Google has issued a serious warning to a number of Google Photos users, stating that their private videos have been accidentally sent to strangers.
The warning will come as a shock to users who have used the service to store videos they don’t wish to be made public, precisely because of Google’s promise to protect their data and keep unshared Photos private.
According to the warning, sent directly via email to all affected users, the blunder caused Google’s ‘Download your data’ service to incorrectly export some stored videos to the wrong user’s archive when bundling them up for download.
This resulted in some users downloading archives with missing videos and, more worryingly, videos that belong to other users.
You can read the text of the email in the tweet from @jonoberheide below:
Google hasn’t revealed the number of accounts affected, but it appears to be relatively small as it’s restricted to those who used ‘Download your data’ within a specific five-day time period of November 21 to November 25 2019. However, even only a small proportion of Google Photos’ over one billion users will likely result in a significant total number of people affected. The wording of the email suggests that Google is confident that it has identified all occurrences of the bug and warned all those affected.
What to do about it
Google’s preferred solution to this predicament is for users to create new data archives and download them again. While this will help anyone with missing videos to retrieve them, it offers no comfort to those who now have no way of knowing which, if any, of their videos have been downloaded and viewed by strangers. Furthermore, we can only hope that there are no other instances of the bug which remain undetected.
I’ve been working as a technology journalist since the early nineties. My passion is photography and the ever-changing hardware and software that creates it, be it traditional cameras and Photoshop or smartphones and tablets with their numerous apps. I have also worked extensively on computing titles such as PC Magazine and Personal Computer World and managed the PCW hardware testing labs. This has seen me testing and reviewing all manner of technologies in print and on line. I take on both written and photographic assignments and you can get in touch with questions, tips or pitches via email. Find me on Instagram @paul_monckton.
Those default Google Chrome settings are no good! Here is what to change. More Top Lists ➤ https://www.youtube.com/playlist?list… Subscribe Here ➤ https://www.youtube.com/user/ThioJoe?… Google Chrome is the most popular web browser right now, but most people just leave the settings on default without even knowing about things they could or should change. Some of these settings are on by default that you should disable, and others are cool features that are not enabled by default, but you’ll want to turn on. This video goes over 11 of these settings, which include some found in the regular settings menu, as well as some in the hidden “chrome flags” menu, found at chrome://flags . Everything from a new way to mute noisy tabs, to faster downloading with chrome. ~~~ ⇨ http://Instagram.com/ThioJoe ⇨ http://Twitter.com/ThioJoe ⇨ http://Facebook.com/ThioJoeTV ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Google is increasingly involved in more areas of its users’ lives. It’s where we turn every day for answers to pretty much everything from simple questions to complicated research. It’s where we get our email, store our photos, manage our calendars, and manage our files. It’s already the most dominant mobile operating system, and it now makes smart home devices. With its purchase of Fitbit, it’s clear Google also wants to dominate wearable technology.
Well, more specifically, Google plans to partner with banks to offer its customers access to banking products like checking accounts. In this case, accounts would be offered by Citigroup, as well as a credit union at Stanford University, and those financial institutions would provide all of the financial services and account management.
Google would provide the convenience, along with loyalty rewards. For example, users would access their accounts through Google Pay, much like Apple’s users access its branded credit card through Apple Pay.
Speaking of which, with recent moves by other tech companies into the personal finance space, it was probably inevitable that Google would follow suit. Apple recently introduced its own credit card with Goldman Sachs, and Facebook has announced its plans to launch a digital currency called Libra. It might be worth mentioning that both of those have come under intense scrutiny, with New York regulators launching an investigation into Apple Card for discriminating on the basis of gender when extending credit limits.
I actually think this is less a deviation for Google than it might seem. In fact, as TechCrunch pointed out, by providing users with checking accounts, “Google obviously stands to gain a lot of valuable information and insight on customer behavior with access to their checking account, which for many is a good picture of overall day-to-day financial life.”
It’s helpful to remember that for all the useful services Google provides, the company is, at its core, an advertising platform. That is the underlying business model that makes it huge amounts of money, and it’s the driving force behind every product or service it offers.
And while Google hasn’t suffered the same level of scandal as the next-largest advertising platform, Facebook, the strategy is the same–monetize people’s personal information.
Of course, that lack of scandal is reflected in the fact that consumers say they are more likely to trust Google with their financial information than some of its competitors. Only Amazon was rated higher in a McKinsey & Company survey included in the Journal’s report. Fifty-eight percent of consumers said they would trust Google for financial products.
The Journal also reports that Google won’t sell financial information to advertisers, which is great, but that doesn’t mean it won’t use that information to target specific advertising at customers based on their income or spending habits — which is really the only reason Google would get into financial products in the first place.
It’s also the only thing you need to know when considering whether this is a good idea. I’m not sure any amount of “loyalty program” or convenience can make up for the cost of having even more of your personal information monetized.
Google is planning to launch consumer checking accounts next year in partnership with Citigroup and Stanford University, The Wall Street Journal (WSJ) reported on Wednesday (Nov. 13). Code-named Cache, the accounts will be handled by Citigroup and a credit union at Stanford University. The branding will reflect the financial institutions and not Google. “Our approach is going to be to partner deeply with banks and the financial system,” Google VP of Product Management Caesar Sengupta told WSJ. “It may be the slightly longer path, but it’s more sustainable.”
