Archive for Google

« Older Entries
Newer Entries »

Make Sure You Update Chrome ASAP To Mitigate An Actively Exploited Vulnerability…. Along With Some Others

Posted in Commentary with tags on May 27, 2024 by itnerd

If you’re a Google Chrome user, you should make sure that you’re on 125.0.6422.112/.113 for Windows, Mac and 125.0.6422.112 for Linux. If you’re not, update ASAP as this update addresses a zero day vulnerability that is being actively exploited. Here’s what Google said:

This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[N/A][341663589] High CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20

Google is aware that an exploit for CVE-2024-5274 exists in the wild.

Fun fact, this is the fourth zero day that Google has patched this month. Here are the other three:

  • CVE-2024-4947 patched on 15 May. This was another type confusion flaw in V8 that was reported by Vasily Berdnikov and Boris Larin of Kaspersky Lab and which was used in targeted attacks according to Kaspersky.
  • CVE-2024-4761 patched on 13 May. An out of bounds memory write in V8 reported by an Anonymous researcher.
  • CVE-2024-4671 patched on 9 May. A use after free flaw in the browser’s Visuals component that was reported by an Anonymous researcher.

So if you haven’t updated Chrome, consider this a today problem.

Leave a comment »

Highlights From Google Marketing Live 2024

Posted in Commentary with tags on May 21, 2024 by itnerd

Coming out of  Google Marketing Live, Google showcased the latest product innovations across Google Ads and Commerce to help businesses thrive. 

Key announcement highlights included: 

  • New Performance Max creative controls. Soon, advertisers can share their font and color guidelines, as well as provide helpful image reference points to generate new asset variations. We’re introducing new image editing capabilities so advertisers can try adding new objects, extending backgrounds, and cropping to adapt to any format, size and orientation. 
  • New immersive Shopping Ad experiences. Advertisers will soon be able to enhance their Shopping ads with immersive visuals, including Virtual Try-On and generated 3D spinning ads, and later this year, we’re introducing a feature that lets shoppers dive deeper into an ad to see product videos, summaries and similar products provided by the advertiser.
  • Driving results and visual storytelling through Demand Gen: Beyond visually immersive ads, there are opportunities to connect with consumers on our most visually immersive channels — YouTube, Discover and Gmail. We launched Demand Gen last year, helping advertisers drive demand and conversions, and soon we’ll roll them out to even more advertisers on Display & Video 360 and Search Ads 360.
  • New opportunities for consumers. Ads have always been an important part of consumer’s information journeys. Soon, we’ll start testing Search and Shopping ads in AI Overviews for users in the U.S. In addition, we will start testing a new ad experience in Search to help guide people through complex purchase decisions.

Read about these and more on Google’s Keyword blog:

Leave a comment »

HP Teams Up With Google To Deliver The Next Generation of Communication Devices 

Posted in Commentary with tags , on May 14, 2024 by itnerd

HP has announced that they have a new partnership with Google. With more than half of meaning and intent communicated through body language versus words alone, an immersive collaboration experience plays an important role in creating authentic human connections in the evolving hybrid work framework, Project Starline is a breakthrough communications technology by Google leveraging AI, 3D imaging, and other technologies to offer a genuinely realistic meeting experience. HP’s expertise in computing, combined with investment in Poly audio and video technology, make it the right choice to deliver this new collaborative solution to the global market.

You can read all about this partnership here.

Leave a comment »

Google/Mandiant To The World: There are Lots Of Cyber Threats That Can Influence Elections

Posted in Commentary with tags , on April 27, 2024 by itnerd

From the “we better be paying attention to this” department comes Google’s recent Mandiant report that lists a dozen different ways cyber threat actors can influence elections. From the executive summary:

  • The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety of threat actors including: state-sponsored actors, cyber criminals, hacktivists, insiders, and information operations as-a-service entities. Mandiant assesses with high confidence that state-sponsored actors pose the most serious cybersecurity risk to elections.
  • Operations targeting election-related infrastructure can combine cyber intrusion activity, disruptive and destructive capabilities, and information operations, which include elements of public-facing advertisement and amplification of threat activity claims. Successful targeting does not automatically translate to high impact. Many threat actors have struggled to influence or achieve significant effects, despite their best efforts. 
  • When we look across the globe we find that the attack surface of an election involves a wide variety of entities beyond voting machines and voter registries. In fact, our observations of past cycles indicate that cyber operations target the major players involved in campaigning, political parties, news and social media more frequently than actual election infrastructure.  
  • Securing elections requires a comprehensive understanding of many types of threats and tactics, from distributed denial of service (DDoS) to data theft to deepfakes, that are likely to impact elections in 2024. It is vital to understand the variety of relevant threat vectors and how they relate, and to ensure mitigation strategies are in place to address the full scope of potential activity. 
  • Election organizations should consider steps to harden infrastructure against common attacks, and utilize account security tools such as Google’s Advanced Protection Program to protect high-risk accounts.

