So, Steve and I were talking the other day about social networking sites after he did a really cool presentation on using SNS sites to gather really interesting information. Steve posts a little hint here about interesting things you can gather. Steve is doing some really interesting work with these sites, and knows a good deal more about the way that they work than anybody else I've met.
To take it a little farther from his tip, one of the ideas that I have played with at different times is to datamine business networking sites like LinkedIn - gathering the information about all of the people at a company should allow you to put together a pretty great database of information about technologies in use at a given company, organization structure, titles, etc.
That info would be incredibly useful for anyone attempting to attack a site - there's no question that it'd be a great resource for a penetration test or a social engineering test.
To see what I mean, Google "site:linkedin.com" and the name of your company, and then realize something scary... that is only the people who set their resumes to public (which is not the default).