Google is the latest giant company angling to secure more of users’ health information–potentially boding well for healthtech startups looking for an acquirer one day.
Reuters reported this week that Google’s owner, Alphabet, has made an offer to acquire wearable device maker Fitbit. Update: On Friday, Fitbit announced that it has agreed to be acquired by Google for approximately $2.1 billion. The deal is expected to close in 2020. The news comes on the heels of reports last month that Fitbit CEO James Park was exploring a potential sale for his company.
Park and CTO Eric Friedman co-founded the San Francisco-based company in 2007, and proceeded to help pioneer the wearable device industry–which reached a value of $1.6 billion last year, according to a June Research and Markets report. But recently, Reuters noted, the company has been struggling to successfully pivot from fitness trackers to smartwatches, now dominated by Apple and Samsung.
Google’s interest in smartwatches has been well-documented. Last month, Business Insider reported that the company started developing smartwatch offerings as early as 2013–but has still never released one because of a series of internal reorganizations, quality issues, and design struggles. In January, Google spent $40 million to acquire a chunk of smartwatch intellectual property–and members of the team responsible for creating it–from fashion designer and manufacturer Fossil Group.
More broadly, tech giants have spent the past few years snapping up health care data-oriented startups. In June of 2018, Amazon bought online pharmacy, and 2016 Inc. Rising Star, PillPack for near $750 million–and it acquired digital health startup Health Navigator for an undisclosed price just last Wednesday. Apple purchased personal health data company Gliimpse in 2016, sleep sensor maker Beddit in 2017, and asthma monitoring system Tueo Health in 2018, all also for undisclosed prices.
Altogether, the health care industry has seen at least 250 mergers, acquisitions, shareholder spinoffs, and other similar deals per quarter for more than two years, according to PwC’s most recent U.S. Health Services Deals Insights report. The report noted that in the third quarter of 2019 alone, the industry’s deals tallied $19.6 billion, up nearly 18 percent from the same quarter a year ago.
Google sent shockwaves around the internet last month when it was claimed the search giant had built a quantum computer able to solve formerly impossible mathematical calculations–with some fearing bitcoin could be at risk.
Details of Google’s so-called “quantum supremacy,” meaning it can solve calculations impossible with traditional computers, were posted to a Nasa website before being deleted, it was claimed by the Financial Times, a business newspaper.
Google’s quantum supremacy could mean it is able to perform in 200 seconds what would take a powerful computer 10,000 years and potentially mean bitcoin, and the encryption that underpins it, could be broken.
Bitcoin, cryptography, and encryption rely on complex mathematical problems and the fundamentals provide the basis of the internet and digital communication trust.
However, steps can be taken to prevent the likes of Google or any other quantum computer breaking into bitcoin and digital communication.
“Cryptocurrencies can be updated with quantum resistant tech,” said Charles Hayter, chief executive of bitcoin and cryptocurrency data website, CryptoCompare. “This is just a continuation of the age old arms race between crackers and enciphers.”
It would appear Google is still some way away from building a quantum computer that could be a threat to bitcoin or other encryption.
“Google’s supercomputer currently has 53 qubits,” said Dragos Ilie, a quantum computing and encryption researcher at Imperial College London.
Qubits, or quantum bits, are the basic unit of quantum information which use the properties of a quantum system, such as the polarization of a photon or the spin of an electron, where as traditional computers store and process data as a series of ‘1’s and ‘0’s.
“In order to have any effect on bitcoin or most or most other financial systems it would take at least about 1500 qubits and the system must allow for the entanglement of all of them,” Ilie said.
Google may not even be as far along as thought, with subsequent reports suggesting the original post was removed from Nasa’s website because it had not been confirmed.
Meanwhile, scaling quantum computers is “a huge challenge,” according to Ilie.
“As you add more qubits the system becomes more and more unstable … [though] researchers can try different approaches for solving these issues so maybe there are ways to mitigate these problems but right now we are quite far from breaking bitcoin.”
In short, “don’t dump your bitcoins yet,” Ilie added.
I am a journalist with significant experience covering technology, finance, economics, and business around the world. As the founding editor of Verdict.co.uk I reported on how technology is changing business, political trends, and the latest culture and lifestyle. I have covered the rise of bitcoin and cryptocurrency since 2012 and have charted its emergence as a niche technology into the greatest threat to the established financial system the world has ever seen and the most important new technology since the internet itself. I have worked and written for CityAM, the Financial Times, and the New Statesman, amongst others. Follow me on Twitter @billybambrough or email me on billyATbillybambrough.com. Disclosure: I occasionally hold some small amount of bitcoin and other cryptocurrencies.
Everyone should see it! Click here! http://youtube.com+watch=@3162039724/… Best cryptocurrency exchanger: https://700.by/101 Best cryptocurrency trading platform: https://700.by/102 The crypto community is reacting to a new report claiming Google has achieved a massive breakthrough in quantum computing. According to the Financial Times, a leaked document written by Google’s researchers says the company has achieved “quantum supremacy.”
