Google to ‘Dramatically’ Improve Chrome Impact on Mac Battery Life

Google will address long-standing battery life issues, particularly on Mac devices, reports The Wall Street Journal.

Chrome will improve “tab throttling” by better prioritizing active tabs and limiting resource drain from tabs open in the background. This is said to have a “dramatic impact on battery and performance.” Google has reportedly been performing early tests on Mac laptops in particular.

“This is an ongoing investment in improvements to speed, performance and battery life,” said Max Christoff, director of Chrome browser engineering. Chrome has previously been criticized for poor use of RAM, battery draining, and privacy concerns.

In May, Google set out plans to improve Chrome battery toll by blocking resource-heavy ads. Chrome will also limit the resources that an ad can use before the user interacts with it. In addition to this, Chrome will soon be updated with new optimization that will allow the most performance-critical parts of the software to run even faster.

Google is currently experimenting with the changes, with the intention of releasing the optimizations and improvements to Chrome in a stable release towards the end of August.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Google Loses Control Over Blogspot.in, Millions of Sites Inaccessible – Disposable mail news

Google-owned ‘blogspot.in’, a blogging website also known as “Blogger” has become inaccessible to Indian users as Google appears to have lost its ownership over the domain.

Blogger.com is a free platform used by millions of users for blogging. As it used to fall under Google’s ownership, one could link it to various other Google products such as Picasa, Google AdSense, and social network, Google+. The simplicity in accessibility made blogger widely popular; users just need a Google account to activate blogger.

People who were using Blogger for posting blogs faced issues while accessing their blogs, meanwhile, a number of web pages within the Indian domain became unreachable. According to a report by the Next Web, the issue occurred because of Google losing its ownership over the URLs Blogspot.in, however, the time when Google lost its control over the domain is not clearly known.

Referencing from the Next Web’s report on the matter, “Whatever the reason might be, if I host a site or blog with Google, I would expect a company of this size to keep up and know when their domain name ownership expires,”

“If you use a blog regularly, an alternative is to host it on your own domain. But everyone might not want to do that just to keep things easy. And you’d expect Google Webmaster to do better,” read the report.

One of the major issues faced by a million users was that the links that they have on put on several websites with the “Blogspot.in” domain became inaccessible. However, the blogs are still there, they were visible when users changed the URLs to blogspot.com. Chances are, this is just a temporary issue and would be taken care of by Google shortly, however, users who were using “Blogspot.in” domain will have to go through the trouble for now as the tech giant has not addressed the issue yet.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

UK Regulators Call Google’s Search Engine Deal With Apple a ‘Significant Barrier’ for Competitors

Google pays Apple to be the default search engine on Apple’s Safari web browser on iPhones and Macs, which causes a “significant barrier to entry and expansion” for rivals in the search engine market, said the UK Competition and Markets Authority in a report released today (via Reuters).


The relationship between Apple and Google impacts Microsoft’s Bing, Verizon’s Yahoo, and independent search engine DuckDuckGo. Apple allows users to set these search engines as their default in the Safari settings, a privilege the search engines pay for, but Google Search remains the default on a new device.

Apple received the “substantial majority” of the $1.5 billion (1.2 billion pounds) that Google paid to be the default search engine on various devices in the United Kingdom in 2019, according to the report.

“Given the impact of preinstallations and defaults on mobile devices and Apple’s significant market share, it is our view that Apple’s existing arrangements with Google create a significant barrier to entry and expansion for rivals affecting competition between search engines on mobiles,” the regulators wrote in the report.

UK regulators believe that enforcement authorities should be provided with a range of options to address the arrangement between Apple and Google to provide a more level playing field for other search engines.

Apple could be required to provide “choice screens” that would let users decide which search engine to set as default during device setup, or could be restricted from monetizing default search engine positions, a move that Apple said would be “very costly.”

