Google

'Google Just Made Gmail the Most Secure Email Provider on the Planet' (vice.com) 28

Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."
Google

Google Maps Now Lets You Explore Your Local Planets and Moons (cnet.com) 41

Google has added three planets and nine moons to Google Maps. "The heavenly bodies include Saturn moons Dione, Enceladus, Iapetus, Mimas, Rhea and Titan, and Jupiter moons Europa, Ganymede and Io," reports CNET. "Google also added dwarf-planets Pluto and Ceres and full-planet Venus." From the report: Once inside Google Maps for planets, you can spin the space objects around, get more information on their place names and zoom in for a closer look. The new worlds are possible thanks to imagery from NASA and the European Space Agency. NASA's dearly departed Cassini spacecraft sent back a treasure trove of views of Saturn's moons. If you have a few moments to spare, fire up a browser, go to your current location on Google Maps, enter satellite mode and hit the zoom-out button until you've left the planet and are "floating" in space. A list of available planets and moons pops up on the side and you're off on your space adventure.
Google

Google Photos Now Recognizes Your Pets (techcrunch.com) 55

Today, Google is introducing an easier way to aggregate your pet photos in its Photos app -- by allowing you to group all your pet's photos in one place, right beside the people Google Photos organized using facial recognition. TechCrunch reports: This is an improvement over typing in "dog," or another generalized term, because the app will now only group together photos of an individual pet together, instead of returning all photos you've captured with a "dog" in them. And like the face grouping feature, you can label the pet by name to more easily pull up their photos in the app, or create albums, movies or photo books using their pictures. In addition, Google Photos lets you type in an animal's breed to search for photos of pets, and it lets you search for photos using the dog and cat emojis. The company also earlier this year introduced a feature that would create a mini-movie starring your pet, but you can opt to make one yourself by manually selecting photos then choosing from a half-dozen tracks to accompany the movie, says Google.
Wireless Networking

Every Patch For 'KRACK' Wi-Fi Vulnerability Available Right Now (zdnet.com) 100

An anonymous reader quotes a report from ZDNet: As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. According to security researcher and academic Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability to decrypt traffic, hijack connections, perform man-in-the-middle attacks, and eavesdrop on communication sent from a WPA2-enabled device. In total, ten CVE numbers have been preserved to describe the vulnerability and its impact, and according to the U.S. Department of Homeland Security (DHS), the main affected vendors are Aruba, Cisco, Espressif Systems, Fortinet, the FreeBSD Project, HostAP, Intel, Juniper Networks, Microchip Technology, Red Hat, Samsung, various units of Toshiba and Ubiquiti Networks. A list of the patches available is below. For the most up-to-date list with links to each patch/statement (if available), visit ZDNet's article.
Google

Google Chrome for Windows Gets Basic Antivirus Features (betanews.com) 54

Google is rolling out a trio of important changes to Chrome for Windows users. From a report: At the heart of these changes is Chrome Cleanup. This feature detects unwanted software that might be bundled with downloads, and provides help with removing it. Google's Philippe Rivard explains that Chrome now has built-in hijack detection which should be able to detect when user settings are changes without consent. This is a setting that has already rolled out to users, and Google says that millions of users have already been protected against unwanted setting changes such as having their search engine altered. But it's the Chrome Cleanup tool that Google is particularly keen to highlight. A redesigned interface makes it easier to use and to see what unwanted software has been detected and singled out for removal.
Security

Millions of High-Security Crypto Keys Crippled by Newly Discovered Flaw (arstechnica.com) 55

Slovak and Czech researchers have found a vulnerability that leaves government and corporate encryption cards vulnerable to hackers to impersonate key owners, inject malicious code into digitally signed software, and decrypt sensitive data, reports ArsTechnica. From the report: The weakness allows attackers to calculate the private portion of any vulnerable key using nothing more than the corresponding public portion. Hackers can then use the private key to impersonate key owners, decrypt sensitive data, sneak malicious code into digitally signed software, and bypass protections that prevent accessing or tampering with stolen PCs. The five-year-old flaw is also troubling because it's located in code that complies with two internationally recognized security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German chipmaker Infineon and has been generating weak keys since 2012 at the latest. The flaw is the one Estonia's government obliquely referred to last month when it warned that 750,000 digital IDs issued since 2014 were vulnerable to attack. Estonian officials said they were closing the ID card public key database to prevent abuse. On Monday, officials posted this update. Last week, Microsoft, Google, and Infineon all warned how the weakness can impair the protections built into TPM products that ironically enough are designed to give an additional measure of security to high-targeted individuals and organizations.
Microsoft

Microsoft Has Already Fixed the Wi-Fi Attack Vulnerability; Android Will Be Patched Within Weeks (theverge.com) 124

