Security

Google explains how your data is collected and protected

Find out what data is collected, how it is used, and how we can stay in control

Published

on

Having a connected life makes it permeable for tech giants such as Google, Apple, Facebook, and Microsoft to know more about us. The issue of privacy has become one of the major concerns today.

Just like gold, data has been officially the essential currency that companies mine. At the cost of our personal information, technology progresses. But then, we’re left to fend for ourselves. So how do we know our data are safe and protected?

Google’s Product Manager for Privacy and Data Protection, Greg Fair, stated that in 2020, the searches for ‘online privacy’ grew by more than 50 percent. At the same time, 81 percent of consumers are now concerned about their data.

This is why Google launched a privacy comic book as part of its commitment to educate the public about how the company protects people’s data. But more than that, I recently learned Google’s responsible data practices and their advanced security technology through a roundtable with fellow journalists from the Asia-Pacific region.

So, let’s talk about Google’s transparency on what data is collected, how it is used, and how we can stay in control.

Location information

Ever wonder how you can navigate your short-distance travels easily by knowing which roads to skip due to traffic congestion? That’s all because Google Maps collect anonymous data to generate information that helps other users understand what’s going on around them.

This set of anonymized user data are personalized and helps improve products. For instance, some places get relevant information whenever a user provides personalized details about a certain restaurant.

While it’s great to be able to contribute to any improvement of a product, Google reminds people that they’re still in control. You can still turn off your location history, or have it automatically deleted after three or 18 months.

Google Assistant

Google Assistant, while looking like someone who spies on you, actually doesn’t save data even in standby mode. It only turns on when you command it with “Hey Google” or “OK Google”.

You can even ask it with “What data does Google collect?” or ask it to do something to protect your privacy such as “Delete what I just said” or “That wasn’t for you” — which results in having your most recent activity deleted. For further protection, you can view or delete data collected through My Activity.

How about ads?

Meanwhile, Google Search shows personalized ads that are only related to your Search query. Google doesn’t use private data such as email content, photos, document, or even sensitive information.

More importantly, ads are marked with labels like “ad” or “sponsored”, and only show up when there are useful ads related to the query.

A lot of us ask about seeing ads from our previous searches or topics we had in our conversations with friends — online and offline. So, is Google spying? Not really. According to Google, they’re not the only platform that utilizes data. Ads shown to you could’ve been the doing of other platforms that collects data. Plus, your cookies are partly to blame.

So, is our data safe and secure?

It’s safe to say that Google has an advanced security technology that protects users’ data, which automatically blocks a wide range of security threats such as government-backed attacks that could possibly be an attempt to obtain personal information.

Still, users have to take their part regarding responsible data practice. We can’t rely on the companies to do all the protection, we have to be cautious and secure our data as well, especially stuff that’s in our control.

Download the comic book here.

News

Chrome is getting Enhanced Safe Browsing features to protect you online

Includes file download warnings and more

Published

on

Google has announced it’s working on bringing “Enhanced Safe Browsing” features to Chrome. The browser will be able to protect you from downloading malicious files or extensions, extending a helping hand to your systems’ in-built security protocols.

Starting with Chrome 91, it’ll offer additional protection when users install a new extension from the Chrome Web Store. A prompt will inform users if an extension they are about to install is not a part of the list of extensions trusted by Enhanced Safe Browsing.

If a download is deemed risky but not certainly unsafe, Enhanced Safe Browsing users will issue a warning. It’ll also give you an option to send the file to Google for further analysis and detection.

Google shared some more tips:

1. Turn on Enhanced Safe Browsing protection in Chrome. Enhanced Safe Browsing users are successfully phished 35% less than other users. We recently announced additional protections for Enhanced Safe Browsing users, like warnings before you install untrustworthy Chrome extensions and more thorough scanning to protect you from potential Malware.
2. Enroll in two-step verification (2SV). This is another way for your account to confirm it is really you logging in. Using your mobile device to sign in gives you a safer and more secure authentication experience than passwords alone.
3. Enroll in Google’s Advanced Protection Program (APP). APP safeguards users with high visibility and sensitive information, who are at risk of targeted online attacks. New protections are automatically added to defend against today’s wide range of threats.
4. Take the Google Security Checkup. This gives you personalized and actionable security recommendations that help you strengthen the security of your Google Account, and it only takes two minutes to complete.