In other words, Google has created a quantum computer that can perform a calculation that no other computer on earth has the power to process.“A paper by Google’s researchers seen by the FT, that was briefly posted earlier this week on a NASA website before being removed, claimed that their processor was able to perform a calculation in three minutes and 20 seconds that would take today’s most advanced classical computer, known as Summit, approximately 10,000 years.”
Quantum computers use the properties of atoms and molecules to create systems that can simultaneously explore multiple possible solutions to a problem. Many experts believe quantum tech could be used to crack the modern methods of cryptography that keep the internet secure. The threat to the world of cryptography is real enough that the National Security Agency (NSA) is now working to create new techniques that are resistant to quantum computing. News of Google’s apparent breakthrough made it to the front page of the cryptocurrency subreddit, where crypto proponents pondered the potential impact the advancement could have on blockchain technology.
The question is if and when quantum computing can crack the long strings of letters and numbers known as private keys, which Bitcoin users need to access their funds. So far, Google’s researchers say their quantum computer can “only perform a single, highly technical calculation,” indicating it will still take years until the technology can solve real-world problems.
Google Project Zero is a team of highly talented security analysts with a brief to uncover zero-day vulnerabilities. If a vulnerability is found, Project Zero reports to the vendor concerned and starts a 90-day countdown for a fix to be issued before full public disclosure is made. LastPass is also in the security business, being one of the most popular password management solutions with more than 16 million users, including 58,000 businesses. Project Zero has just disclosed that a security vulnerability left some of those 16 million users exposed to the risk of credential compromise as, in an ironic twist, LastPass could leak the last password used to any website visited.
How could the LastPass ‘last password’ vulnerability be exploited?
In a tweet posted September 16, Google Project Zero analyst Tavis Ormandy stated that “LastPass could leak the last used credentials due to a cache not being updated,” adding “this was because you can bypass the tab credential cache being populated by including the login form in an unexpected way!”
Ormandy reported the vulnerability on August 29, as Project Zero issue 1930, which showed how the credentials previously filled by LastPass could be exposed to any website under certain circumstances.
Ferenc Kun, the security engineering manager for LastPass at LogMeIn, which owns LastPass, said in an online statement that this “limited set of circumstances on specific browser extensions” could potentially enable the attack scenario described.
“To exploit this bug, a series of actions would need to be taken by a LastPass user including filling a password with the LastPass icon, then visiting a compromised or malicious site and finally being tricked into clicking on the page several times,” Kun said, “any potential exposure due to the bug was limited to specific browsers (Chrome and Opera.)”
The answer, thankfully, is nothing. LastPass has already patched the vulnerability, and the fix was comprehensively verified with Project Zero. Indeed, the fix was rolled out on September 13, and Kun confirmed that “we have now resolved this bug; no user action is required and your LastPass browser extension will update automatically.”
As a precaution, the LastPass update was deployed to all web browsers and not just Chrome and Opera.
How severe was this vulnerability and should you stop using LastPass?
Let’s deal with the last part of that question first; there’s absolutely no reason to stop using LastPass or your preferred password manager for that matter. “Although password managers like any other software have flaws the benefits of using one far outweigh the risks,” says ethical hacker John Opdenakker. “It’s far more likely that your accounts will get compromised by attacks that exploit poor passwords,” Opdenakker says, “such as through credential reuse, than by attacks against password managers themselves.”
OK, so how serious was this particular vulnerability? It certainly sounds serious enough, right? Tavis Ormandy at Project Zero allocated the vulnerability a “high” severity rating. Opdenakker isn’t so sure it merits that. “I think it’s most important that LastPass fixed this bug, which is certainly not a critical one, within a reasonable amount of time,” Opdenakker says, “it’s debatable whether it’s high or medium because, as Ormandy says, it doesn’t work for all URLs.”
LastPass security recommendations
Ferenc Kun said that LastPass continues to recommend the following best practices for added online security:
Do not click on links from people you don’t know, or that seem out of character from your trusted contacts and companies.
Always enable Multi-Factor Authentication (MFA) for LastPass and other services like your bank, email, Twitter, Facebook, etc.
Never reuse your LastPass master password and never disclose it to anyone, including us.
Use different, unique passwords for every online account.
Keep your computer malware-free by running antivirus with the latest detection patterns and keeping your software up-to-date.
I’m a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) I was also fortunate enough to be named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro called ‘Threats to the Internet.’ In 2011 I was honored with the Enigma Award for a lifetime contribution to IT security journalism. Contact me in confidence at email@example.com if you have a story to reveal or research to share
This is a short intro to how to use LastPass. Links: https://www.lastpass.comhttps://youtu.be/M4Z0xwzpQrk (My Diceware Video) ======================================== Follow me on Twitter: @redfalconsec Like me on Facebook: search “RedFalcon Security” Fonts used: Digitalt by gluk (http://www.dafont.com/digitalt.font) Royalty free ClipArt provided by LibrOffice Impress and clker (www.clker.com). This video made entirely in Linux using open source tools.