Skip to content

Recent Articles

9
Feb

Google Fiber shutting down in Louisville

An awkward exit:

“We’re not living up to the high standards we set for ourselves, or the standards we’ve demonstrated in other Fiber cities,” the company writes today. “We would need to essentially rebuild our entire network in Louisville to provide the great service that Google Fiber is known for, and that’s just not the right business decision for us.”

It’s a rare admission of defeat for Google Fiber, though it’s no secret that the company isn’t exactly bullish on the prospect of the service anymore. Louisville was supposed to be somewhat of a comeback for Google Fiber, which like so many Google services is now under more pressure to generate a profit. Clearly, that didn’t work out. If this were still a major growth and focus area for Google, it would have done exactly what it isn’t doing in Louisville: rebuild the entire network.

Instead of a comeback, Google Fiber in Louisville was a flop.

Here’s a thought, Google (or as you’re now called, Alphabet): maybe instead of trying to conquer every product space in tech, just focus on a few things and do them well?

21
Jan

Google fined for GDPR violations

Bring on the penalties!

Google has been fined 50 million euros (about $57 million) by a French regulator for not properly disclosing to users how their data is collected and used for targeted advertising.

The penalty is the biggest yet imposed under a new European privacy law that went into effect in 2018. The European Union’s General Data Protection Regulation gives Europeans more control over their information and how companies use it.

France’s National Data Protection Commission said on Monday that it imposed the fine after determining Google hadn’t met its obligation for transparency by making information about its data collection easily accessible to users. The commission found that Google didn’t present information about data-processing purposes and data-storage periods in the same place, sometimes requiring users to make five or six clicks to obtain the information.

The General Data Protection Regulation may not be perfect, but it’s already been a boon for users around the globe, including those outside Europe. Companies like Google will never care about user privacy on their own because their business model is monetizing people’s personal information. That’s why it is so important that laws like the GDPR exist… and that they be vigorously enforced.

4
Jan

Use Chromecast, get hacked

Another Google offering that is NOT secure.

Hackers have hijacked thousands of exposed Chromecast streaming devices to warn users of the latest security flaw to affect the device. But other security researchers say that the bug — if left unfixed — could be used for more disruptive attacks.

The culprits, known as Hacker Giraffe and J3ws3r, have become the latest person to figure out how to trick Google’s media streamer into playing any YouTube video they want — including videos that are custom-made. This time around, the hackers hijacked forced the affected Chromecasts to display a pop-up notice that’s viewable on the connected TV, warning the user that their misconfigured router is exposing their Chromecast and smart TV to hackers like themselves.

This is not the first Chromecast exploit, either.

Bishop Fox, a security consultancy firm, first found a hijack bug in 2014, not long after the Chromecast debuted. The researchers found that they could conduct a “deauth” attack that disconnects the Chromecast from the Wi-Fi network it was connected to, causing it to revert back to its out-of-the-box state, waiting for a device to tell it where to connect and what to stream. That’s when it can be hijacked and forced to stream whatever the hijacker wants. All of this can be done in an instant — as they did — with a touch of a button on a custom-built handheld remote.

Two years later, U.K. cybersecurity firm Pen Test Partners discovered that the Chromecast was still vulnerable to “deauth” attacks, making it easy to play content on a neighbor’s Chromecasts in just a few minutes.

Google claims it’s trying to fix the deauth bug. But it’s a four year old exploit. They have had years to fix it and they have failed.

The moral of the story: don’t use Chromecast and other woefully insecure Android products.

10
Dec

Google Plus suffers another security breach

Oops.

Google has now admitted that Google Plus has suffered another security failure, allowing the personal information of 52 million users to be accessed by third-party apps and developers without permission.

So, even if you had your profile information – such as your name, email addresss, occupation, etc etc – set as “not-public”, the information could be accessed by unauthorized parties.

According to Google, the flaw was introduced through a software update in November and was spotted less than a week later. The search giant says that it has seen no evidence that any app developers were aware of the flaw or misused it.

“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days. In addition, we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019,” a contrite David Thacker wrote.

7
Dec

Boo! Microsoft’s Edge to become a clone of Google’s Chrome

A must-read post from Mozilla’s Chris Beard.