Microsoft says it has already fixed the problem for customers running supported versions of Windows. From a report: "We have released a security update to address this issue," says a Microsoft spokesperson in a statement to The Verge. "Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected." Microsoft is planning to publish details of the update later today. While it looks like Android and Linux devices are affected by the worst part of the vulnerabilities, allowing attackers to manipulate websites, Google has promised a fix for affected devices "in the coming weeks." Google's own Pixel devices will be the first to receive fixes with security patch level of November 6, 2017, but most other handsets are still well behind even the latest updates. Security researchers claim 41 percent of Android devices are vulnerable to an "exceptionally devastating" variant of the Wi-Fi attack that involves manipulating traffic, and it will take time to patch older devices.
AI

Voice Assistants Will Be Difficult To Fire (wired.com) 177

mirandakatz writes: As voice assistants crop up left and right, consumers are facing a decision: Are you an Alexa? A Google Assistant? A Siri? Choose wisely -- because once you pick one voice assistant, it'll be difficult to switch. As Scott Rosenberg writes at Backchannel, "If I want to switch assistants down the line, sure, I can just go out and buy another device. But that investment of time and personal data isn't so easy to replace... Right now, all these assistants behave like selfish employees who think they can protect their jobs by holding vital expertise or passwords close to their chests. Eventually , the data that runs the voice assistant business is going to have to be standardized."
Microsoft

US Supreme Court To Decide Microsoft Email Privacy Dispute (reuters.com) 62

The U.S. Supreme Court on Monday agreed to resolve a major privacy dispute between the Justice Department and Microsoft Corp over whether prosecutors should get access to emails stored on company servers overseas. From a report: The justices will hear the Trump administration's appeal of a lower court's ruling last year preventing federal prosecutors from obtaining emails stored in Microsoft computer servers in Dublin, Ireland in a drug trafficking investigation. That decision by the New York-based 2nd U.S. Court of Appeals marked a victory for privacy advocates and technology companies that increasingly offer cloud computing services in which data is stored remotely. Microsoft, which has 100 data centers in 40 countries, was the first U.S. company to challenge a domestic search warrant seeking data held outside the country. There have been several similar challenges, most brought by Google.
Chrome

Microsoft Edge Beats Chrome and Firefox in Malware-Blocking Tests (computerworld.com) 126

An anonymous reader quotes Computerworld:Microsoft's Edge easily beat rival browsers from Google and Mozilla in third-party tests of the behind-the-scenes services which power anti-malware warnings and malicious website-blocking... NSS Labs says Windows 10's default browser is better at blocking phishing and socially-engineered malware attacks than Google Chrome or Mozilla Firefox... According to NSS Labs of Austin, Texas, Edge automatically blocked 92% of all in-browser credential phishing attempts and stymied 100% of all socially-engineered malware (SEM) attacks. The latter encompassed a wide range of attacks, but their common characteristic was that they tried to trick users into downloading malicious code. The tactics that SEM attackers deploy include links from social media, such as Facebook and Twitter, and bogus in-browser notifications of computer infections or other problems.

Edge bested Chrome and Firefox by decisive margins. For instance, Chrome blocked 74% of all phishing attacks, and 88% of SEM attacks. Meanwhile, Firefox came in third in both tests, stopping just 61% of the phishing attacks and 70% of all SEM attempts... Both Chrome and Mozilla's Firefox rely on the Safe Browsing API (application programing interface), but historically, Mozilla's implementation has performed poorly compared to Google's. No shock: Google created the API. Edge also took top prize in blocking attacks from the get-go. In NSS's SEM attack testing, for example, the Microsoft browser stopped nearly every attempt from the first moments a new attack was detected. Chrome and Firefox, on the other hand, halted 75% and 54% of the brand-new attacks, respectively. Over a week's time, Chrome and Firefox improved their blocking scores, although neither reached Edge's impressive 99.8%.

The researchers spent three weeks continuously monitoring the browsers on Windows 10 computers. But in the real world, Edge runs on just 5% of all personal computers, while Firefox runs on 13% and Chrome on 60%.
Google

Google Slashes Prices of Its USB-C Headphone Dongle Following Minor Outrage (mashable.com) 196

At its hardware event last week, Google unveiled its two new flagship smartphones: the Pixel 2 and Pixel 2 XL. While these devices feature high-end specifications and the latest version of Android, they both lack headphone jacks, upsetting many consumers who still rely heavily on wired headphones. To add insult to injury, Google announced a USB-C adapter for a whopping price of $20 -- that's $11 more than Apple's Lightning to 3.5mm adapter. This resulted in some minor outrage and caused Google to rethink its decision(s). As reported by 9to5Google, Google decided to slash the price of the dongle by over 50%. It is now priced at a more reasonable $9.
Google

Google is Essentially Building an Anti-Amazon Alliance, and Target is the Latest To Join (recode.net) 94