Apple and Google have never confirmed exactly how much Google pays to be the default search engine on Apple devices in the UK, the United States, and other countries, but it’s rumored to be in the billions.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Google Photos Stops Backing Up Social Media Folders By Default

Google Photos has stopped backing up images and videos from folders created by social media and messaging apps like WhatsApp, Messages, and TikTok (via Android Police).

Previously, Google’s photo app would automatically upload all media saved to an iOS device, including any files saved in folders originating from social and messaging apps.

Google says it’s now turning off this aspect of its cloud photo backup service “to save internet resources” as people share more photos and videos amid the ongoing global health crisis.

Users can reverse this change and re-enable backup of photos and video from social media and messaging apps by following these instructions.

Other digital services including YouTube and Disney+ adopted similar measures to reduce bandwidth strain caused by the global health crisis several months ago.

Tag: Google Photos

This article, “Google Photos Stops Backing Up Social Media Folders By Default” first appeared on MacRumors.com

Discuss this article in our forums


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Google Meet to Get Background Blur, Captioning, and Low-Light Mode

Google Meet will soon allow users to add images or a blur effect to backgrounds on video calls, reports 9to5Google.



In addition, Google told The Verge that it is working on several other features that should make Meet more competitive against rival videoconferencing platforms like Zoom and Microsoft Teams.

These new options include real-time captioning, a low-light mode, hand-raising, and a tile view of up to 49 other people on a video call.

No release date for the upcoming features has been given, but Microsoft is understood to be previewing some of them to education and enterprise customers.

Google made its premium Meet service free to use in April, and the company followed that up by announcing Meet integration for Gmail on iOS and Android.

Anyone interested in using Google Meet can download the Hangouts Meet iOS app from the App Store or head to meet.google.com to use the web browser version.

Tags: Google, Google Meet

This article, “Google Meet to Get Background Blur, Captioning, and Low-Light Mode” first appeared on MacRumors.com

Discuss this article in our forums


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Web skimming with Google Analytics – 10 minute mail

Web skimming is a common class of attacks generally aimed at online shoppers. The principle is quite simple: malicious code is injected into the compromised site, which collects and sends user-entered data to a cybercriminal resource. If the attack is successful, the cybercriminals gain access to shoppers’ payment information.

To make the data flow to a third-party resource less visible, fraudsters often register domains resembling the names of popular web services, and in particular, Google Analytics (google-anatytics[.]com, google-analytcsapi[.]com, google-analytc[.]com, google-anaiytlcs[.]com, google-analytics[.]top, google-analytics[.]cm, google-analytics[.]to, google-analytics-js[.]com, googlc-analytics[.]com, etc.). But attack of this kind were also found to sometimes use the authentic service.

To harvest data about visitors using Google Analytics, the site owner must configure the tracking parameters in their account on analytics.google.com, get the tracking ID (trackingId, a string like this: UA-XXXX-Y), and insert it into the web pages together with the tracking code (a special snippet of code). Several tracking codes can rub shoulders on one site, sending data about visitors to different Analytics accounts.

Recently, we identified several cases where this service was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics. As a result, the attackers could access the stolen data in their Google Analytics account. We found about two dozen infected sites worldwide. The victims included stores in Europe and North and South America selling digital equipment, cosmetics, food products, spare parts etc.

The screenshot below shows how the infection looks — malicious code with the attacker’s tracking code and tracking ID:

Screenshot 1

The attacker tries to hide their malicious activity using a classic anti-debugging technique. Screenshot 2 shows code for checking whether Developer mode is enabled in the visitor’s browser. The code in the screenshot above is executed only if the result is negative.

Screenshot 2

Curiously, the attackers left themselves a loophole — the option to monitor the script in Debug mode. If the browser’s local storage (localStorage) contains the value ‘debug_mode’==’11’, the malicious code will spring into life even with the developer tools open, and will go as far as to write comments to the console in clumsy English with errors. In screenshot 3, the line with the ‘debug_mode’ check follows the implementation of the RC4 encryption algorithm (used to encrypt the harvested data before sending it).