Microsoft is officially giving up on an independent shared platform for the internet. By adopting Chromium, Microsoft hands over control of even more of online life to Google.

This may sound melodramatic, but it’s not. The “browser engines” — Chromium from Google and Gecko Quantum from Mozilla — are “inside baseball” pieces of software that actually determine a great deal of what each of us can do online. They determine core capabilities such as which content we as consumers can see, how secure we are when we watch content, and how much control we have over what websites and services can do to us. Microsoft’s decision gives Google more ability to single-handedly decide what possibilities are available to each one of us.

From a business point of view Microsoft’s decision may well make sense. Google is so close to almost complete control of the infrastructure of our online lives that it may not be profitable to continue to fight this. The interests of Microsoft’s shareholders may well be served by giving up on the freedom and choice that the internet once offered us. Google is a fierce competitor with highly talented employees and a monopolistic hold on unique assets. Google’s dominance across search, advertising, smartphones, and data capture creates a vastly tilted playing field that works against the rest of us.

This is a worrying development indeed.

What would have made more sense is for Microsoft to embrace Gecko, and contribute to Firefox’s rendering engine. It would have allowed the software giant to reconcile with the successor (Mozilla) of its former opponent (Netscape) in the “browser wars”, and given a boost to the Firefox project.

Instead, Microsoft is moving to shore up Google’s dominance in the browser space.

It is worth noting here that Mozilla is financially dependent on Google — Google currently pays Mozilla to make its search engine the default in Firefox. (Defaults matter because most people don’t change them.) So even Mozilla hasn’t been able to chart a totally independent course from the Monster of Mountain View.

A Microsoft-Mozilla alliance makes so much sense: Firefox could help steer people to Bing, and Microsoft could help Gecko’s future development. It’s a shame it’s not happening.

1
Nov

It’s #GoogleWalkout Day!

This is the best thing that has happened to and at Google in a very long time.

Google employees walked out of the company’s offices around the world on Thursday, in protest of the search giant’s handling of sexual harassment claims — specifically at the executive level.

The walkout began around 11 a.m. local time in Tokyo. Other offices including Singapore, Dublin, London, Berlin, Zurich and New York followed suit at 11 a.m. in their respective time zones. The Twitter account @GoogleWalkout and hashtag #GoogleWalkout tracked the protests as they occurred across the globe.

In Mountain View, California, Google’s global headquarters, employees streamed into a central plaza, near a building where Google CEO Sundar Pichai’s office is located. Employees spoke at a microphone, and the crowd chanted “Time is up!” and “Stand up! Fight back!” They held up signs that said “Stand up for Google women” and “Google men stand with Google women.” Some people wore “Black Lives Matter” shirts. Others wore shirts that said “Protect! Respect! Defend!” with a Google logo on the sleeve.

Larry Page, Sergey Brin, Sundar Pichai, and Eric Schmidt rarely listen to their critics, but maybe they’ll listen to their employees this time and change of their bad business practices.

It was wrong of Google to give Andy Rubin a $90 million golden parachute. It is wrong that Google insists on forced arbitration in sexual harassment and sexual assault cases. It is wrong that Google won’t publicly disclose how pervasive this problem is.

Time’s up. It’s time for change.

8
Oct

Google concealed a “software glitch” in Google+ that exposed data of half a million people

Irresponsibility is their policy:

Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the incident and documents reviewed by The Wall Street Journal.

As part of its response to the incident, the Alphabet Inc. unit plans to announce a sweeping set of data privacy measures that include permanently shutting down all consumer functionality of Google+, the people said. The move effectively puts the final nail in the coffin of a product that was launched in 2011 to challenge Facebook Inc. and is widely seen as one of Google’s biggest failures.

A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.

This revelation raises the question: what other dirty laundry is the Monster of Mountain View hiding?

Google executives have clearly relished watching Facebook take incoming fire in the press on a near constant basis this year. It’s no wonder they didn’t want to come clean about their own failings. But if they truly lived by their internal motto of “don’t be evil”, then they would have disclosed this glitch in the interest of transparency. How they expected to keep it a secret indefinitely is anyone’s guess.

It’s good that Google+ is shutting down. But the company must not be allowed to wash its hands of this incident and walk away. There should be consequences.

