Archive for Google

Citrix & Google Announce Enhancement To Their Strategic Relationship

Posted in Commentary with tags , on July 22, 2017 by itnerd

Businesses today must quickly adapt to the demands of a global economy and workforce. Success is increasingly defined by the ability to optimize and protect the information surrounding people, organizations and devices. To help businesses tackle these challenges and fully embrace the benefits of flexibility and scale that cloud delivers, Citrix has announced extensions to its long-term strategic relationship with Google. Customers will be able to use Citrix Cloud to provision and manage secure digital workspaces, including Citrix Workspace Service, on Google Cloud Platform. Citrix and Google are working together to bring cloud delivery of applications and desktops, and secure cloud-optimized endpoints to their enterprise customers who are increasingly looking to both public and hybrid clouds to solve their business requirements for secure digital workspaces.

Along with these new cloud solutions, Citrix and Google also announced new integrations, available today, between Citrix ShareFile and Google G Suite that enable follow-me-data when using Citrix workspace solutions. A new ShareFile plug-in that allows the secure sharing of files via Gmail and a ShareFile connector to Google Drive provides users with one place to find all their documents. In addition, Citrix NetScaler CPX is available now on Google Cloud and is targeted for availability in the Google Cloud Launcher marketplace by the end of the quarter. Google Cloud’s emphasis on containers and the Kubernetes orchestration system will allow the developer community to use NetScaler CPX to easily build and scale secure applications in the cloud.

With Citrix Cloud services integrated with Google Cloud, Google customers will have the ability to easily add virtual apps and desktops that run on Google Cloud and use them alongside the G Suite productivity suite.

Citrix and Google continue to work on delivering secure end point solutions for accessing digital workspaces with the recently announced Citrix Receiver for Chrome 2.4, which offers true multi-monitor support on Chromebooks. Google recently announced official Chrome Browser support for Citrix along with graphics optimizations available only on XenApp. Google and Citrix product teams continue their collaboration to enhance and optimize XenApp delivery to Chrome OS based devices for enterprise customers with ongoing Receiver for Chrome updates.

Advertisements

Google Home Lands In Canada…. And It Speaks Canadian French

Posted in Commentary with tags on June 26, 2017 by itnerd

Google Home is available from Canadian retailers as of today. The key thing to note is that Google Home now speaks Canadian French. But other than that, it’s the same Google Home device that Canadians have been wanting for some time as it includes the following key features:

  • Google Assistant – Get real-time answers including the latest on weather, traffic, finance, sports, and local businesses. With your permission, Google Home will learn about you and retrieve your calendar information, set alarms and timers, and even tell you about the traffic on your way to work.
  • Music – A simple voice request triggers Google Home to play music, podcasts or radio from services like Google Play Music, Spotify and more.
  • Smart Home Control – Connecting seamlessly with smart devices like Nest and Philips Hue, you can use your voice to set the perfect temperature or turn down the lights.

Telus reached out to me to say that they will have Google Home available for $179.99 at Telus stores or online at telus.com. But you can also pick it up at the Google Store, Bell, Best Buy, Fido, Indigo, London Drugs, Rogers, Staples, The Source, and Walmart among other retailers.

Android Pay Arrives In Canada

Posted in Commentary with tags on May 31, 2017 by itnerd

 

Canada today joins the list of countries where Google’s Android Pay platform is officially supported. If you are an Android user in Canada, you can now download and install the application from the Play Store.

Here are the banks that support Android Pay:

  • BMO
  • CIBC
  • Banque Nationale
  • Scotiabank
  • Desjardins
  • President’s Choice Financial
  • ATB Financial,
  • Canadian Tire Financial Services

Android Pay works on any Android device with KitKat 4.4 or higher and it must have NFC as well. On top of that, your device cannot be rooted or jailbroken. You can get more answers to your questions here.

Please post a comment below if you’ve tried Android Pay in Canada and what your experience was like.

UPDATE: I just noticed that TD and RBC are missing from the list of banks that support Android Pay. That’s weird. Also a video has gone up to support this launch:

Finally, Interac Debit support on the Android Pay platform is coming on Monday. American Express coming later this summer.

#Fail: Google Warned About Mass Phishing Attack SIX YEARS AGO

Posted in Commentary with tags on May 5, 2017 by itnerd

This week’s mass phishing attack aimed at Gmail users was stunning in terms of scale and how effective it was. At the time, I said this:

Google has apparently locked things down so that this attack doesn’t get worse. But expect it to be around for the next couple of days. That begs the question, why didn’t Google lock things down as a proactive measure?

