Security

Google explains how your data is collected and protected

Find out what data is collected, how it is used, and how we can stay in control

Published

on

Having a connected life makes it permeable for tech giants such as Google, Apple, Facebook, and Microsoft to know more about us. The issue of privacy has become one of the major concerns today.

Just like gold, data has been officially the essential currency that companies mine. At the cost of our personal information, technology progresses. But then, we’re left to fend for ourselves. So how do we know our data are safe and protected?

Google’s Product Manager for Privacy and Data Protection, Greg Fair, stated that in 2020, the searches for ‘online privacy’ grew by more than 50 percent. At the same time, 81 percent of consumers are now concerned about their data.

This is why Google launched a privacy comic book as part of its commitment to educate the public about how the company protects people’s data. But more than that, I recently learned Google’s responsible data practices and their advanced security technology through a roundtable with fellow journalists from the Asia-Pacific region.

So, let’s talk about Google’s transparency on what data is collected, how it is used, and how we can stay in control.

Location information

Ever wonder how you can navigate your short-distance travels easily by knowing which roads to skip due to traffic congestion? That’s all because Google Maps collect anonymous data to generate information that helps other users understand what’s going on around them.

This set of anonymized user data are personalized and helps improve products. For instance, some places get relevant information whenever a user provides personalized details about a certain restaurant.

While it’s great to be able to contribute to any improvement of a product, Google reminds people that they’re still in control. You can still turn off your location history, or have it automatically deleted after three or 18 months.

Google Assistant

Google Assistant, while looking like someone who spies on you, actually doesn’t save data even in standby mode. It only turns on when you command it with “Hey Google” or “OK Google”.

You can even ask it with “What data does Google collect?” or ask it to do something to protect your privacy such as “Delete what I just said” or “That wasn’t for you” — which results in having your most recent activity deleted. For further protection, you can view or delete data collected through My Activity.

How about ads?

Meanwhile, Google Search shows personalized ads that are only related to your Search query. Google doesn’t use private data such as email content, photos, document, or even sensitive information.

More importantly, ads are marked with labels like “ad” or “sponsored”, and only show up when there are useful ads related to the query.

A lot of us ask about seeing ads from our previous searches or topics we had in our conversations with friends — online and offline. So, is Google spying? Not really. According to Google, they’re not the only platform that utilizes data. Ads shown to you could’ve been the doing of other platforms that collects data. Plus, your cookies are partly to blame.

So, is our data safe and secure?

It’s safe to say that Google has an advanced security technology that protects users’ data, which automatically blocks a wide range of security threats such as government-backed attacks that could possibly be an attempt to obtain personal information.

Still, users have to take their part regarding responsible data practice. We can’t rely on the companies to do all the protection, we have to be cautious and secure our data as well, especially stuff that’s in our control.

Download the comic book here.

Security

Philippines, India among top 10 countries still affected by ransomware

As reported by Google

Published

on

Chinese Russian Hackers

Despite how efficient antivirus software is nowadays, malware is still a persistent problem for users all over the world. And, even worse, each month can bring its own different flavor of malware. To show this troubling trend, Google has released a global report about the state of ransomware as of today.

The Google report took samples from more than 140 different countries and from more than 130 different ransomware families. Unfortunately, some countries are much more affected than others. As of the report’s publishing, the top ten countries most affected by ransomware are: Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, the Philippines, Iran, and the United Kingdom.

In terms of a timeline, ransomware was most prevalent in the early months of 2020, peaking between January to May. The peaks coincide with the world’s drastic transition to work-from-home setups. More devices can potentially mean more attacks.

Even more telling, the attacks aren’t all from new families. Some are different strains of the same families. If anything, the prevalence of 2020’s most notorious ransomware family Gandcrab is already dwindling, making way for a new family this year called Babuk. Most strains now don’t just demand for money. Rather, they threaten to leak sensitive info if the ransom isn’t paid.

More technically, the most common way to distribute the malware is through executable files (or .exe) which take up around 93 percent of the samples. The next closest methods — each taking up only 2 percent each — are through .ddl files and Android-based methods.

Unfortunately, the report shows that the world is still lacking in cybersecurity measures. A lot of people are still affected by malware every day.

In response to the situation, Google has promised that its ongoing products, including the cloud-based Chrome OS, will focus on security for its users against the current array of ransomware families and strains.

SEE ALSO: Cybersecurity updates for Google Chrome

Continue Reading

Security

Apple explains why sideloading is harmful for you

It’s safer

Published

on

Installing apps onto an Apple device is both an easy and a difficult experience. It’s easy to have everything in a single app store. Having a single hub for apps can make setting up a phone simple. However, the inability to install apps from outside sources (or sideloading) can leave more dedicated power users from customizing their phones even further. Though a single ecosystem can get on some people’s nerves, Apple has a simple reason why: It’s safer.

Currently, Apple does not allow sideloading. Users can’t access third-party stores or do direct downloads from outside sources. The only way to install third-party apps is to manually alter the device’s software.

In a recently published report, Apple bares the multiple ways that sideloading can harm users. The report persistently reiterates that allowing sideloading can circumvent the strict safety regulations that Apple has carefully instated for the App Store.