Google and the country's biggest brick-and-mortar retailers have one main problem in common: Amazon. Now both sides are acting like they are serious about working together to do something about it. From a report: On Thursday, Target and Google announced that they are expanding what was a years-old delivery partnership from a small experiment in a handful of cities to the entire continental U.S. The expansion will allow Target to become a retail partner in Google's voice-shopping initiative, which lets owners of the Google Home "smart" speaker order items through voice commands like owners of the Echo can do from Amazon. The announcement comes seven weeks after Walmart inked a similar deal with Google to offer hundreds of thousands of products through the service. Other big-box retailers like Home Depot are also on board. Voice commerce was the core of these recent announcements, and it may someday become popular for types of shopping like reordering household staples. But that's not what is most interesting here to me. Instead, it's the promise that Target is also beginning to work with Google "to create innovative digital experiences using ... other cutting-edge technologies to elevate Target's strength in style areas such as home, apparel and beauty."
Google

Google Bombs Are Our New Normal (wired.com) 94

mirandakatz writes: Tech companies' worst crises used to come in the form of pranks like Google bombs: Users figured out how to game search results, such as when a search for "miserable failure" turned up links to information about then-president George W. Bush. Today, in the era of fake news and Russian interference, that's basically our new normal -- but as Karen Wickre, a former communications lead at companies like Google and Twitter, points out, tech companies' approaches to dealing with the new breed of crises haven't evolved much since the age of Google bombs. Wickre suggests a new, collaborative approach that she dubs the "Federation," writing that "No single company, no matter how massive and wealthy, can hire its way out of a steady gusher of bad information or false and manipulative ads...The era of the edge case -- the exception, the outlier—is over. Welcome to our time, where trouble is forever brewing."
Google

Google Is Really Good At Design 183

Joshua Topolsky, writing for The Outline: The stuff Google showed off on October 4 was brazenly designed and strangely, invitingly touchable. These gadgets were soft, colorful... delightful? They looked human, but like something future humans had made; people who'd gotten righteously drunk with aliens. You could imagine them in your living room, your den, your bedroom. Your teleportation chamber. A fuzzy little donut you can have a conversation with. A VR headset in stunning pink. A phone with playful pops of color and an interface that seems to presage what you want, when you want it. It's weird. It's subtle. It's... good. It's Google? It's Google.

It was only a few years ago that Google was actually something of a laughing stock when it came to design. As an aggressively engineer-led company, the Mountain View behemoth's early efforts, particularly with its mobile software and devices, focused not on beauty, elegance, or simplicity, but rather concentrated on flexibility, iteration, and scale. These are useful priorities for a utilitarian search engine, but didn't translate well to many of the company's other products. Design -- the mysterious intersection of art and communication -- was a second-class citizen at Google, subordinate to The Data. That much was clear from the top down.

Enter Matias Duarte, the design impresario who was responsible for the Sidekick's UI (a wacky, yet strangely prescient mobile-everything concept) and later, the revolutionary (though ill-fated) webOS -- the striking mobile operating system and design language that would be Palm's final, valiant attempt at reclaiming the mobile market. Duarte was hired by Google in 2013 (initially as Android's User Experience Director, though he is now VP of design at the company), and spearheaded a complete reset of the company's visual and functional instincts. But even Duarte was aware of the design challenges his new role presented. "I never thought I'd work for Google," he told Surface Magazine in August. "I had zero ambition to work for Google. Everybody knew Google was a terrible place for design." Duarte went to work on a system that would ultimately be dubbed Material Design -- a set of principles that not only began to dictate how Android should look and work as a mobile operating system, but also triggered the march toward a unified system of design that slowly but surely pulled Google's disparate network of services into something that much more closely resembled a singular vision. A school of thought. A family.
Google

Alphabet's Waymo Demanded $1 Billion In Settlement Talks With Uber (reuters.com) 11

An anonymous reader quotes a report from Reuters: Alphabet's Waymo sought at least $1 billion in damages and a public apology from Uber as conditions for settling its high-profile trade secret lawsuit against the ride-services company, sources familiar with the proposal told Reuters. The Waymo self-driving car unit also asked that an independent monitor be appointed to ensure Uber does not use Waymo technology in the future, the sources said. Uber rejected those terms as non-starters, said the sources, who were not authorized to publicly discuss settlement talks. The precise dollar amount requested by Waymo and the exact time the offer was made could not be learned.

Waymo's tough negotiating stance, which has not been previously reported, reflects the company's confidence in its legal position after months of pretrial victories in a case which may help to determine who emerges in the forefront of the fast-growing field of self-driving cars. The aggressive settlement demands also suggest that Waymo is not in a hurry to resolve the lawsuit, in part because of its value as a distraction for Uber leadership, said Elizabeth Rowe, a trade secret expert at the University of Florida Levin College of Law.