Screenshot 3

If the anti-debugging is passed, the script collects everything anyone inputs on the site (as well as information about the user who entered the data: IP address, UserAgent, time zone). The collected data is encrypted and sent using the Google Analytics Measurement Protocol. The collection and sending process is shown in screenshot 4.

Screenshot 4

The stolen data is sent by invoking the send event method in the ‘eventAction’ field.

The function signature in this case is:

This leads to an HTTP request being sent to the URL
https[:]//www.google-analytics.com/collect?&ea=packed_stolen_data&

In the above-described case, malicious code is inserted into a script on the infected site in “readable” form. In other cases, however, the injection can be obfuscated. Malicious code also can be downloaded from a third-party resource. Screenshot 5 shows an example obfuscation option. In this variant, a call to a malicious script from firebasestorage.googleapis[.]com is inserted into the infected site.

Screenshot 5

After deobfuscation, we obtain a similar script with the same distinctive comments. Part of its code is presented in screenshot 6 (a different tracking ID is used).

Screenshot 6

What’s the danger

Google Analytics is an extremely popular service (used on more than 29 million sites, according to BuiltWith) and is blindly trusted by users: administrators write *.google-analytics.com into the Content-Security-Policy header (used for listing resources from which third-party code can be downloaded), allowing the service to collect data. What’s more, the attack can be implemented without downloading code from external sources.

How to avoid the issues

Users:

  • Install security software. Kaspersky solutions detect malicious scripts used in such attacks as HEUR:Trojan-PSW.Script.Generic.

Webmasters:

  • Do not install web applications and CMS components from untrusted sources. Keep all software up to date. Follow news about vulnerabilities and take recommended actions to patch them.
  • Create strong passwords for all administration accounts.
  • Limit user rights to the minimum necessary. Keep track of the number of users who have access to service interfaces.
  • Filter user-entered data and query parameters to prevent third-party code injection.
  • For e-commerce sites, it is recommended to use PCI DSS-compliant payment gateways.

IOCs

firebasestorage.googleapis[.]com/v0/b/bragvintage-f929b.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/canature-5fab3.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/ericeirasurfskate-559bf.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/gluten-8e34e.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/laser-43e6f.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/movile-720cd.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/plumb-99e97.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/redfox-64c35.appspot.com/o/*
firebasestorage.googleapis[.]com/v0/b/tictoc-9677e.appspot.com/o/*

 


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

SMS System Now A Long-Gone Era; Google Brings Out A New Update – Disposable mail news

With the rise of encrypted alternatives of SMS messages, WhatsApp, iMessage, and Signal, the SMS system has become a ‘throwback to a long-gone era’. 

But ironically, that same SMS system has additionally been on the rise as the default delivery mechanism for most two-factor authentication (2FA) codes. 

The issue is being viewed as a critical one in light of the fact that an SMS is delivered to a phone number with no user authentication—biometric or password security efforts secure our physical devices, not our numbers, they are separated. 

What’s more, this explanation alone clears a path for SIM-swapping, social engineering scams to take those six-digit codes, to malware that catches and exfiltrates screenshots of the approaching messages.

For each one of those reasons, and a couple of additional, the advice is currently to avoid SMS-based 2FA if feasible for the user. 

But still,  if the user can tie 2FA to the biometric or password security of a known device, at that point this is a huge improvement. Apple does this splendidly. And Google is quick on making this the default also. 

In a blog post on June 16, Google confirmed “Starting on July 7 we will make phone verification prompts the primary 2-Step Verification (2SV) method for all eligible users.” 

Their plan fundamentally is to switch Google account holders to this setting, forestalling the majority, essentially defaulting to an SMS message or voice call. 

Yet, there’s a drawback with this too , in light of the fact that all devices a user is logged into will receive the prompt, and that will require some rejigging for families sharing devices. Furthermore, users who have security keys won’t see a change.