 Madison Horn (OK-5) Congressional Candidate had this comment:

In the recent Mandiant report by Google, a range of cyber threats to elections is detailed, but the proliferation of mis- and disinformation campaigns stands out as particularly alarming. These campaigns, which meticulously erode trust in governmental institutions and corrupt democratic processes, pose a severe threat that transcends political lines and demands immediate action.

Driven by motives ranging from shifting electoral outcomes to undermining public confidence and generating profit, these disinformation efforts are often orchestrated by state-backed entities from nations such as China, Russia, and Iran. Their impact is undeniable, as seen in instances like Russia’s involvement in the 2016 U.S. election and China’s ongoing global influence operations, which starkly demonstrate their capacity to sway public opinion and disrupt electoral integrity.

The avenues for these campaigns are primarily popular social media platforms—X, Telegram, Facebook—and YouTube, making the digital battlefield as accessible as it is dangerous. The consequences are profound, resulting in increased voter disengagement, the rise of unqualified leaders, and the destabilization of nations.

This is an urgent security issue that cannot be politicized. The integrity of our democracy is in jeopardy, making it imperative that we elect officials who grasp the complexity of these modern challenges. We need leaders who are committed to implementing robust cybersecurity measures, enhancing digital literacy, and fostering international cooperation to counteract the pervasive influence of state-sponsored disinformation. Our response must be swift and resolute to safeguard our democratic processes.

My opinion is that we all need to be paying attention to this and acting on this report to make sure that elections regardless of where they are are conducted in a free and fair manner without interference. The thing that concerns me is that we live in such a partisan environment at the moment that this could become a partisan issue. And it shouldn’t be regardless wherever on the political spectrum you happen to be on.

Leave a comment »

Google Rolls Out Find My Device Network

Posted in Commentary with tags on April 9, 2024 by itnerd

Google has introduced the Find My Device network for Android. Which as the name suggests is just like the Find My network that Apple rolled out a while ago. This network will allow you to do five things:

  • Keep track of your Android devices as well as find them.
  • Keep track of everyday items such as keys using Bluetooth trackers. Google specifically calls out Chipolo and Pebblebee. But also says that support for eufy, Jio, Motorola and other trackers are coming. One has to wonder if the O.G. of Bluetooth trackers which is Tile will be included? In any case, you can also find “unwanted” trackers which apparently includes AirTags.
  • You can leverage Nest devices to find items in your home and share items with your family.

This is live in the US and Canada and works on phones running Android 9 or higher. The one that that I think is a win here is that this will further discourage the use of AirTags and other Bluetooth trackers by criminals as any of these trackers are now more likely to be found by “Joe Average.”

Leave a comment »

Several Canadian women-led startups join Google’s Women Founders Cohort

Posted in Commentary with tags on March 7, 2024 by itnerd

Hi there, International Women’s Day is tomorrow and this year’s theme is #InspireInclusion. Around the world, underrepresented founders face a disproportionate lack of access to capital and support networks. Here in Canada, women entrepreneurs, in particular, make up only 17% of small and medium-sized business owners.  

Google launched the Google for Startups Accelerators: Women Founders cohort in 2020, to help level the playing field for women founders across North America, and inspire inclusion in the startup ecosystem. Over the past four years, they’ve worked with 47 women-led startups, who have collectively raised $93.22M USD since graduating from their cohorts. 

Today, ahead of International Women’s Day, Google is excited to welcome 15 new women-led businesses to the Google for Startups Accelerator community including MedReddieNimble Science, and SkyAcres, three Canadian startups that are driving transformation in agriculture and healthcare spaces. Learn more about the program here.

Leave a comment »

BREAKING: Google, WhatsApp And Twitter Are Down Too

Posted in Commentary with tags , , on March 5, 2024 by itnerd

Things seem to be getting worse. On top of this outage and this outage that I just reported on, it seems that Down Detector are now reporting that WhatsApp and Twitter are also down:

I just tested Twitter, Google and WhatsApp and found no issues. But others aren’t so lucky apparently. I’ll be keeping a close eye on Down Detector to see what else breaks today.

