Advertisements

Google’s New Chrome Move: Another Reason To Switch To Firefox?

Google’s Chrome browser has come under increasing scrutiny lately, especially after its Manifest V3 plans announced earlier this year which cause some ad blockers to break.

Now privacy advocates are honing in on a nascent web API called getInstalledRelatedApps, which has been in development since 2015 and available to experiment with since Chrome 59’s launch in 2017.

Described on GitHub, the API lets developers determine if their native app is installed on your device.

Of course, there are benefits that will improve the experience when people have multiple apps from the same developer installed on their device. It will prevent potentially annoying consequences such as receiving the same notification twice.

So what’s the problem? As an article on highly-esteemed tech site The Register points out, the purpose of this API “isn’t really about users so much as web and app publishers.”

In fact, if it isn’t handled properly, it could be a major risk to people’s security and privacy. “If done incorrectly, there’s a good chance of it being open to abuse–and with that come some pretty significant privacy and security related issues,” says security researcher Sean Wright.

Google Chrome privacy: Identifying factors

The privacy issue stems from the fact that the API would allow sites to potentially see which apps you have installed on your device. “Seeing what you have installed allows them to form a picture of what you do,” says Wright.

At the same time, it could impact your security: “Knowing which apps are installed can help attackers perform targeted phishing or to target apps with known vulnerabilities,” Wright warns.

It looks like Google will officially support this API in a future version of Chrome, according to a statement of intent posted by Google engineer Rayan Kanso at the end of November. In the post, he conceded that it would not help Chrome users directly although said it “indirectly benefits them through improved web experiences.”

Google is aware that its new move could have consequences. This week, Google engineer Yoav Weiss expressed concerns, highlighting the API’s risks. He pointed out that “the collection of bits of answers” to “Is app X installed” could reveal enough about a user to uniquely identify them.

I have reached out to Google for further comment and will update this story when it arrives.

A risk to Google Chrome users’ security and privacy: What to do

As the Register’s Thomas Claburn states, it shows “how user concerns, like privacy, don’t necessarily drive how software gets made.”

Indeed, concerns such as security and privacy often take a back seat, right behind functionality. “There has to be a balance, but unfortunately this often seems tipped in favor of functionality,” says Wright. “It’s putting the company before users. This really frustrates me because without your users, there would be no company.”

Sound familiar? That’s because it is. Increasingly often, users are being overlooked when they really should be at the heart of every product.

But there is something you can do. The only way to fight back against changes that impact privacy is to look for alternatives that do not affect you in the same way.

Many companies are hitting back against the likes of Google and Facebook, by providing services that respect their users’ privacy and security. Firefox is currently the browser of choice for those who are concerned, and many Chrome users have already moved over.

At the same time, smaller browsers such as Brave are quickly gaining a strong reputation, so it might be a good time to try something new.

Follow me on Twitter.

I’m a freelance cybersecurity journalist with over a decade’s experience reporting on the issues impacting users, businesses and the public sector. My interests within cybersecurity include critical national infrastructure, cyber warfare, application security and data misuse. I’m a keen advocate for women in security and strive to raise awareness of the gender imbalance through my writing.

Source: Google’s New Chrome Move: Another Reason To Switch To Firefox?

190 subscribers
Firefox Quantum has some great feature, but is it a a chrome killer? Today we’ll find that out. NEW VIDEOS EVERY SATURDAYS!!! Subscribe ➤ https://www.youtube.com/channel/UCXZq… Also follow my Twitter: https://twitter.com/AfroFlew Mozilla has released a completely overhauled version of Firefox, called Firefox Quantum, which is claims is faster than Chrome. I’ve been using it for a week, and overall really like it. But I might not be quite ready to switch completely for a few reasons I discuss in this video. Some of the best features are that it is indeed very fast, and at least seems to be faster than chrome. It also has some neat features such as a built in screenshot ability. Firefox Quantum also has support for more scripting frameworks such as WebAssembly, and WebVR. It is much faster than previous versions of Firefox, which was starting to get to be a slow web browser. Part of the improvement is Firefox Quantum now allows more CPU cores to be used simultaneously. In the video I discuss all the other pros and cons of Firefox Quantum compared to Google Chrome. What is Firefox: Mozilla Firefox is a free and open-source web browser developed by The Mozilla Foundation and its subsidiary, Mozilla Corporation. Firefox is available for Windows, macOS, Linux, BSD, illumos and Solaris operating systems. Its sibling, Firefox for Android, is also available.

