Especially after the Snowden revelations of global mass surveillance by US intelligence agencies at home and abroad, various countries demanded tech companies including Google, Apple, and Microsoft to set-up and maintain their servers in respective countries in order to keep their citizen data within boundaries.
The US government has powers to comply US-based tech companies with the court
It’s no secret that Google knows a lot about you.
The company tracks almost everything you do on the Internet, including your searches, music you listen to, videos you watch, and even the places you travel to, and it does this for targeting relevant ads to its users and better improve its service.
Now the technology giant has a plan to make it easier to control all the data the company
Nobody is immune to being Hacked!
After hacking Mark Zuckerberg’s Twitter and Pinterest accounts, Hacking group OurMine has successfully hacked the Quora account Google CEO Sundar Pichai and then cross-posted to his Twitter account.
<!– adsense –>
The hack became apparent when OurMine posted messages on Quora through Pichai’s account, which then appeared on his official Twitter feed late
Besides the exciting developments Apple presented at its annual WWDC event in San Francisco, there were also some security related announcements that should not go unnoticed.
The Apple brand talked about a new concept that they are beginning to use in all of their services that they say is the future of how users manage personal information on their platforms: they call it differential privacy.
You may think of Apple as a privacy defender; they are known to favor encryption and implement different measures in order to protect the personal data of their users. But in the age of “big data”, tech companies like Apple are also seeking as many personal details as possible about their users. Like any business, the tech company run by Tim Cook needs to know everything about their customers, both current and future.
How can the tech company seek personal data, while at the same, keep it private? It’s a privacy vs. government race (especially in the United States). Luckily for Apple users, in the realm of user privacy, this multinational giant is in the lead.
Apple has come up with something they call differential privacy. In other words, they extract conclusions about users and groups (or subgroups), while at the same time, ensuring that the information belonging to each one of those individuals is totally private.
Differential privacy lets you gain insights from large datasets, but with a mathematical proof that no one can learn about a single individual
“Differential privacy lets you gain insights from large datasets, but with a mathematical proof that no one can learn about a single individual,” explained Aaron Roth, a profesor of computer science at the University of Pennsylvania, who “[wrote] the book” on differential privacy, according to Apple’s Craig Federighi.
This does not anonymize data like many other internet services, which has proven to fail in many occasions. In 2007, for example, a group of investigators demonstrated how they were able to de-anonymize the “anonymous” data published on Netflix.
On the contrary, with their new focus Apple will not pass information from its devices to its servers until the data passes through a transformation process where it will go through various techniques like cryptographic and flow noise functions to ensure that it is mathematically impossible to associate your data with your identity.
They are not the only technology giant that is adopting differential privacy to protect their users’ personal information: other big businesses share this new idea including Google, and Microsoft, whose team of experts even includes some of the concept’s founders.
The post Tech Giants Use Differential Privacy to Extract Your Private Information appeared first on Panda Security Mediacenter.
More than half of the world’s top sites suffer from misconfigured email servers, something that heightens the risk of having spoofed emails sent from their domains, researchers warn.
Google has simplified its 2-step verification feature with a basic prompt users can take advantage of as a second form of authentication.
Google wants to kill passwords. They have developed Project Abacus, a system that aims to make passwords obsolete and secure your devices ten times more than a fingerprint sensor. So what’s the downside? This new privacy system comes at the expense of knowing absolutely everything about the smartphone’s owner. Its new security system is also… a creepy one.
To get rid of unlock patterns, passwords, or fingerprint readers on smartphones, Google has proposed a “trustworthy score” that will be calculated using your personal mobile devices, and deciding whether or not the terminal should be unblocked.
To obtain this score, the smartphone will use all of the user’s information: movement habits, typing speed, location and even biometric data, like voice or facial recognition. In summary, by using the combination of this information, the smartphone will know if the person attempting to unlock it is its owner.
To achieve what it aims to do, Google must constantly keep track of our smartphone use. Your employees will be spied on 24/7 from their personal devices while Project Abacus makes their digital life more secure and comfortable. With Project Abacus, all of your personal information is in Google’s hands.
The search-site’s plan does not only happen to use this system to unlock Android devices, but it goes far beyond that: the company has announced that it will launch an API so that developers can use Project Abacus as an identification method in third-party applications. The days are numbered for stored passwords and two-step verification. Not only will Google have access to employee information, but any company that uses Project Abacus will be able to use it as a security system.
The problem with Project Abacus is not only the fact that Google and other businesses would have access to the data collected from the phones, but they could also spy on us in real-time. Passwords would no longer be the objective for cyber-attacks. The new goal for cyber-criminals would be to obtain the huge amounts of personal information that would be available about your company and its employees.
Google is taking measures that could be a good compliment to a computer security system, but it is important to remember that they are also increasing the likelihood of a cyber-attack by accessing so much personal data from users. Cyber-criminals are constantly reinventing themselves and putting your at risk, so it is essential to protect your company with the most advanced cyber-security solutions.
The post Project Abacus: The End Of All Passwords appeared first on Panda Security Mediacenter.
During their annual developer event, Google I/O, the superior search engine introduced the public to Duo and Allo, which have been …. In the market of instant messaging apps, compared alongside its rivals of WhatsApp and Facebook Messenger.
Google’s main dish, Allo, has raised the bar of virtual assistants and bots, which are going to revolutionize the way we interact online. The tool will learn how to talk-the-talk—it will be able to capable of human interaction without having to pinch their brain or move a finger.
If, for example, you are invited to go out to dinner, the app will not only suggest a phrase to help you accept the invitation, but that will also book the restaurant for you, if you want it to, AND the restaurant chosen will be in-line with your preferences. According to Google, Allo will do all of this without compromising our privacy and security. As with WhatsApp, Allo will include end-to-end encryption to protect our messages.
So what is the problem? The chat encryption… which has become an extremely controversial topic. The security measure in the app will not be enabled by default, it will only work after we have activated incognito mode.
Thai Duong is one of the Google engineers responsible for the chat’s development. He wrote about this on his blog, but soon after, he deleted the paragraph. He wrote, “if the incognito mode with end-to-end encryption and disappearing messages is so useful, why not use it by default in Allo?” Many of us are wondering the same thing, which is precisely the reason Duong decided to remove the post, which would have made him into a voice for change or activism.
“Google’s decision to disable end-to-end encryption by default in its new #Allo chat app is dangerous, and makes it unsafe”, said the ex-analyst on Twitter, bringing to the light the NSA’s dirty laundry. “Avoid it for now”, he warned his followers.
Google’s decision to disable end-to-end encryption by default in its new #Allo chat app is dangerous, and makes it unsafe. Avoid it for now.
— Edward Snowden (@Snowden) May 19, 2016
Another privacy-defender, Christopher Soghoian, has also decided to voice his opinion against the decision that was taken by “Google’s legal teams and company” in order to avoid “upsetting the government”.
The post Good-bye Before H-Allo: Experts Don’t Approve of Google’s New Messaging App appeared first on Panda Security Mediacenter.
Google will next week begin a gradual deprecation of unsafe crypto protocol SSLv3 and cipher RC4 in Gmail IMAP/POP clients.
Chrome 51.0.2704.79 for Windows, Mac, and Linux was released Wednesday and patched 15 vulnerabilities, including two high-severity flaws eligible for bounties