Leave a comment »

BREAKING: Google Play And YouTube Have Issues

Posted in Commentary with tags on March 5, 2024 by itnerd

It appears that Meta services are not the only services that have issues today. Joining Facebook, Instagram and Messenger on Down Detector’s list of services that are down are YouTube and Google Play:

Now I just tested YouTube and this is what I get:

I don’t have an Android phone on me as I am currently offsite. Like the Meta outages, there’s no ETA for resolution at this time.

Leave a comment »

Google Makes Announcements Related To Search

Posted in Commentary with tags on January 17, 2024 by itnerd

A couple of announcements related to search were made by Google today:

  • Circle to Search is a new way to search anything on your Android phone without switching apps. Now, with a simple gesture, you can select what you’re curious about in whatever way comes naturally to you — like circling, highlighting, scribbling or tapping — and get more information right where you are.
  • Related to this is this announcement. When you point your camera on your Android phone (or upload a photo or screenshot) and ask a question using the Google app, the new multisearch experience will show results with AI-powered insights that go beyond just visual matches. This gives you the ability to ask more complex or nuanced questions about what you see, and quickly find and understand key information.

This is launching on January 31 on select premium Android smartphones. Specifically the Pixel 8, Pixel 8 Pro and the new Samsung Galaxy S24 series.

Leave a comment »

Google And TELUS Have Teamed Up To Collect The Eyelid Shape & Skin Tone Of Children Via Parent Submitted Videos…. WTF?

Posted in Commentary with tags , on January 5, 2024 by itnerd

Well this seems a bit suspect. Google is collecting the eyelid shape and skin tone of children via parent submitted videos. And apparently, Canadian telco TELUS TELUS International is involved in this. Here’s the details:

Google is collecting the eyelid shape and skin tone of children via parent submitted videos, according to a project description online reviewed by 404 Media. Canadian tech conglomerate TELUS, which says it is working on Google’s behalf, is offering parents $50 to film their children wearing various props such as hats or sunglasses as part of the project, the description adds.

The project shows the methods some companies are using to build machine learning, artificial intelligence, or facial recognition datasets and products. Rather than scraping already existing images or analyzing previously collected material, TELUS, and by extension Google, is asking the public to contribute directly and get paid in return. Google told 404 Media the collection was part of the company’s efforts to verify users’ age.

“Eyelid shape. Skin tone. Video recording (without voice),” a section of the project terms and conditions listing the data collected reads. Another section says that TELUS’ customer—that is, Google—will collect “facial geometry.”

Let’s see what TELUS TELUS International and Google have to say about this:

TELUS writes that the purpose is to “capture a broad cross-section of participants targeting various combinations of demographics, with the goal of ensuring that our customer’s services, and derived products, are equally representative of a diverse set of end-users.” The description adds that the use case is to “help improve the authentication methods, thus offering more secure tools for the end users.”

Google told 404 Media in an email that TELUS was enlisted to find people to participate in the study, but TELUS itself did not receive any of the videos submitted. Rather, TELUS worked to identify eligible participants for Google.

A Google spokesperson said in a statement that “As part of our commitment to delivering age-appropriate experiences and to comply with laws and regulations around the world, we’re exploring ways to help our users verify their age. Last year, Telus helped us find volunteers for a project exploring whether this could be done via selfies. From there, Google collected videos and images of faces, clearly explaining how the content will be used and, as with all research involving minors, we required parental consent for participants under the age of 18. We’ve also put strict privacy protections in place, including limiting the amount of time the data will be retained and providing all participants the option to delete their data at any time.”

Google said improving user experience in this area also helps adults verify their age, and can assist with services that might be age-gated to children and teenagers. The company also said using outside vendors can help collect a diverse dataset and ultimately build more inclusive products.

Like I said, this seems a bit suspect. The fact that Google and TELUS TELUS International have teamed up to do this really rubs me the wrong way. Google’s involvement in this doesn’t surprise me in the least. But the fact that TELUS TELUS International is involved in this does as I always believed that TELUS TELUS International would never be involved in something like this. Add to that the fact that this whole project was aimed at kids who could not consent for themselves and it’s not a good look for either company.

UPDATE: In this story I wrote TELUS when it should have been TELUS International. TELUS is TELUS International’s parent company and they operate separately. That’s why the original mentions of TELUS have a strike through font like this. The story from 404 Media has not been corrected as that is the responsibility of 404 Media.

Leave a comment »

« Older Entries
Newer Entries »