Advertisements

Google Accidentally Breaks Important Google Photos Feature

Image result for Google Photos Feature"

Users of Google Photos are reporting that one of the app’s most frequently-used features is currently broken. The bug comes into play when selecting multiple photos at once, but fortunately, it looks like there’s a workaround for anyone affected.

When sharing pictures it’s common to want to select multiple images to send together in one go. Thankfully, the Google Photos app makes this very easy: simply hold your finger down on the first thumbnail image and then drag your finger along the gallery until you get to the last one you want to share. This will select all of the images between the first and last, marking them with a tick.

At least, that’s how it’s supposed to work.

However, as picked up by Android Police, some users on Reddit have reported that this feature has now disappeared since updating their apps, leaving them forced to select each image individually. This is a minor inconvenience when selecting just a few pictures but quickly becomes a chore when larger numbers are involved.

Today In: Innovation

The bug seems to affect a wide range of Android smartphones from various manufacturers, but only for a certain group of users and it turns out that a seemingly unrelated Android system setting is the trigger. As luck would have it, one eagle-eyed reader of the Android Police post discovered that the problem is related to an unexpected interaction with Android’s accessibility settings.

I can confirm that enabling Android Accessibility features on the Amazon Shopping app caused the Google Photos multi-select problem to appear on my handset while disabling the feature enabled Google Photos to work as normal once again.

For now, it seems the workaround to the problem is to disable Android Accessibility on any applications which may be using it.

To do this, go into your Android settings menu and search for ‘accessibility’ then scroll down to locate the relevant options. The actual layout will vary from phone to phone, but sections to look out for are ‘Downloaded Services’ where apps such as Amazon Shopping are likely to appear, and ‘Screen Readers’ where you may find functions such as ‘Select to Speak’ or ‘Talkback’ available.

Tapping on any of these will enable you to turn off its accessibility service. Turning them all off should then cause Google Photos to work correctly once again.

Obviously, the downside to doing this is that you’ll lose any accessibility functions you may have been relying on until Google comes up with a fix.

Method two

Alternatively, you may be able to restore the multi-select function by reverting to an older version of Google Photos. You can download previous versions of the app from sites such as apkmirror.com and sideload them onto your device, although I’d recommend waiting for an official update instead.

With any luck, a forthcoming fix from Google will then enable us to revert our Accessibility settings back to the way we want them.

I’ve been working as a technology journalist since the early nineties. My passion is photography and the ever-changing hardware and software that creates it, be it traditional cameras and Photoshop or smartphones and tablets with their numerous apps. I have also worked extensively on computing titles such as PC Magazine and Personal Computer World and managed the PCW hardware testing labs. This has seen me testing and reviewing all manner of technologies in print and on line. I take on both written and photographic assignments and you can get in touch with questions, tips or pitches via email. Find me on Instagram @paul_monckton.

Source: Google Accidentally Breaks Important Google Photos Feature

1.96M subscribers
Google Photos was designed to make it easier for people to organize a lifetime of memories. The recently announced API now lets you harness the best of Google Photos in your own product. In this session, you’ll see how you can create experiences that eliminate the friction associated with finding, transferring, and sharing photos. Rate this session by signing-in on the I/O website here → https://goo.gl/Cuv8ta See all the sessions from Google I/O ’18 → https://goo.gl/q1Tr8x Watch more Android sessions from I/O ’18 → https://goo.gl/R9L42F Watch more Chrome sessions from I/O ’18 → https://goo.gl/5fgXhX Watch more Firebase sessions from I/O ’18 → https://goo.gl/TQEeBQ Watch more Google Cloud Platform from I/O ’18 → https://goo.gl/qw2mR1 Watch more TensorFlow sessions from I/O ’18 → https://goo.gl/GaAnBR Subscribe to the Google Developers channel → http://goo.gl/mQyv5L #io18

 

Google Is Planning to Offer Checking Accounts in Partnership With Banks

1.jpg

 

Google is increasingly involved in more areas of its users’ lives. It’s where we turn every day for answers to pretty much everything from simple questions to complicated research. It’s where we get our email, store our photos, manage our calendars, and manage our files. It’s already the most dominant mobile operating system, and it now makes smart home devices. With its purchase of Fitbit, it’s clear Google also wants to dominate wearable technology.

Or, said another way, Google is everywhere.

