Security Updates from Google

10th May 2021, Kathmandu

An American multinational technology company specializes in Internet-related services and products, including online advertising technologies, a search engine, cloud computing, software, and hardware also known as Google has many features such as:

  • Google enables asking anything and providing all the answers available on the web.
  • A reminder of certain things at a certain time
  • Keeps you updated about things you’ve recently searched
  • Scan tickets for upcoming events
  • Stay up-to-date about the latest movies, books, news, TV shows, etc.
  • For online shopping and even finding the nearest stores
  • Keeps track of recent physical activity like walking or biking
  • For traveling stress-free like helping in the hotel information, car rentals, booking flights, nearby events, popular spots
  • Tracking stocks and sports
  • Sharing commute with friends and family

Google has made many attempts to boost privacy and security, including the use of two-factor authentication to eligible users and also bringing IOS-like privacy levels to Android settings.

Google Play To Get Apple-Like Privacy Labels

The Google play store for Android is planning to include a new safety section for app listings that highlights the type of data collected and stored can be approximate or precise location, contacts, personal information, photos, and how the data is used like providing app functionality, personalization, or advertising.

An app’s collection practices are meant to be easy to understand and user-friendly format which is shown by the transparency measures into how apps use data echo a similar push by Apple.

For the changes, app developers, including Google, also need to provide information about their security practices, like data encryption and Google policies around apps and games aimed at children explain why these data are being collected or if users can refuse sharing data.

The Third-party verification information about apps privacy labels will also be highlighted because it appears to be a move to counter criticism like Apple faced failing the vet apps that provides” misleading or flat-out inaccurate” labels. The changes are due in the second fiscal quarter of 2022.

Google Debuts Cosign for Verifying Container Images

Sigstore tool was released in early march by Google, Linux Foundation, and red hat to secure software supply chains by enabling developers to sign their code and for users to verify threats like dependency confusion which takes advantage of the fact that piece of software may include components of the mix of private and public resource.

The company is now expanding with Cosign, a secure single sign-on web authentication system or a new command-line tool that aims to simplify signing and verifying container images and prevent users from falling prey to typosquatting attacks, where threat actors impersonate legitimate domains for malicious purposes such as fraud or malware spreading.

Google Chrome Gets Hardware-Enforced Exploit Protection

“Hardware enforced stack protection” security feature was equipped with new Windows 10 to safeguard the memory stack from arbitrary code execution attacks. It will layer with existing and future measures to create exploitation more difficult and expensive for an attacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here