Archive for Google

Google Under Antitrust Investigation By All 50 US States

Posted in Commentary with tags on September 9, 2019 by itnerd

US States rarely agree on anything. But they apparently agree on an antitrust investigation of Google. For those of you keeping score at home, that’s a higher number of states investigating Google versus the number investigating Facebook. Here’s the details from CNBC:

Fifty attorneys general are joining an investigation into Google over possible antitrust violations, Texas Attorney General Ken Paxton, the initiative’s leader, announced Monday.

The news confirms reports last week about the bipartisan investigation into Google’s practices. The probe includes attorneys general from 48 states, the District of Columbia and Puerto Rico. California and Alabama are not involved in the probe, Paxton said at a press conference.

Other attorneys general at the media conference emphasized Google’s dominance in the ad market and use of consumer data.

“When there is no longer a free market or competition, this increases prices, even when something is marketed as free, and harms consumers,” said Florida Attorney General Ashley Moody, a Republican. “Is something really free if we are increasingly giving over our privacy information? Is something really free if online ad prices go up based on one company’s control?”

This is a big problem for Google as an investigation that is this big involving this many states has to mean that it’s not if but when they find something to hang Google on. I guess  we’ll find out soon if that’s true or not.

Advertisements

Apple Calls Out Google’s Project Zero Claims Regarding Security Vulnerabilities in iOS [UPDATED]

Posted in Commentary with tags , on September 6, 2019 by itnerd

Back in the day, Steve Jobs declared “thermonuclear war” on Google. It now seems that we may be headed back to those days. I say that because you might recall that Google’s Project Zero put out a statement on zero day attacks that targeted iOS that they found. I then posted a story that said that not only were the attacks aimed at the Uighur minority in China, and likely done by China, but Google failed to mention that the attacks covered Android and Windows as well.

Now Apple has decided to return fire as only Apple can. The company issued a press release that says among other things this:

First, the sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously.

Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation” to “monitor the private activities of entire populations in real time,” stoking fear among all iPhone users that their devices had been compromised. This was never the case.

Second, all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not “two years” as Google implies. We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it. When Google approached us, we were already in the process of fixing the exploited bugs.

The more that this story goes on, the worse that Google looks. It will be interesting to see if Google responds to this as they’ve pretty much been called out and if they don’t respond, the reputation of Project Zero will be in tatters and un-repairable.

Over to you Google.

UPDATE: Google shot back via The Verge saying that it stands by its statement. Game on Apple.

More Trouble For Google As US States Team Up To Investigate It Over Possible Antitrust Violations

Posted in Commentary with tags on September 4, 2019 by itnerd

It seems that more than half the states in the USA are about to team up to launch an antitrust investigation. At least that’s what the Washington Post is reporting:

More than half of the nation’s state attorneys general are readying an investigation into Google for potential antitrust violations, scheduled to be announced next week, marking a major escalation in U.S. regulators’ efforts to probe Silicon Valley’s largest companies.

A smaller group of these state officials, representing the broader coalition, is expected to unveil the investigation at a Monday news conference in Washington, according to three people familiar with the matter who spoke on the condition of anonymity because they were not authorized to discuss a law enforcement proceeding on the record, cautioning the plans could change.

It is unclear whether some or all of the attorneys general also plan to open or announce additional probes into other tech giants, including Amazon and Facebook, which have faced similar U.S. antitrust scrutiny. The states’ effort is expected to be bipartisan and could include more than 30 attorneys general, one of the people said.

This is big trouble for Google as if they are deemed to be doing bad things on the antitrust front, things will get ugly. Just ask Microsoft when they ran into issues on the antitrust front. You have bet that there’s a bunch of execs at Google who are sweating buckets right now as this is far from a trivial development for the company.

Google Gets A Slap On The Wrist For Collecting Children’s Data On YouTube And Making Money By Doing So

Posted in Commentary with tags , on September 4, 2019 by itnerd

US regulators need to learn that the only way to alter the behavior of billion dollar companies is to serve up fines that hurt. A case in point is this report from the New York Times that has Google cutting a $170 million cheque to the FTC because it was caught collecting children’s data on YouTube and making money off that data:

Google on Wednesday agreed to pay a record $170 million fine and to make changes to protect children’s privacy on YouTube, as regulators said the video site had knowingly and illegally harvested personal information from youngsters and used that data to profit by targeting them with ads.

The measures were part of a settlement with the Federal Trade Commission and New York’s attorney general. They said YouTube had violated a federal children’s privacy law known as the Children’s Online Privacy Protection Act, or COPPA.

The fact is $170 million is a rounding error to a company that had revenues of almost $40 billion dollars last quarter. Meaning that this will do nothing to send a message that such behavior is unacceptable.  If the FTC and others really want to send that message, I would say fines have to be in the same range as the GDPR which really hurt companies who run afoul of it.