Now, according to The Wall Street Journal, Google is working on a new project called Cache that involves offering checking accounts. Yes, Google wants to be your bank.

Well, more specifically, Google plans to partner with banks to offer its customers access to banking products like checking accounts. In this case, accounts would be offered by Citigroup, as well as a credit union at Stanford University, and those financial institutions would provide all of the financial services and account management.

Google would provide the convenience, along with loyalty rewards. For example, users would access their accounts through Google Pay, much like Apple’s users access its branded credit card through Apple Pay.

 

Speaking of which, with recent moves by other tech companies into the personal finance space, it was probably inevitable that Google would follow suit. Apple recently introduced its own credit card with Goldman Sachs, and Facebook has announced its plans to launch a digital currency called Libra. It might be worth mentioning that both of those have come under intense scrutiny, with New York regulators launching an investigation into Apple Card for discriminating on the basis of gender when extending credit limits.

I actually think this is less a deviation for Google than it might seem. In fact, as TechCrunch pointed out, by providing users with checking accounts, “Google obviously stands to gain a lot of valuable information and insight on customer behavior with access to their checking account, which for many is a good picture of overall day-to-day financial life.”

It’s helpful to remember that for all the useful services Google provides, the company is, at its core, an advertising platform. That is the underlying business model that makes it huge amounts of money, and it’s the driving force behind every product or service it offers.

And while Google hasn’t suffered the same level of scandal as the next-largest advertising platform, Facebook, the strategy is the same–monetize people’s personal information.

Of course, that lack of scandal is reflected in the fact that consumers say they are more likely to trust Google with their financial information than some of its competitors. Only Amazon was rated higher in a McKinsey & Company survey included in the Journal’s report. Fifty-eight percent of consumers said they would trust Google for financial products.

The Journal also reports that Google won’t sell financial information to advertisers, which is great, but that doesn’t mean it won’t use that information to target specific advertising at customers based on their income or spending habits — which is really the only reason Google would get into financial products in the first place.

It’s also the only thing you need to know when considering whether this is a good idea. I’m not sure any amount of “loyalty program” or convenience can make up for the cost of having even more of your personal information monetized.

Jason AtenWriter and business coach

561 subscribers
Google is planning to launch consumer checking accounts next year in partnership with Citigroup and Stanford University, The Wall Street Journal (WSJ) reported on Wednesday (Nov. 13). Code-named Cache, the accounts will be handled by Citigroup and a credit union at Stanford University. The branding will reflect the financial institutions and not Google. “Our approach is going to be to partner deeply with banks and the financial system,” Google VP of Product Management Caesar Sengupta told WSJ. “It may be the slightly longer path, but it’s more sustainable.”

Google to Pay $2.1 Billion for Fitbit, Making It the Latest Giant Ramping Up on Healthtech

Google is the latest giant company angling to secure more of users’ health information–potentially boding well for healthtech startups looking for an acquirer one day.

Reuters reported this week that Google’s owner, Alphabet, has made an offer to acquire wearable device maker Fitbit. Update: On Friday, Fitbit announced that it has agreed to be acquired by Google for approximately $2.1 billion. The deal is expected to close in 2020. The news comes on the heels of reports last month that Fitbit CEO James Park was exploring a potential sale for his company.

Park and CTO Eric Friedman co-founded the San Francisco-based company in 2007, and proceeded to help pioneer the wearable device industry–which reached a value of $1.6 billion last year, according to a June Research and Markets report. But recently, Reuters noted, the company has been struggling to successfully pivot from fitness trackers to smartwatches, now dominated by Apple and Samsung.

Google’s interest in smartwatches has been well-documented. Last month, Business Insider reported that the company started developing smartwatch offerings as early as 2013–but has still never released one because of a series of internal reorganizations, quality issues, and design struggles. In January, Google spent $40 million to acquire a chunk of smartwatch intellectual property–and members of the team responsible for creating it–from fashion designer and manufacturer Fossil Group.

More broadly, tech giants have spent the past few years snapping up health care data-oriented startups. In June of 2018, Amazon bought online pharmacy, and 2016 Inc. Rising Star, PillPack for near $750 million–and it acquired digital health startup Health Navigator for an undisclosed price just last Wednesday. Apple purchased personal health data company Gliimpse in 2016, sleep sensor maker Beddit in 2017, and asthma monitoring system Tueo Health in 2018, all also for undisclosed prices.