Here’s the answer via Motherboard:

On October 4, 2011, a researcher speculated in a mailing list that hackers could trick users into giving them access to their accounts by simply posing as a trustworthy app.

This attack, the researcher argued in the message, hinges on creating a malicious application and registering it on the OAuth service under a name like “Google,” exploiting the trust that users have in the OAuth authorization process. OAuth is a standard that allows users to grant websites or applications access to their online email and social networking accounts, or parts of their accounts, without giving up their passwords. It is commonly used throughout the web, and typically shows up as a menu that lets you select which of your personal accounts (such as your Google or Facebook account) you want to use to sign into or connect to another service.

That’s exactly what happened this week. The researcher was Andre DeMarre who told Google about this and how to fix it by validating the URL used in a request to grant access to a social media or email account. Here’s what Google actually did:

A few months after he reported the issue, DeMarre said Google told him the following: “We’re deploying some abuse detection and reactive measures to deal with impostors that might try to abuse this sort of attack. Given this, we do not intend to perform validation that the URL matches the branding information.”

Because they didn’t address this six years ago, you now have wide scale pwnage as a result. In other words, this could all have been avoided but they couldn’t be bothered.

#Fail Google.

 

 

PSA: Don’t click that Google Docs link!

Posted in Commentary with tags , on May 4, 2017 by itnerd

If you get an email sharing a Google Docs file with you, I have some advice: Don’t click it!

This is a widespread phishing campaign that started on Wednesday. The malicious email contains what appears to be a link to a Google Doc file. This leads to a legit Google.com page asking you to authorize “Google Docs” to access to your Gmail account. The problem is that this takes control of your Gmail account and in the process, it sends out the same malicious email with your name on it and pillages your contact lists.

If you’ve been pwned by this attack already, you need to go into your Google account permissions page and remove all the access privileges for the evil Google Docs account. Google has apparently locked things down so that this attack doesn’t get worse. But expect it to be around for the next couple of days. That begs the question, why didn’t Google lock things down as a proactive measure?

Ruh Oh! Android Trojan Found On The Google Play Store

Posted in Commentary with tags , on April 17, 2017 by itnerd

One of the things that I’ve always been leery about when it comes to Android is the prevalence of malware on that platform. As in, you can trip over it without trying too hard and get yourself in trouble in the process. Here’s a case in point. The Hacker News is reporting that an app that advertised itself as a funny video player was on the Google Play Store. Here’s what it could do to you if you installed it:

Once downloaded, the app persistently requests administrative rights, and if granted, the banking malware can control everything that’s happening on an infected smartphone.

The BankBot springs into action when the victim opens any of the mobile apps from a pre-configured list of 425 banking apps. A complete list of banks a BankBot variant is currently imitating can be found on the blog post published by the researcher.

Once one of the listed apps is opened, BankBot immediately displays an overlay, which is a page on the top of legitimate mobile banking app and tricks Android users entering their banking credentials into the overlay, just like a phishing attack.

This was found by a researcher who contacted Google, who in turn yanked the app. But that’s not to say that there’s other variants floating around out there. But here’s the key point: This was found on the Google Play Store and not some shadowy third party app store. You have to wonder how that happened and if Google really tries to mitigate this stuff from showing up on the Play Store. From where I stand I have to question that because this is not a trivial Trojan seeing as it is clear that a significant amount of effort went into creating it and getting it to be able to do its evil work transparently.

The WiFi Exploit That Allowed Remote Pwnage Of iDevices Is In Android Phones Too

Posted in Commentary with tags on April 6, 2017 by itnerd

Earlier this week I pointed out that Apple had come out with iOS 10.3.1 a week after coming out with iOS 10.3. It’s sole purpose was to close a hole which allowed the pwnage of an iDevice via WiFi. It turns out that this wasn’t an Apple problem. Actually, it was a problem that stemmed in the WiFi chips made by Broadcom. Why is that an important detail? Well, those chips are used in iDevices, and a ton of Android devices. This came to light via a highly detailed blog post published by Google Project Zero. But what you really care about, at least if you have an Android device, is what Ars Technica had to say on this:

Google is in the process of releasing an update in its April security bulletin. The fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible.

In short, if you have the right Android devices, you’ll get a fix quickly. For everyone else on that platform, it may take ages for you to get a fix. If you get one at all. Not good.

So, how do you protect yourself? Well, the best you can do is not to connect to free WiFi. Or even going to the extreme of turning off WiFi which in my opinion isn’t realistic unless you have an extremely good data plan. Hopefully this gets mitigated via a patch to the majority of Android users quickly.