From search-engine to walled garden: majority of Google searches do not result in a click

As tech began to concentrate, two dominant strategies emerged: Google's (instrument the whole internet for surveillance, which means that you don't have to lock people in in order to spy on them) and Apple's (lock everyone into a walled garden, and extract revenue by refusing to let them out again). Read the rest

Googlers circulate petition demanding a moratorium on contracts with US border agencies

Despite the departure of its most prominent leaders amid claims of harassment and retaliation, the Googler Uprising lives on, with Google employees circulating an internal petition demanding that the company not contract with US border agencies to provide any kind of services, on the grounds that US immigration authorities are notorious abusers of human rights. Read the rest

Manhattan DA served Google with a "reverse search warrant" in a bid to prosecute antifa protesters

In October 2018, Proud Boys founder Gavin McInnes was invited to speak at the Manhattan Republican club, drawing neo-Nazi supporters and antifa protesters; Proud Boy thugs waded into the protest and began indiscriminately attacking the protesters. Read the rest

Training bias in AI "hate speech detector" means that tweets by Black people are far more likely to be censored

More bad news for Google's beleaguered spinoff Jigsaw, whose flagship project is "Perspective," a machine-learning system designed to catch and interdict harassment, hate-speech and other undesirable online speech. Read the rest

Deep look at the Googler Uprising, drawing on insider interviews

In May 2018, Google faced a series of public resignations and scandals over a secret internal project to supply AI tools to the Pentagon's drone warfare project; then, in August 2018, scandal hit again with the news that Google was secretly developing a censoring, surveilling Chinese search-tool; then came the news that the company had secretly paid Android founder Andy Rubin $90m to quietly leave the company after credible accusations of sexual abuse and assault. Read the rest

Germany's powerful IG Metall trade union is organizing Youtubers to force Google to play fair

As Google has enacted a series of high-handed, opaque changes to how Youtube monetizes, upranks and censors videos, Youtubers have found themselves battered by the changes: they built Youtube into a global multi-billion-dollar success story, but they don't get a say in how it's managed. Now, a group of Youtubers have teamed up with Germany's powerful IG Metall trade union to fight back, using Europe's broad privacy laws and Germany's broad labor laws to force the company to come to the negotiating table and give them a say in how the service is run. You can read more about it on the Fairtube campaign site. Read the rest

Google's watching you watching porn

Friends, you're going to wish you were still making the scene with a magazine after reading this sentence: Google's web trackers are all up in your fap time and there's pretty much nothing (except maybe using a more secure browser like Firefox, read up on cyber security tips from the EFF, refusing to sign into a Google account and never going online without the protection of a VPN) that anyone can do about it. Read the rest

Vast majority of porn sites use Google Analytics and Facebook embeds that track you, even in incognito mode

If you only look at porn with your browser in incognito mode, your browser will not record your porn-viewing history; but the porn sites themselves overwhelmingly embed tracking scripts from Google and Facebook in every page: 93% of 22,484 porn sites analyzed in a New Media & Society paper had some kind of third-party tracker, with Google in the lead, but also including trackers from some of the worst privacy offenders in Silicon Valley, like Oracle. Read the rest

Google kills 'Project Dragonfly' China search engine project

The company hasn't ruled out doing other work for China.

Many of the key Googler Uprising organizers have quit, citing retaliation from senior management

The Googler Uprising was a string of employee actions within Google over a series of issues related to ethics and business practices, starting with the company's AI project for US military drones, then its secretive work on a censored/surveilling search tool for use in China; then the $80m payout to Android founder Andy Rubin after he was accused of multiple sexual assaults. Read the rest

Like Amazon, Google sends voice assistant recordings to contractors for transcription, including recordings made inadvertently

After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app. Read the rest

Youtube's ban on "hacking techniques" threatens to shut down all of infosec Youtube

Once upon a time, companies were able to insist -- with a straight face -- that the real problem with the security defects in their products was the researchers who went public with them, warning customers and users that the products they were trusting were not trustworthy. Read the rest

Insiders claim that Google's internet-fixing Jigsaw is a toxic vanity project for its founder, where women keep a secret post-crying touchup kit in the bathroom

In 2016, Google announced that it was renaming its small Google Ideas unit to "Jigsaw," giving the new unit a much broader, "wildly ambitious" mandate: to tackle "surveillance, extremist indoctrination, and censorship." Read the rest

Google Maps is still overrun with scammers pretending to be local businesses, and Google's profiting from them

We bought a house in 2018 and have been renovating it pretty much constantly ever since: I've had to call out movers, emergency plumbers and electricians, find HVAC repairpeople, hire locksmiths, contract with a roofer, etc etc. Despite the longstanding and serious problems with fraud on Google Maps, I often start my search there, because I am an idiot, because 100% of the time, Google Maps sends me to a scammer. One hundred percent. Read the rest

Private Join and Compute is Google's free/open source tool to allow "mulitparty computation" of encrypted data without decryption

Private Join and Compute is a new free/open Google tool that implements the longstanding cryptographic concept of "commutative encryption," which allows untrusted parties to merge their datasets without revealing their contents to one another, do mathematical work on the data, and learn the outcome of that work without either of them seeing the underlying data. Read the rest

U.S. Government security keys vulnerable to hackers, for the dumbest imaginable reason

Physical security keys, like those sold by Yubico, Thetis and Kensington, are a great way to lock down your digital lives. They also tend to be wicked fast compared to the wait you have to put on while you're waiting for a 2FA password to arrive via SMS or typing in a verification code from an app like Google Authenticator.

Unless of course said security key is deeply, deeply borked.

From Engadget:

Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys it generates. The security keys are used by thousands of federal employees on a daily basis, letting them securely log-on to their devices by issuing one-time passwords.

The problem in question occurs after the security key powers up. According to Yubico, a bug keeps "some predictable content" inside the device's data buffer that could impact the randomness of the keys generated. Security keys with ECDSA signatures are in particular danger. A total of 80 of the 256 bits generated by the key remain static, meaning an attacker who gains access to several signatures could recreate the private key.

If someone reading this can school me on why anyone working at Yubico would think that keeping 'predictable content' on a device meant to secure highly-sensitive governmental systems and information, I'd appreciate it. Read the rest

Google Stadia won't just need low latency, it needs a big pipe

I am not enthusiastic about Google Stadia's chances.

Ars:

Google says you'll need 35Mbps to play at maximum settings—that's 4K resolution, high dynamic range (HDR), and 60 frames per second (fps) with 5.1 surround sound. As PC Gamer noted last week, that adds up to 15.75GB per hour, which would use up an entire 1TB monthly data allotment in 65 hours of game time.

Stadia will work at lower resolutions, with Google recommending 20Mbps for 1080p/60fps with 5.1 surround sound, and 10Mbps for 720p/60fps with stereo sound. That's 9GB and 4.5GB per hour, respectively, potentially using up a 1TB data cap in 114 or 228 hours.

Read the rest

More posts