36 pm on Jun 23, 2002 (gmt 0)|
Google notes and saves information such as time of day, browser type, browser language, and IP address with each query. That information is used to verify our records and to provide more relevant services to users. For example, Google may use your IP address or browser language to determine which language to use when showing search results or advertisements.
What's perhaps more worrisome than the record of sites surfed that's compiled via the toolbar, is the record of search terms you've used. That happens even when you don't have the toolbar.
If you erase your 36-year Google cookie with the unique ID regularly, they still have your (quite often) static IP number. Search terms are a vector into your state of mind at a given point in time. Google shows no interest in periodically purging such data.
Does anyone know of other sites "powered by Google" that are not so rude? I've found three so far:
aol.co.uk - no cookie
netscape.com - harmless cookie
earthlink.com - harmless cookie
I'll tolerate a pop-up or two just to avoid adding my static IP and my search terms to Google's database. I wonder if such "powered by" sites are required to feed the user's IP to Google from their backdoor feed? I know they can't read Google cookies because it's a different domain.
Maybe it's time to ask them whether Google gets this information when they pass along the query.
| 5:57 pm on Jun 24, 2002 (gmt 0)|
I'll mention a few things that most readers already know, but makes sense to repeat:
- The toolbar does auto-update when we have new versions. This is documented in the Frequently Asked Questions section of the toolbar help:
(dbowers also noted that we mention the auto-update in our privacy section.)
Google still works fine if you disable cookies (we won't be able to remember your search settings like languages though.)
Also, if use the toolbar without the advanced features enabled, the toolbar is completely inert--it doesn't send any information to Google whatsoever as you surf.
If you are still worried about your privacy, you always have the option of not installing the toolbar. It's an advanced tool that we provide to users, and the opt-in for advanced features keeps most people happy. But if for some reason the toolbar makes you uncomfortable, then by all means don't run it. :)
| 6:17 pm on Jun 24, 2002 (gmt 0)|