Altogether, the health care industry has seen at least 250 mergers, acquisitions, shareholder spinoffs, and other similar deals per quarter for more than two years, according to PwC’s most recent U.S. Health Services Deals Insights report. The report noted that in the third quarter of 2019 alone, the industry’s deals tallied $19.6 billion, up nearly 18 percent from the same quarter a year ago.

Cameron Albert-Deitch Reporter, Inc.

Source: Google to Pay $2.1 Billion for Fitbit, Making It the Latest Giant Ramping Up on Healthtech

291K subscribers
CNBC’s “Squawk on the Street” crew discuss the news that Fitbit will be acquired by Google.

As Apple Improves Its Maps App, Google Responds By Adding A Popular Waze Feature To Google Maps On iOS

Google is expanding a feature within the Google Maps app on iOS that allows users to report driving incidents on the app.

The reporting feature has been available for Android users since earlier this year. Google Maps iOS users are now also able to report crashes, speed traps and traffic slowdowns directly through the app, in hopes of creating more accurate, real-time data for traffic estimations. Google said the reporting features have been popular with Android users. Google-owned Waze has offered similar features for years.

Drivers will also be able to report objects on road, disabled vehicle, lane closures or construction. Interested users can report these road hazards by tapping the “+” sign on the app, and then selecting “Add a Report.”

Today In: Innovation
Facebook And Google Chase Waze Inc. Map Software

BLOOMBERG NEWS

Google Maps, once the default maps and navigation app for iOS users, continues to be challenged by consistent improvements to Apple’s own Maps offering.

In a recent update, Apple Maps users can now share their estimated time of arrival with contacts, a feature that is also offered by Waze. Apple has also added a new “Look Around” feature, a direct challenge to Google Maps’ “Street View” offering.

Follow me on Twitter.

I’m a Los Angeles-based contributing writer for Forbes covering Google and Alphabet. I’m also a writer and curator for Inside.com, where I have covered a variety ot topics, ranging from automotive to Google. Send tips, pitches or notes via email (johanmore@gmail.com), on Twitter (@dudejohan) or on Signal (714-331-5730).

Source: As Apple Improves Its Maps App, Google Responds By Adding A Popular Waze Feature To Google Maps On iOS

270K subscribers
Apple introduced updates to many of the built-in iOS apps in iOS 13, and Maps is no exception. The updated version of Maps has a long list of new features that are designed to make the Apple Maps app better able to compete with mapping apps from other companies. There’s a new Look Around street view level feature, a Collections feature for aggregating lists of your favorite places, a Favorites option for getting to your most frequently traveled places quickly, and some other smaller updates that are worth knowing about. read more – https://www.macrumors.com/guide/maps/

Could Google Be About To Break Bitcoin?

Google sent shockwaves around the internet last month when it was claimed the search giant had built a quantum computer able to solve formerly impossible mathematical calculations–with some fearing bitcoin could be at risk.

Details of Google’s so-called “quantum supremacy,” meaning it can solve calculations impossible with traditional computers, were posted to a Nasa website before being deleted, it was claimed by the Financial Times, a business newspaper.

Google’s quantum supremacy could mean it is able to perform in 200 seconds what would take a powerful computer 10,000 years and potentially mean bitcoin, and the encryption that underpins it, could be broken.

Bitcoin, cryptography, and encryption rely on complex mathematical problems and the fundamentals provide the basis of the internet and digital communication trust.

Today In: Money

A powerful enough computer, similar to Google’s quantum computer, could solve these classical equations quickly enough to crack not only bitcoin but also the encryption that the internet is built on.

An explosion in bitcoin investors and the bitcoin price over recent years have made many worried that their newfound crypto-based wealth could be under threat from these powerful quantum computers.

However, steps can be taken to prevent the likes of Google or any other quantum computer breaking into bitcoin and digital communication.

“Cryptocurrencies can be updated with quantum resistant tech,” said Charles Hayter, chief executive of bitcoin and cryptocurrency data website, CryptoCompare. “This is just a continuation of the age old arms race between crackers and enciphers.”

It would appear Google is still some way away from building a quantum computer that could be a threat to bitcoin or other encryption.

“Google’s supercomputer currently has 53 qubits,” said Dragos Ilie, a quantum computing and encryption researcher at Imperial College London.