Phone prompt 2FA

In the event that the phone prompt doesn’t work for the user, they can get away to an SMS during the verification process—however, Google doesn’t recommend this. 

Further explaining that this move is both progressively secure and simpler, “as it avoids requiring users to manually enter a code received on another device.” 

In taking the decision to make this the “primary technique” for 2FA, Google says “We hope to help [users] take advantage of the additional security without having to manually change settings—though they can still use other methods of 2-Step Verification if they prefer.” 

For an attacker to spoof this system they will require physical access to one of the user’s already logged-on devices where they will see the prompt.

Users will likewise have the option to audit and remove devices they no longer need to gain access to this security option. 

Also, on the grounds that the prompt hits all logged-on, authorized devices all at once—user will straight away know whether an attempt is being made to open their account without their knowledge. 

Nonetheles, with the increasing utilization of multi-device access to our various platforms, it is an extraordinary thought to utilize an authentication device to verify another logon and this step by Google has without a doubt emerged as an incredible one in the direction way which should be followed by others as well.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Google Meet Videoconferencing Coming to Gmail iOS App

Google made its premium Meet videoconferencing service free to use last month, and now the company has announced that it’s bringing Meet to the Gmail app for iOS and Android.



Google Meet offers many of the features that have made Zoom so popular in recent weeks, including video conferencing for up to 100 participants, the option to schedule meetings, and screen-sharing capabilities.

In the coming weeks, integration with the Gmail app will appear in the form of a new Meet tab, which can be used to view upcoming meetings scheduled in Google Calendar and easily join them with a tap.

The new tab also includes a “New meeting” button that lets users start a new meeting or generate a meeting link to share or schedule in Calendar. In addition, users can tap the “Join with a code” option if they’ve received a meeting link.

If a Gmail user has no interest in Google Meet, they can disable the Meet tab by entering Settings via the hamgurger menu in the top-left corner of the screen. Tap on the preferred account, scroll down, and toggle off the switch next to Meet.

Gmail for iPhone and iPad can be downloaded from the App Store for free. [Direct Link]

Tags: Google, Gmail

This article, “Google Meet Videoconferencing Coming to Gmail iOS App” first appeared on MacRumors.com

Discuss this article in our forums


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

New York Attorney General Asks Apple and Google to Vet Third-Party Contact Tracing Apps

Apple and Google have been asked by New York’s Attorney General to do more to prevent sensitive health data from being collected by third-party contact tracing apps.

exposure notification cartoon
According to Business Insider, AG Letitia James sent letters to both companies and urged them to impose tighter restrictions on the apps if they are to be available in their app stores, following concerns that some of the apps have not been properly vetted.

“As businesses open back up and Americans venture outdoors, technology can be an invaluable tool in helping us battle the coronavirus,” said Attorney General James. “But some companies may seek to take advantage of consumers and use personal information to advertise, mine data, and unethically profit off this pandemic. Both Apple and Google can be invaluable partners in weeding out these bad actors and ensuring consumers are not taken advantage of by those seeking to capitalize on the fear around this public health crisis.”

James noted that the privacy-centric exposure notification technology that Apple and Google developed isn’t being used by all contact tracing apps. As such, she is urging the two companies to commit to greater oversight by only allowing apps affiliated with federal or state public health agencies to collect personal health data.

The hope is that by prohibiting third-party contact tracing apps from collecting personal data, it won’t be used for targeted advertising or for identifying anonymous users.

James wrote that third-party apps should be required to delete personal health information on a rolling 14-day basis, and that the companies’ respective app stores should disclose which apps were launched by governments and which are made by private developers.

“Consumers should always check with the Apple App Store or Android Play Store for information on what entity operates the app and whether the app collects geolocation information or other data,” cautioned James.

According to the report, Apple and Google have until June 19 to acknowledge the Attorney General’s letter.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.