Archive for Google

Google+ To Be Shut Down Early Because Of A Second Vulnerability That Led To Data Leakage

Posted in Commentary with tags on December 10, 2018 by itnerd

A little while ago, it was disclosed that Google’s Google+ service had some serious vulnerabilities that would lead to the service shutting down. At the time I called it a fiasco, but now that fiasco has gotten worse as it has been disclosed that 52.5 million have been affected by another vulnerability:

According to Google, the new vulnerability impacted 52.5 million users, who could have had profile information like their name, email address, occupation, and age exposed to developers, even if their account was set to private. Apps could also access profile data that had been shared with a specific user, but was not shared publicly.

And as a result of this latest screw up, Google is taking this action:

“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days,” reads the blog post, penned by David Thacker, Google’s vice president of project management. “In addition, we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019. While we recognize there are implications for developers, we want to ensure the protection of our users.”

That’s four months early. That gives me the impression that they can’t fix what’s wrong with Google+. Which is likely okay as not a whole lot of people were using the service. But it highlights the fact that Google needs to pay a price for this. And seeing as Google is in front of congress this week, that may actually happen.

Advertisements

Toronto Needs To Say No To Sidewalk Labs

Posted in Commentary with tags , on November 2, 2018 by itnerd

Two years ago Alphabet via its Sidewalk Labs arm was given planning permission to develop 800 acres of Toronto waterfront into a car-free, data-driven neighborhood called Quayside. The vision was as follows:

By combining people-centered urban design with cutting-edge technology, we can achieve new standards of sustainability, affordability, mobility, and economic opportunity.

That sounds great right? Well, some say not so much. Former BlackBerry co-CEO Jim Balsillie called it “a colonizing experiment in surveillance capitalism” and pretty much said that Toronto should deep six the idea. Then Saadia Muzaffar and John Ruffalo who were volunteer members of an advisory committee quit the project. Both indicated that their departures had to do with a lack of public trust. To top it all off Ann Cavoukian who was Ontario’s privacy commissioner and a leading privacy expert quit citing privacy concerns.

Clearly all is not well with Quayside.

When one of the leading privacy experts in the country, as well as two others with very strong business and tech backgrounds, along with the former CEO of a company that has security at the forefront of everything they do all say that this project is a bad idea, perhaps the City Of Toronto should listen and pull the plug on this. Now Sidewalk Labs put out a really pretty blog post that says that everything is fine and people in Toronto have nothing to worry about because they take privacy seriously. But consider this. We are talking about Alphabet which is also known as Google. A company known for slurping up massive amounts of data and using it to make piles of cash. Can the be trusted?

I’m going to go with no.

If I were the City of Toronto, I would run away from this project. It’s not worth it. Seriously. It’s time to say no to Sidewalk Labs and Quayside.

 

Google Needs To Pay The Price For The Google+ Fiasco

Posted in Commentary with tags on October 9, 2018 by itnerd

By now you’ve heard that Google is shutting down their Google+ social networking site, at least to consumers as there’s a corporate version that will still exist, because of a a bug that put at risk the personal data of hundreds of thousands of Google+ users. What makes this worse is the bug was discovered months ago and Google decided to keep it quiet. Now Google does go into great detail about why Google+ is being shut down in a blog post. But what the blog post does not do is explain why the bug was hidden for months. For that, you’ll have to look at the Wall Street Journal who got their hands on an internal memo that explains that. Seeing as that is paywalled, Business Insider gives you the highlights of the leaked memo that basically says that Google buried this because they were afraid of the blowback from the US Congress over this. Not to mention the reputational damage that this would cause.

#EpicFail

Google hasn’t got the best reputation to begin with because they are a company that lives to collect data. So when something like this happens, it’s sure to garner more than its fair share of interest. And it should. If you as a company are going to collect personal information, you have the responsibility to keep it safe. Google didn’t in this case, and while it appears at first glance that nothing bad happened, they need to pay a price for the mistake and a higher price for the cover up. Neither is acceptable especially after the wake up call that the world got with the Facebook fiasco. Google really needs to step up and explain to the world why they should be trusted. Preferably in front of the US Congress or EU Parliament, and right before they slap them with penalties and enact legislation that forces them to do the right thing which is to protect the personal information of their customers. Seeing as they can’t or won’t do that on their own.

Google To Restrict Tech Support Ads….It’s A Start

Posted in Commentary with tags on September 3, 2018 by itnerd

Google is going to restrict advertisements placed by third-party technical support providers, in an effort to stem a rising tide of abuse and fraud by scammers who offer to fix non-existent problems on consumers’ computers.