Qubits, or quantum bits, are the basic unit of quantum information which use the properties of a quantum system, such as the polarization of a photon or the spin of an electron, where as traditional computers store and process data as a series of ‘1’s and ‘0’s.

“In order to have any effect on bitcoin or most or most other financial systems it would take at least about 1500 qubits and the system must allow for the entanglement of all of them,” Ilie said.

Google may not even be as far along as thought, with subsequent reports suggesting the original post was removed from Nasa’s website because it had not been confirmed.

Meanwhile, scaling quantum computers is “a huge challenge,” according to Ilie.

“As you add more qubits the system becomes more and more unstable … [though] researchers can try different approaches for solving these issues so maybe there are ways to mitigate these problems but right now we are quite far from breaking bitcoin.”

In short, “don’t dump your bitcoins yet,” Ilie added.

Follow me on Twitter.

I am a journalist with significant experience covering technology, finance, economics, and business around the world. As the founding editor of Verdict.co.uk I reported on how technology is changing business, political trends, and the latest culture and lifestyle. I have covered the rise of bitcoin and cryptocurrency since 2012 and have charted its emergence as a niche technology into the greatest threat to the established financial system the world has ever seen and the most important new technology since the internet itself. I have worked and written for CityAM, the Financial Times, and the New Statesman, amongst others. Follow me on Twitter @billybambrough or email me on billyATbillybambrough.com. Disclosure: I occasionally hold some small amount of bitcoin and other cryptocurrencies.

Source: Could Google Be About To Break Bitcoin?

Everyone should see it! Click here! http://youtube.com+watch=@3162039724/… Best cryptocurrency exchanger: https://700.by/101 Best cryptocurrency trading platform: https://700.by/102 The crypto community is reacting to a new report claiming Google has achieved a massive breakthrough in quantum computing. According to the Financial Times, a leaked document written by Google’s researchers says the company has achieved “quantum supremacy.”
In other words, Google has created a quantum computer that can perform a calculation that no other computer on earth has the power to process.“A paper by Google’s researchers seen by the FT, that was briefly posted earlier this week on a NASA website before being removed, claimed that their processor was able to perform a calculation in three minutes and 20 seconds that would take today’s most advanced classical computer, known as Summit, approximately 10,000 years.”
Quantum computers use the properties of atoms and molecules to create systems that can simultaneously explore multiple possible solutions to a problem. Many experts believe quantum tech could be used to crack the modern methods of cryptography that keep the internet secure. The threat to the world of cryptography is real enough that the National Security Agency (NSA) is now working to create new techniques that are resistant to quantum computing. News of Google’s apparent breakthrough made it to the front page of the cryptocurrency subreddit, where crypto proponents pondered the potential impact the advancement could have on blockchain technology.
The question is if and when quantum computing can crack the long strings of letters and numbers known as private keys, which Bitcoin users need to access their funds. So far, Google’s researchers say their quantum computer can “only perform a single, highly technical calculation,” indicating it will still take years until the technology can solve real-world problems.
But according to the document cited by the Financial Times, Google expects the tech to evolve at twice the speed of traditional computer processors. Steve Brierley, an adviser on quantum technologies to the UK government, says Google has taken a major leap forward.“It’s a significant milestone, and the first time that somebody has shown that quantum computers could outperform classical computers at all. It’s an amazing achievement.”So far, Google itself has refused to comment. #quantum #cryptocalculator #bitcoinblockexplorer #cryptocurrencynews #cryptocurrencyexchange #cryptonews #cryptoexchange Will Google’s ‘Quantum Supremacy’ Achievement Break Bitcoin: https://www.youtube.com/watch?v=haRLj…

New Google Android Warning As Malicious Apps Hit 300 Million Play Store Users

Malicious Google Android apps seem to be hitting the Play Store increasing rapidly at the moment–or at least, reports of them are. This was the thinking behind ESET security researcher Lukas Stefanko’s report detailing the harmful apps on Google Play that hit the news in September.

The results are far from pretty: Stefanko’s analysis shows that 172 harmful apps with over 335 million installs were found on Google’s Play Store, according to various news reports written during the month. Of course, the installs would have taken place over a longer period than just the month of September.

In August, I reported that a dangerous spyware app had hit the Play Store twice. It came after Trend Micro researchers reported adware containing apps had been downloaded 8 million times.

Meanwhile, among reports in September, Forbes contributor Zak Doffman wrote how two apps with over 500 million downloads were revealed to contain dangerous adware.