Malware often circulates around outside sources where regulations are often lax or even non-existent. In fact, Apple even states that the lax regulations are the reason why malware exists more prevalently on Android systems. The Google-developed operating system only uses prompts and warnings to discourage users from installing third-party apps but does not stop them from doing so. “In a recently published report, Apple bares the multiple ways that sideloading can harm users,” the Apple report states.

Further, Apple’s report states that allowing sideloading will also harm those that don’t participate in sideloading. For example, schools and offices that require sideloaded apps can potentially allow malware to be installed in a plethora of devices. In fact, a single user installing sideloaded malware can compromise an entire network. A child who isn’t familiar with the perils of sideloading can easily stumble upon a harmful app out in the wild.

As such, Apple will keep its stance against sideloading. If you need sideloaded apps, Android (and the vigilance to know dangerous apps) might be the better solution for you.

SEE ALSO: Apple ‘unleashes’ invites for Oct 18 event

Continue Reading

Security

How Google is helping you stay safe and secure with your passwords

Can never be too safe

Published

on

Google Security

The internet has played a big part in making people’s lives easier and more convenient–from connecting people through emails and social media, online shopping, banking, entertainment and more.

All users have to do is to create accounts for various programs online, which means using their main email addresses and crafting strong passwords to ensure safety.

Nowadays, creating passwords can still be a hassle, that’s why some people resort to easy-to-remember yet vulnerable passwords or keep the same password across all platforms. These may still pose a threat and lead to security risks which can compromise a person’s privacy, their documents, data, and money online.

This is why Google is developing products that are secure to keep people safer online in a way that’s more convenient for them. In celebration of Cybersecurity Awareness Month, here are all the ways Google is making people’s sign-in safer.

Safe and seamless log-ins with Google’s Password Manager

Every day, Google checks the security of over a billion passwords to protect accounts from being hacked. The tech giant has a Password Manager, which is built directly into Chrome, Android and the Google App.

This uses the latest security technology to keep passwords safe across all the sites and apps. It also makes it easier for people to create and use strong and unique passwords on multiple devices, without the need to remember or repeat each one.

On iOS, people can select Chrome to autofill saved passwords in other apps, too, allowing people to sign-in with just one tap. Chrome is also planning to have iOS adapt the same strong password generation feature, similar to how Autofill with Google works on Android today.

A new feature will also be rolled out in the Google app that allows people to access all of the passwords they’ve saved in Google Password Manager right from the Google app menu.

These enhancements are designed to make your password experience easier and safer across the web, minus the hassle of having to note down or remember different passwords for different accounts like Facebook, Twitter, Instagram, Spotify, Netflix, Canva and more.

Enrolling in Two-Step verification 

As attackers still persist in hacking or obtaining illegally what they could, adding a second form of authentication which serves as an extra layer of protection dramatically decreases the chances of getting compromised.

For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks.

Two-step verification is strongest when it combines both “something you know”–your password–and “something you have”–like your phone or a security key.

To make 2SV more convenient, a Google prompt will now allow people to simply tap on their mobile devices to prove it’s really them trying to sign in, which guarantees virtually 100% safety provided user’s devices, like their phones, are taken good care of.

Google has also stepped its game when it comes to two-factor authentication, as it has begun automatically configuring people’s accounts into a more secure state.

By the end of 2021, Google plans to auto-enroll an additional 150 million Google accounts in 2SV and require 2 million YouTube creators to turn it on—basically making all Google-related accounts more secure across all its services and products.

At the moment, only Google accounts that have the proper backup mechanisms in place are being auto-enrolled to 2SV. To make sure your account has the right settings in place, take our quick Security Checkup.

Adding security keys into devices

Another innovation Google takes pride in is its security key—a form of authentication that requires people to tap their key during suspicious sign-in attempts.

Say for example, you logged in your GMail into a new device, Google will automatically send a message to your existing device, say a phone, to ask you whether it was you signing in or not.

All you have to do is press either yes or no, or in some cases, Google will ask follow-up questions to make sure nothing gets compromised.

By default, only you can access these prompt-up messages since only you have the control over your phone or your other devices.

Security keys provide the highest degree of sign-in security possible. In fact, Google has partnered with organizations to provide free security keys to over 10,000 people this year who might be vulnerable when it comes to their online security.

Security keys are accessible, as they are built right into Android phones and Google Smart Lock app on Apple devices.

Today, over two billion devices around the world automatically support the strongest, most convenient 2SV technology available.

Towards a safe and secure future

Google recently launched One Tap along with a new family of Identity APIs called Google Identity Services which uses secure tokens, rather than passwords, to sign people into partner websites and apps, like Reddit and Pinterest.

It combines Google’s advanced security with easy sign in to deliver a convenient experience that keeps people safe.

These new services represent the future of authentication and protect against more advanced vulnerabilities like clickjacking, pixel tracking, and other web and app-based threats.

Ultimately, Google wants everyone to have an easy, seamless sign-in experience that includes the best security protections across all of their devices and accounts.

Continue Reading

Trending