The European Union and the United States government should launch immediate investigations into this matter and find out what other secrets Google may be keeping from its users and stockholders.

 

5
Oct

Slate writer: “I used to trust some of [Google’s] products, like Chrome. I increasingly don’t.”

People like Matthew Green are waking up to reality.

A couple of weeks ago, I noticed something strange was happening to my Google Chrome web browser. Where Chrome had always allowed me to browse the internet as an anonymous user, suddenly my browser had signed itself into my Google account.

A bit of investigation (and a visit to a nerd forum) pointed me to the cause: Chrome had logged itself in after I visited my Gmail account.

The change in Chrome’s behavior, it turns out, was not a bug. It’s part of a new technical “feature” in the browser called “identity consistency between browser and cookie jar.” Despite the gritty technical name of the feature, it represents a truly fundamental change in the way Chrome works.

For the first 10 years of Chrome’s existence, Chrome was simply a typical web browser. You had the option to sign the browser into Google—and thus take advantage of Google’s many data-sharing and cloud-synchronization options—but you never had to.

In the stroke of an update, the sign-in became mandatory: If you happened to visit a Google property, the browser would attach itself to your Google account.

To Google’s credit, it recognizes the privacy implications of this change, and simply signing the browser into Google does not immediately send your data to Google’s servers. But it brings users within an accidental click of sharing their bookmarks and browsing history with Google.

It is truly a tragedy that so many people use Google Chrome when there are better, privacy-respecting browsers available, like Mozilla Firefox. Mozilla now even makes a special mobile version of Firefox that cleans up after itself called Firefox Focus. Google will never, ever make a tool like that, because it is anathema to Google’s objective of collecting as much data about everyone as possible to monetize all of us for advertising purposes.

It was inevitable that Google would change Chrome to make it easier for it to spy on its users. We’ve been warning of this for years. Unfortunately, many people haven’t listened.

3
Oct

BlackBerry alum Jim Balsillie sounds the alarm over Google parent’s ominous plans for Toronto

And the authorities in Toronto, Ontario, Canada should heed his words.

A unit of Google’s parent company Alphabet is proposing to turn a rundown part of Toronto’s waterfront into what may be the most wired community in history — to “fundamentally refine what urban life can be.”

Sidewalk Labs has partnered with a government agency known as Waterfront Toronto with plans to erect mid-rise apartments, offices, shops and a school on a 12-acre (4.9-hectare) site — a first step toward what it hopes will eventually be a 800-acre (325-hectare) development.

High-level interest is clear: Prime Minister Justin Trudeau and Alphabet’s then-Executive Chairman Eric Schmidt appeared together to announce the plan last October.

But some Canadians are rethinking the privacy implications of giving one of the most data-hungry companies on the planet the means to wire up everything from street lights to pavement. And some want the public to get a cut of the revenue from products developed using Canada’s largest city as an urban laboratory.

“The Waterfront Toronto executives and board are too dumb to realize they are getting played,” said former BlackBerry chief executive Jim Balsillie, a smartphone pioneer considered a national hero who also said the federal government is pushing the board to approve it.

“Google knew what they wanted. And the politicians wanted a PR splash and the Waterfront board didn’t know what they are doing. And the citizens of Toronto and Canada are going to pay the price,” Balsillie said.

Emphasis is ours.

“Smart” homes, “smart” cars, now “smart” neighborhoods… it was only a matter of time. Adding data collection functionality to buildings, appliances, and even entire communities is not smart, it’s reckless and a recipe for trouble. Imagine the ability to gain control over an entire neighborhood by compromising the software that runs it.

There is nothing “smart” about these technologies.

Three cheers for Jim Balsillie. It’s nice to see such bluntness from a person of his stature.

This project should not proceed. Toronto would be wise to pull the plug and say thanks, but no thanks, to this scheme to exploit the common good for the benefit of Alphabet/Google’s unceasing, unending war on privacy.

30
Aug

Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales

Big Brother Is Watching You:

For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.

But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement.

Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others.

Remember, Google has made it their business to attempt to learn everything… EVERYTHING…. about you. The company’s aim is to eradicate the whole idea of user privacy, one blow at a time. They’ll do whatever it takes to get their hands on our data, whether convincing us to give it to them, buying it, or secretly capturing it without our knowledge.