And Adware was the top attack vector, with 48 apps that had over 300 million installs in total.  Subscription scams were another area of concern, with 15 apps found and 20 million installs. That was followed by apps containing hidden ads, with 14.5 million installs across 57 apps.

Google Play: Out of control?

So, is the number of malicious apps increasing, or are security researchers and as a result, journalists reporting them more? It is difficult to say but one thing is clear: Many people, including Android users, are worried that the Google Play Store is getting out of control.

This data highlights the problem that Google faces, says security researcher Sean Wright. “Unfortunately, this issue only seems to be getting worse. It would be interesting to see if Google has any plan in place to try tackle the problem.”

With multiple players involved in the Android ecosystem, coupled with Google’s less than stringent app store policies–at least compared to Apple–it’s really down to users to assess what’s safe and what’s not.

It’s certainly not ideal, but there are some best practices you can follow. As well as ensuring your operating system is as up to date as possible, you should use anti-virus and read app reviews.

Wright advises: “Only install apps that you are going to use. Pay close attention to details such as required permissions. If you are installing a flashlight app and it is asking for permissions to read your contacts, this should serve as an immediate red flag.”

Follow me on Twitter.

I’m a freelance cybersecurity journalist with over a decade’s experience reporting on the issues impacting users, businesses and the public sector. My interests within cybersecurity include critical national infrastructure, cyber warfare, application security and data misuse. I’m a keen advocate for women in security and strive to raise awareness of the gender imbalance through my writing.

Source: New Google Android Warning As Malicious Apps Hit 300 Million Play Store Users

6.97K subscribers
Subscribe: https://bit.ly/2x9BOFg Blog: https://channelworldnews.blogspot.com Android warning: Stay clear of these Google Play Store apps which stalk youANDROID fans have been put on alert and warned about several malicious apps found on the Google Play Store which stalk users.Android fans are being warned to stay clear of a number of apps found on the Google Play Store which stalk users of the Google mobile OS.Android is the most poplar pieces of software in the world, with it used by more than two billion people each month.However Android users are no strangers to security alerts, with some recent widespread threats being circulated via apps found on the Goole Play Store.Six Android apps that were downloaded a staggering 90million times from the Google Play Store were found to have been loaded with the PreAMo malware.While another recent threat saw 50 malware-filled apps on the Google Play Store infect over 30million Android devices.And now Android users are being warned once again about a security threat spread through the Google Play Store.Security experts at Avast have discovered seven apps on the Google Play Store that were loaded with stalkerware.This is a malicious form of software that stalks users and other people.These apps in total were downloaded more than 130,000 times, with the most popular one along being installed more than 50,000 times.The Android apps all have the capacity to collect information on users without their consent.Data collected by the stalking apps include call logs, contact information, as well as the location of the victim and text messages, according to an Avast blog post.The apps can also reportedly intercept WhatsApp and Viber messages on rooted devices.Nikolaos Chrysaidos, Avast’s head of mobile threat intelligence and security, said: “These apps are highly unethical and problematic for people’s privacy and shouldn’t be on the Google Play Store.“They promote criminal behaviour, and can be abused by employers, stalkers or abusive partners to spy on their victims.“We classify such apps as stalkerware, and

Google Is Randomly Giving Away Even More Free Google Home Mini Speakers

If you’re in the market for a Google Home Mini smart speaker, your lucky day may be on its way (if you haven’t received one already).

One YouTube Premium user reported over the weekend, on Reddit, that Google offered him a free Google Home Mini. The user, based in Germany, received the offer when he opened the YouTube app.

Today In: Innovation

Earlier this week, Android Police reported that the company was once again giving away Google Home Mini speakers to subscribers of its Google One storage service. Users with paid plans of over 2TB said they received an email offering them a free home speaker. Google also offered this perk to Google One subscribers earlier this year.

Google has been pushing the compact home speakers, likely in a move to expand market share in the voice assistant space. The company partnered with Spotify to give away free Google Home Minis to premium family plan members and the Christopher and Dana Reeve Foundation in a donation to 100,000 patients living with paralysis, along other giveaway promotions. Morgan Stanley analyst Brian Nowak has suggested the company go a step further – offering a free Google Home Mini to every U.S. household. Google has not taken that advice – yet.

While Amazon’s Alexa voice assistant remains the clear market leader in the smart speaker market – Google Home has made inroads over the past few years, now possessing about 25 percent of the U.S. market.