Google

Google Permanently Disables Touch Function On All Home Minis Due To Privacy Concerns (bbc.co.uk) 48

Big Hairy Ian shares a report from BBC: Google has stopped its Home Mini speakers responding when users touch them. It permanently turned off the touch activation feature after it found that sensors primed to spot a finger tap were too sensitive. Early users found that the touch sensors were registering "phantom" touches that turned them on. This meant the speakers were recording everything around them thousands of times a day. Google said it disabled the feature to give users "peace of mind." Google's Home Mini gadgets were unveiled on October 4th as part of a revamp of its line of smart speakers. The intelligent assistant feature on it could be activated two ways -- by either saying "OK, Google" or by tapping the surface. About 4,000 Google Home Mini units were distributed to early reviewers and those who attended Google's most recent launch event. Artem Russakovskii from Android Police first discovered the issue with his unit, ultimately causing Google to "permanently [nerf] all Home Minis" because his spied on everything he said 24/7.
Google

Google Announces $1 Billion Job Training and Education Program (axios.com) 47

Google CEO Sundar Pichai was in Pittsburgh Wednesday to announce a new five-year, $1 billion program to help close the global education gap. From a report: Part of the program was a new "Grow with Google" program to work with U.S. cities as well as a $10 million grant to Goodwill that will see Google employees working with the nonprofit to train people in digital skills. Why it matters: Google, along with Apple, Microsoft and other big tech companies, have all launched significant efforts in recent months to demonstrate their commitment to education and U.S. jobs.
AI

We're Too Wise For Robots To Take Our Jobs, Alibaba's Jack Ma Says (scmp.com) 221

Have confidence in yourself -- technology will never replace human beings, insisted self-made billionaire Jack Ma in a keynote speech at Alibaba Cloud's Computing Conference in Hangzhou. From a report: There's one simple reason for that, the Alibaba founder said - we possess wisdom. "People are getting more worried about the future, about technology replacing humans, eliminating jobs and widening the gap between the rich and the poor," said Ma. "But I think these are empty worries. Technology exists for people. We worry about technology because we lack confidence in ourselves, and imagination for the future." Ma explained that humans are the only things on Earth that are wise. "People will always surpass machines because people possess wisdom," he said. Referencing AlphaGo, the Google artificial intelligence program that beat the world's top Go player at his own game, Ma said that there was no reason humanity should be saddened by the defeat. "AlphaGo? So what? AlphaGo should compete against AlphaGo 2.0, not us. There's no need to be upset that we lost. It shows that we're smart, because we created it."
Businesses

Hollywood Studios Join Disney To Launch Movies Anywhere Digital Locker Service (theverge.com) 48

There may be a grand unifying service to make accumulating a large digital cinematic library feasible, or so is the hope anyway. From a report: For several years now, Disney has been the only Hollywood studio with a digital movie locker worth using, but a host of other industry heavyweights have now jumped on board to launch an expanded version of the service called Movies Anywhere. It's both a cloud-based digital locker and a one-stop-shop app: customers connect Movies Anywhere to their iTunes, Amazon Video, Google Play, or Vudu accounts, and all of the eligible movies they've purchased through those retailers appear as part of their Movies Anywhere library. Given that the Movies Anywhere app works across a number of platforms, it basically allows them to take their digital film library with them no matter what device or operating system they're using. [...] The launch of Movies Anywhere should be the merciful, final blow that puts an end to UltraViolet, one of the entertainment industry's first attempts at putting together a comprehensive digital locker service. That service flailed due to a poor customer experience and lack of adoption on the part of big digital retailers like Apple. The team behind Movies Anywhere seems to have learned from UltraViolet's mistakes, however, as well as Disney's previous successes.
Google

Google Will Hit 100 Percent Renewable Energy This Year (inverse.com) 130

An anonymous reader quotes a report from Inverse: Google has announced that after 10 years a carbon-neutral company, it will be able to brag running on entirely renewable energy at the end of 2017. That means that all of the electricity the company consumes in both its data centers and offices are provided by wind and solar energy. Announced in Google's 2017 environmental report, Google says it has created "new energy purchasing models that others can follow" and that "we've helped drive wide-scale global adoption of clean energy." In addition to being an obvious PR boon, the company says its mission of full sustainability fits in with its larger mission. (It also makes the fact that as recently as 2015 Google alone reportedly consumed as much energy as the entire city of San Francisco in a year way more palatable.)

One step the company has recently taken in marrying its ethos of sustainability with its products is a new initiative to equip Google Street View vehicles with air quality sensors. In addition to its goal of being run by renewable energy, Google is also working on achieving zero waste to landfill. Nearly half of the company's 14 data centers have already reached this goal, according to Google executive Urs Holzle's 2017 Google Environmental report released on Tuesday.

Slashdot Top Deals