Tag Archive for: Google’s

Google’s new security pilot program will ban employee Internet access

/in


A large Google logo is displayed amidst foliage.

The Internet is dangerous, so what if you just didn’t use it? That’s the somewhat ironic recommendation Google, one of the world’s largest Internet companies, is making to its employees. CNBC’s Jennifer Elias reports that Google is “starting a new pilot program where some employees will be restricted to Internet-free desktop PCs” while they work. An internal memo seen by CNBC notes that “Googlers are frequent targets of attacks” by criminals, and a great way to combat that is to not be on the Internet.

Employees that work at major tech companies are a much richer target for criminals compared to normal people. Tech company employees have all sorts of access to sensitive data, and compromising a single employee could lead to exploiting sensitive infrastructure. Just last week, Microsoft was targeted by a Chinese espionage hacking group that somehow stole a cryptographic key to bypass Microsoft’s authentication systems, giving it access to 25 organizations, including multiple government agencies.

The report says Google’s new pilot program “will disable Internet access on the select desktops, with the exception of internal web-based tools and Google-owned websites like Google Drive and Gmail.” This was originally mandatory for the 2,500 employees that were selected, but after “receiving feedback”—we’re going to assume that was very enthusiastic feedback—Google is letting employees opt out of the program. The company also wants some employees to work without root access, which is common sense for a lot of computer roles, but not really for developers, which are used to being able to install new programs and tools.

Being banned from the entire Internet would be tough, but Googlers in the high-security program will still get access to “Google-owned websites,” which is actually quite a bit of the Internet. Google Search would be useless, but you could probably live a pretty good Internet life, writing documents, sending emails, taking notes, chatting with people, and watching YouTube.

It would presumably still be possible to be emailed a virus attachment, but…

Source…

According to Researchers, Google’s Bard Presents a Ransomware Threat / Digital Information World

/in


The introduction of AI is revolutionary in and of itself. But with such a rapidly evolving technology accessible to common folks, the chances of users exploiting it for unethical and fraudulent purposes are high. Google’s AI chatbot, Bard, is reported to willingly produce harmful phishing emails when given prompts. By tweaking the wording of those prompts in a specific manner, Bard even can generate basic ransomware code. Check Point, a cybersecurity firm, stated that Bard has gone beyond its competitor, ChatGPT when it comes to cybersecurity.

In light of recent worries regarding the potential misuse of OpenAI’s large-language model in generating harmful programs and threats, Check Point conducted a research proceeding with absolute caution. ChatGPT has enhanced security measures in comparison to Google’s Bard, which has yet to reach that level of security.

Check Point’s researchers gave both ChatGPT and Bard identical prompts. Upon querying for phishing emails were refused by both AI programs. But the findings showcased the difference between both AI programs — ChatGPT explicitly stated that engaging in such activities was considered fraudulent, Bard, on the other hand, claimed that it could not fulfill the request. Furthermore, results showed that ChatGPT continued to decline their request when prompted for a particular type of phishing email, while Bard began providing a well-written response.

However, both Bard and ChatGPT firmly refused when Check Point prompted them both to write a harmful ransomware code. They both declined no matter what, despite their attempts at tweaking the wording a bit by telling the AI programs that it was just for security purposes. But it didn’t take the researchers that long to get around Bard’s security measures. They instructed the AI model to describe common behaviours performed by ransomware, and results showed that Bard had spurted out an entire array of malicious activities in response.

Subsequently, the team went further to append the list of ransomware functions generated by the AI model. They asked it to provide a code to do certain tasks, but Bard’s security was foolproof and claimed it could not proceed with such a…

Source…

ACLU’s Jennifer Stisa Granick and Google’s Maddie Stone talk security and surveillance at Disrupt • TechCrunch

/in


In a world filled with bad actors and snooping governments, surveillance is the one factor that affects almost every business across the globe. While companies like Apple, Signal and LastPass fight against surveillance using end-to-end encryption and by shunning mass data collection — you can’t hand over data you don’t have — too many companies, big and small, remain unaware and deeply vulnerable to prying eyes.

The fast-changing surveillance landscape is why we’re thrilled that Jennifer Stisa Granick, ACLU’s surveillance and cybersecurity counsel, and Maddie Stone, a security researcher on Google’s Project Zero team, will join us onstage at TechCrunch Disrupt on October 18–20 in San Francisco.

In a panel discussion called “Surveillance in Startup Land,” Granick and Stone will join TechCrunch security editor Zack Whittaker to present a crash course on the surveillance state to inform, educate and inspire early-stage founders to think about how to protect their users and customers from threats they haven’t even thought of yet.

We’ll discuss the emerging threats today, like how spyware makers, like NSO Group, Cytrox and Candiru, which let governments secretly wiretap phones in real time, and data brokers — the companies that trade in people’s personal information and granular location — represent an ever increasing threat to privacy and civil liberties.

Surveillance isn’t just in the United States — it’s everywhere — and change can happen quickly and unexpectedly. Case in point: Fear over healthcare data tracking and privacy became a reality after the U.S. Supreme Court overturned Roe v. Wade, the landmark legal case that guaranteed a person’s constitutional right to abortion.

The decisions that founders and investors make today can and will affect millions tomorrow. We can’t wait to hear our panelists weigh in on how companies should think about what they’re building now — and in the future — so they don’t inadvertently become extensions of the surveillance state.

Jennifer Stisa Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the surveillance and cybersecurity counsel…

Source…

Google’s Pixel Watch to Compete With Apple Watch This Fall

/in


The first smartwatch featuring Google-built hardware and software is coming. At its I/O developer conference on Wednesday, Google officially announced the Pixel Watch, slated to arrive alongside the Pixel 7 (and presumably a new Apple Watch) this fall. 

On the design front, the new wearable will feature a domed circular face, a tactile crown, a recycled stainless steel case, and customizable bands. On the inside, it will run Wear OS, featuring an “improved” user interface “with more fluid navigations and smart notifications,” Google SVP Rick Osterloh said at the event. 

In terms of apps, the Pixel Watch will naturally feature several Google standbys, including Assistant, Home, Maps, and Wallet, along with “deep” Fitbit integration, according to Osterloh. 

Pixel Watch


Google Home on the Pixel Watch
(Image: Google)

The watch is voice-enabled, so you can ask Google Assistant for the weather forecast and more. With Google Maps, you can follow directions, even when cycling, right on the watch without having to bring your phone. Google Wallet on Wear OS will launch starting with support for payment cards, letting you check out in stores with a tap of your wrist. A new Google Home app for Wear OS will let you control and monitor compatible smart home devices including lights bulbs, security cameras, and thermostats from your watch. 

On the health and fitness end, the Pixel Watch will support continuous heart rate monitoring and automatic sleep tracking. It will also be the first Wear OS device to support Fitbit’s Active Zone Minutes metric. 

Pixel Watch


Google Maps on the Pixel Watch
(Image: Google)

That’s all Google has officially said about the Pixel Watch at this time. Osterloh promised more details in the coming months. 

Meanwhile, Google also tipped additional Wear OS devices from Fossil, Mobvoi, Montblanc, and Samsung launching later this year, but didn’t offer details.

Recommended by Our Editors

On the software side, Deezer and SoundCloud apps are slated to arrive on Wear OS in the near future, joining several other notable additions that have recently launched on the platform, including Adidas Running, KakaoTalk, Line, and Spotify. Google also plans to bring Emergency SOS to Wear OS later…

Source…