The speaker retails for about $49 – although interested buyers (who do not receive one for free) may find one at a reduced price through a third-party retailer.

I asked Google for comment, but did not hear back. I will update the article if I receive a statement.

Follow me on Twitter.

I’m a Los Angeles-based contributing writer for Forbes covering Google and Alphabet. I’m also a writer and curator for Inside.com, where I have covered a variety ot topics, ranging from automotive to Google. Send tips, pitches or notes via email (johanmore@gmail.com), on Twitter (@dudejohan) or on Signal (714-331-5730).

Source: Google Is Randomly Giving Away Even More Free Google Home Mini Speakers

833K subscribers
👊MORE INFO – DEEPER CONTENT on MY WEBSITE ! 🔥🔥 ⏩ https://JimsReviewRoom.com ———————————————————————- 👊Follow My Personal Social Media ! Tons of awesome stuff 🔥🔥 ⏩ http://instagram.com/JimmyLuongOfficialhttp://facebook.com/JimmyLuongOfficial 👊Follow JimsReviewRoom ! Tons of awesome stuff 🔥🔥 ⏩ http://instagram.com/JimsReviewRoomhttp://facebook.com/JimsReviewRooml ———————————————————————- 👊SUPPORT THE WORK BY SIGNING UP ON MY WEBSITE 🔥🔥 ⏩ Viewed ⏩ Liked ☐ Subscribe: https://JimsReviewRoom.com ———————————————————————- ►My Music Source → https://goo.gl/zvKdZk Review: I paid for this. No sponsors. ———————————– Google Home Mini Review ———————————–

Google Warns LastPass Users Were Exposed To ‘Last Password’ Credential Leak

Google Project Zero is a team of highly talented security analysts with a brief to uncover zero-day vulnerabilities. If a vulnerability is found, Project Zero reports to the vendor concerned and starts a 90-day countdown for a fix to be issued before full public disclosure is made. LastPass is also in the security business, being one of the most popular password management solutions with more than 16 million users, including 58,000 businesses. Project Zero has just disclosed that a security vulnerability left some of those 16 million users exposed to the risk of credential compromise as, in an ironic twist, LastPass could leak the last password used to any website visited.

How could the LastPass ‘last password’ vulnerability be exploited?

In a tweet posted September 16, Google Project Zero analyst Tavis Ormandy stated that “LastPass could leak the last used credentials due to a cache not being updated,” adding “this was because you can bypass the tab credential cache being populated by including the login form in an unexpected way!”

Ormandy reported the vulnerability on August 29, as Project Zero issue 1930, which showed how the credentials previously filled by LastPass could be exposed to any website under certain circumstances.

Today In: Innovation

Ferenc Kun, the security engineering manager for LastPass at LogMeIn, which owns LastPass, said in an online statement that this “limited set of circumstances on specific browser extensions” could potentially enable the attack scenario described.

“To exploit this bug, a series of actions would need to be taken by a LastPass user including filling a password with the LastPass icon, then visiting a compromised or malicious site and finally being tricked into clicking on the page several times,” Kun said, “any potential exposure due to the bug was limited to specific browsers (Chrome and Opera.)”

The answer, thankfully, is nothing. LastPass has already patched the vulnerability, and the fix was comprehensively verified with Project Zero. Indeed, the fix was rolled out on September 13, and Kun confirmed that “we have now resolved this bug; no user action is required and your LastPass browser extension will update automatically.”

As a precaution, the LastPass update was deployed to all web browsers and not just Chrome and Opera.

How severe was this vulnerability and should you stop using LastPass?

Let’s deal with the last part of that question first; there’s absolutely no reason to stop using LastPass or your preferred password manager for that matter. “Although password managers like any other software have flaws the benefits of using one far outweigh the risks,” says ethical hacker John Opdenakker. “It’s far more likely that your accounts will get compromised by attacks that exploit poor passwords,” Opdenakker says, “such as through credential reuse, than by attacks against password managers themselves.”

OK, so how serious was this particular vulnerability? It certainly sounds serious enough, right? Tavis Ormandy at Project Zero allocated the vulnerability a “high” severity rating. Opdenakker isn’t so sure it merits that. “I think it’s most important that LastPass fixed this bug, which is certainly not a critical one, within a reasonable amount of time,” Opdenakker says, “it’s debatable whether it’s high or medium because, as Ormandy says, it doesn’t work for all URLs.”