Safer, more secure

It involves users sharing real-time data to Google Safe Browsing so that Chrome can provide proactive security. The browser currently cross-checks the address you’re visiting against its database of known threats. But the database is updated every 30 minutes, and many scammers have managed to bypass the firewall. You’ll still be able to ignore the warning and open the file, but it’ll be at your own risk.

Additional measures are active if you’re signed in to Chrome with Gmail, Drive, and other Google services working with Chrome to provide a “holistic view of threats” on the web and attacks against your Google Account. The existing ‘Safe Browsing’ tool can warn you if passwords are exposed in a data breach. Firefox, too offers a similar service called Firefox Monitor.

Windows and macOS have come a long way in the last decade, and with work increasingly depending on the cloud, remote access via the browser is consistently rising against native apps. Securing Chrome also helps tackle security issues on Chrome OS itself.

Continue Reading

News

US fuel pipeline shuts down due to a ransomware attack

But hackers didn’t mean to “create problems”

Published

on

ransomware

A major pipeline system that transports fuel across the US East Coast was a victim of a ransomware attack, and all operations were halted. The cyberattack hit Colonial Pipeline, which carries gasoline, diesel, and jet fuel from Texas to New York, accounting for 45 percent of all fuel consumption on the east coast.

The attack is said to be planned by DarkSide, an organized group of hackers set up along the “ransomware as a service” business model. Under the heading, “About the latest news,” DarkSide claimed it’s not political and only wants to make money without causing problems for society.

President Joe Biden was briefed Saturday morning, and the federal government is working with the company to assess the implications of the attack, restore operations and avoid disruptions to the supply.

Cyberattacks on the US have been consistently rising, including last year’s attack at the software company SolarWinds that hit several U.S. government agencies, including the Pentagon.

DarkSide began attacking medium and large-sized companies, mostly in Western Europe, Canada, and the United States last year, reportedly asking for anywhere from a few hundred thousand dollars to a few million dollars, to be paid in Bitcoin.

In the case of Colonial Pipeline, the criminals have stolen almost 100GB of data hostage, threatening to leak it onto the internet. They operate a website where all stolen files are dumped publicly if the ransom isn’t delivered. DarkSide also maintains that it will donate a portion of its profits to charities.

Law enforcement officials say some of these criminals have worked with Russia’s security services, although no evidence has been presented so far.

Continue Reading

News

Google will automatically start enrolling users for two-fact authentication

More safety for everyone!

Published

on

Google has announced that it will automatically start enrolling accounts to two-factor authentication (2FA). The safety mechanism is highly dependable and adds an additional layer of security, in case your password is compromised.

It will ask users already enrolled to confirm they are who they say they are. And soon, the company will automatically get all users to have two-factor enabled. So, if you see 2FA activated on any of your Google accounts, this does not necessarily mean that your password was weak.

“We’re starting with the users for whom it’ll be the least disruptive change and plan to expand from there based on results,” Mark Risher, Google’s Director of Product Management, Identity, and User Security told Motherboard in an email. “Our ultimate goal is to get everyone into a more protected and secure state by default.” 

According to Google, searches for “how strong is my password” shot up by 300% in 2020. But even long or complex passwords cannot be trusted. Google has explained in the blog that 2FA is one of the best ways users can protect their accounts and save them from password breaches. The step is welcomed by cybersecurity experts as cybercrime is consistently on the rise and our digital accounts are extremely sensitive.

What is 2FA?

Usually, you log in with just your username and password. With 2FA, a six-digit code is required to successfully login, despite having the password. The six-digit code can be sent to your registered mobile number, alternate email, or a 2FA app like Google Authenticator. The system also generates a few backup codes, which can be used if you lose access to all three available channels mentioned above.

Along with the 2FA, Google also said that it has introduced a new feature in Chrome called Password Import. As the name suggests, it’ll allow users to import passwords from third-party sites or password managers.

Continue Reading

Trending