The restriction for tech support ads comes after Google collaborated with law enforcement and government agencies to address abuse in the area, the company’s director of public policy David Graff wrote. All ads for technical support will be restricted worldwide, even for legitimate providers, Graff said. Google’s banned such ads because the company finds it increasingly difficult to tell scammers from legitimate providers, as the fraudulent activity happens away from the company’s platform.

This is a great move as these scammers really are scum that should be wiped off the face of the Earth based on these two examples that I’ve personally come across. Though this won’t help the phone calls that people get that are just as dangerous, and much harder to stop.

A Study Says That Idle Android Devices Send Way More Data To Google Than Idle iOS Devices

Posted in Commentary with tags on August 23, 2018 by itnerd

If tracking your location when you tell Google not to isn’t enough of a problem for the company who claims not to “do no evil”, it now has a new problem that might be even bigger. In a paper titled “Google Data Collection,” [Waring: PDF] Douglas C. Schmidt, a computer science professor at Vanderbilt University, arrives at some scary conclusions. Here’s two highlights:

  • An idle Android phone with Chrome web browser active in the background communicated location information to Google 340 times during a 24-hour period. An equivalent experiment found that on an iOS device with Safari open but not Chrome, Google could not collect any appreciable data unless a user was interacting with the device.
  • An idle Android phone running Chrome sends back to Google nearly fifty times as many data requests per hour as an idle iPhone running Safari.

The paper lists other examples. But here’s the bottom line. Your really cool Android smartphone or tablet is far more chatty with Google than your average iPhone or iPad. Now this could easily devolve into a Android versus iOS debate. But it doesn’t have to. Instead this is the questions that should be asked. Why on God’s green Earth does an Android device need to talk to Google that often?

Oh wait. I know the reason. When you use a Google product, and that includes smartphones made by Samsung, LG or whomever, you the consumer become the product.

It’s food for thought the next time you want a smartphone.

Google Gets Sued Over Location Tracking Fiasco…. And Others Pile On For Fun

Posted in Commentary with tags on August 21, 2018 by itnerd

Last week, The Associated Press found that many Google services on Android devices and iPhones store your location data even if you’ve explicitly disabled the location sharing feature. Then they tried to clean up the mess that they created by putting some spin on it. Clearly that didn’t work because Google has now been sued by a man in San Diego, who argues that Google is violating the California Invasion of Privacy Act and the state’s constitutional right to privacy:

The lawsuit seeks class-action status, and it would include both an “Android Class” and “iPhone Class” for the potential millions of people in the United States with such phones who turned off their Location History and nonetheless had it recorded by Google. It will likely take months or longer for the judge to determine whether there is a sufficient class. 

Now Google has a problem because while I am not a lawyer, this lawsuit takes dead aim at their behavior which I suspect they might have a tough time explaining away.

But wait, there’s more:

Also on August 17, attorneys from the Electronic Privacy Information Center wrote in a sternly worded three-page letter to the FTC that Google’s practices are in clear violation of the 2011 settlement with the agency. In that settlement, Google agreed that it would not misrepresent anything related to “(1) the purposes for which it collects and uses covered information, and (2) the extent to which consumers may exercise control over the collection, use, or disclosure of covered information.” Until the Associated Press story on August 13, Google’s policy simply stated: “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.”

This is a bit more interesting than the lawsuit because it forces Google into a position where it will be forced to argue that it hasn’t violated their 2011 agreement with the FTC which on the surface seems pretty clear to me.

This should be fun to watch.

Google Clarifies Their Location-Tracking Policy Help Page To Put Some Spin On The Fact That They Were Tracking You

Posted in Commentary with tags on August 17, 2018 by itnerd

You might recall that AP blew the lid off the fact that even if you disable location tracking in Google apps, you’re still being tracked anyway. Well, according to a new report from AP, Google has altered the web pages that relate to location tracking. Before the change, it used to say among other things that once you set the setting to off “the places you go are no longer stored”. But now it says flipping the setting off “does not affect other location services on your device” and that “some location data may be saved as part of your activity on other services, like Search and Maps.” Google fessed up to the change in another document making the claim that it was simply making things more clear for its users. In other words, nothing to see here. Move along.

In any case if you don’t want Google tracking your movements, I would take a look at this article from PC Magazine which gives you instructions on what you need to do regardless of what device you are using.