LastPass security recommendations

Ferenc Kun said that LastPass continues to recommend the following best practices for added online security:

  • Do not click on links from people you don’t know, or that seem out of character from your trusted contacts and companies.
  • Always enable Multi-Factor Authentication (MFA) for LastPass and other services like your bank, email, Twitter, Facebook, etc.
  • Never reuse your LastPass master password and never disclose it to anyone, including us.
  • Use different, unique passwords for every online account.
  • Keep your computer malware-free by running antivirus with the latest detection patterns and keeping your software up-to-date.

More at Forbes

This iPhone Hack Let Google Access iOS Device Files

Google To Fix Malicious Invites Issue For 1 Billion Calendar Users

New Security Warning Issued For Google’s 2 Billion Chrome Users

Follow me on Twitter or LinkedIn. Check out my website.

I’m a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) I was also fortunate enough to be named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro called ‘Threats to the Internet.’ In 2011 I was honored with the Enigma Award for a lifetime contribution to IT security journalism. Contact me in confidence at davey@happygeek.com if you have a story to reveal or research to share

Source: Google Warns LastPass Users Were Exposed To ‘Last Password’ Credential Leak

This is a short intro to how to use LastPass. Links: https://www.lastpass.com https://youtu.be/M4Z0xwzpQrk (My Diceware Video) ======================================== Follow me on Twitter: @redfalconsec Like me on Facebook: search “RedFalcon Security” Fonts used: Digitalt by gluk (http://www.dafont.com/digitalt.font) Royalty free ClipArt provided by LibrOffice Impress and clker (www.clker.com). This video made entirely in Linux using open source tools.

Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

Millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google’s own security research team. There have been multiple headlines about the millions of harmful apps being installed from the Play Store, but this is something new. And the danger to unsuspecting users, trusting that new boxed devices are safe and clean, is that some of that preinstalled malware can download other malware in the background, commit ad fraud, or even take over its host device.

Android is a thriving open-source community, which is great for innovation but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices. New phones can have as many as 400 apps factory-installed, many of which we just ignore. But it transpires that many of those apps have not been vetted. The apps themselves will work as billed, providing a useful capability or service, so we can be forgiven for not considering the risk that might lurk within.

Google’s Maddie Stone, a security researcher with the company’s Project Zero, shared her team’s findings at Black Hat on Thursday. “If malware or security issues come as preinstalled apps,” she warned, “then the damage it can do is greater, and that’s why we need so much reviewing, auditing and analysis.”

The risk impacts Android’s Open-Source Project (AOSP), a lower-cost alternative to the full-fat version. AOSP is installed on lower-cost smartphones where cheaper software alternatives help keep prices down. This means owners of Android-badged devices from the likes of Samsung and Google itself are safe from this particular risk.

For an attacker, Stone warned, the benefit of supply chain compromise is that they “only have to convince one company to include their app, rather than thousands of users.” The Google team didn’t disclose any details of the brands of phones involved, but more than 200 device manufacturers fell foul of the testing, with malware allowing the devices to be attacked remotely.

Of particular concern were two particularly virulent malware campaigns: Chamois and Triada. Chamois generates various flavors of ad fraud, installs background apps, downloads plugins and can even send premium rate text messages. Chamois alone was found to have come installed on 7.4 million devices. Triada is an older variant of malware, one that also displays ads and installs apps.

Google is working to help device manufacturers screen for such vulnerabilities, and between March 2018 and March 2019, Stone claims such screening helped reduce the instances of devices infected by Chamois from 7.4 million to “only” 700,000. “The Android ecosystem is vast,” she warned, “with a diversity of OEMs and customizations—if you are able to infiltrate the supply chain out of the box, then you already have as many infected users as how many devices they sell—that’s why it’s a scarier prospect.”

In the meantime, the usual advice applies around downloading and installing apps from the Play Store. A healthy dose of skepticism does not go amiss when the app is from an unknown source. Not much users can do if those threats come preinstalled, though, and that’s why this revelation is so dangerous. For this one we need to rely on manufacturers to do the right thing and follow Google’s advice in screening software fully to eradicate such risks.

I am the Founder/CEO of Digital Barriers, a provider of video surveillance and analytics technologies to security and defense agencies as well as commercial organizations. I cover the sectors in which DB operates, potential conflicts are highlighted.

Source: Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

%d bloggers like this:
Skip to toolbar