It Seems That Google Was Playing Fast And Loose With The Apple Exploits That They Published Last Week

Posted in Commentary with tags on September 2, 2019 by itnerd

Last week, I posted this tweet:

This was mind blowing that there were this many exploits for the iPhone floating around out there. The good news is that Apple patched them earlier this year. But Forbes has a story that indicates not only was this more extensive than thought, but we now know who the target was. And we now know that Google wasn’t telling us all the details:

Multiple sources with knowledge of the situation said that Google’s own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China. That community has long been targeted by the Chinese government, in particular in the Xinjiang region, where surveillance is pervasive.

Google’s and Microsoft’s operating systems were targeted via the same websites that launched the iPhone hacks, according to the sources, who spoke on the condition of anonymity. That Android and Windows were targeted is a sign that the hacks were part of a broad, two-year effort that went beyond Apple phones and infected many more than first suspected. One source suggested that the attacks were updated over time for different operating systems as the tech usage of the Uighur community changed…

The attacks appear to form part of a mass surveillance operation taking place on Uighur civilians, who’ve faced various forms of persecution in Xinjiang. Surveillance cameras are scattered across the region and facial recognition is prevalent.

Googles reputation has taken a monster dive with this revelation. When I first read this, it seemed that this were centered around iOS. But that’s apparently not true. They kind of left out the fact that Android which is Google’s own OS was affected by this along with Microsoft Windows. That’s a #Fail on Google’s part. Someone needs to slap them over that.

As for the fact that China is apparently behind this. I’m not shocked. China are the dirtiest players in the game. You can bet that they had other attacks on every platform ready to go after these ones were discovered. Hopefully this incident forces everyone from the average user to Microsoft, Apple, and Google to up their game.

 

 

Office365, Google Docs, And iWork Verboten From Some German Schools

Posted in Commentary with tags , , , , on July 15, 2019 by itnerd

Privacy regulators in Germany have ruled out the use of Office 365, Google Docs or Apple’s iWork suite citing privacy concerns over the way these cloud services work. TNW reports the following:

Microsoft’s cloud services has run into a fresh roadblock in Germany, after the state of Hesse ruled it is illegal for its schools to use Office 365 citing “privacy concerns.”

The Hesse Commissioner for Data Protection and Freedom of Information (HBDI) ruled that using the popular cloud platform’s standard configuration exposes personal information about students and teachers “to potential access by US authorities.”

And:

The use of cloud applications by schools is generally not a data protection problem. Many schools in Hesse are already using cloud solutions. Whether, for example, the learning platform or the electronic class book: Schools can use digital applications in compliance with data protection, as far as the security of the data processing and the participation of the pupils is guaranteed.

The core issue is that telemetry data is sent out of Germany to the US, and this can include personal data.

This information can include anything from regular software diagnostic data to user content from Office applications, such as email subject lines and sentences from documents where the company’s translation or spellchecker tools were used.

Collection of such information is a violation of GDPR laws that came into effect last May.

And what makes the situation worse is that switching away from Microsoft to a Google or Apple solution is not possible:

What is true for Microsoft is also true for the Google and Apple cloud solutions. The cloud solutions of these providers have so far not been transparent and comprehensibly described. Therefore, it is also true that for schools the privacy-compliant use [of these alternatives] is currently not possible.

Thus schools have to run local copies of these apps and store data locally. Although the ruling has so far been made by only one state in Germany, it seems likely that the same issue would apply across the country. That means that Microsoft, Google and Apple will have to address this quickly to avoid a blanket ban across Germany.

Company Accidentally Deletes Data… Then Sues Google When Google Can’t Restore It

Posted in Commentary with tags on July 15, 2019 by itnerd

From the “this is insanely stupid” file comes this situation which I think you will agree is a facepalm moment:

An interior design tools startup called Mosss on Wednesday sued Google to get it to restore its data after someone at the startup accidentally deleted the firm’s G Suite account. In a pro se lawsuit [Warning: PDF] filed in US District Court in Oakland, California, Mosss, under its previous corporate name, Musey Inc., asked Google to help it restore its data…

Initially, the filing says, the company believed Google would be able to help because a customer service representative said he’d deal with the issue. But the cavalry did not arrive… “All efforts failed and at the end we received a one-line email that stated our data was lost and couldn’t be returned to us.”

Except perhaps not. According to the complaint, the company was informed – it’s not clear whether Google or a third-party advised this – that it could seek a subpoena or file a civil lawsuit to access its data. So that’s what it has done.

A lot of companies think the cloud takes away the need for them to make backups of important data. But when they do something dumb, something like this happens. But I will admit that this is the most extreme case of a customer flipping out at a cloud provider that I have heard of. Let this be a lesson to people and companies out there. Just because you are “in the cloud” does not mean that common sense does not apply. You need to make backups of all your data so you don’t become like these people. And people like me laugh at you as a result.