Google I/O Kicks Off Tuesday: All Eyes On Android And New-Look Exec Team

Every major tech company in Silicon Valley takes at least one turn at San Francisco’s Moscone Center each year to show off their latest ideas and reinforce their standing among the community. This week, Google (NSDQ: GOOG) gets a shot, likely to highlight versions of its Android software for phones, tablets, and televisions while continuing to push a vision of computing with the Web at its center.

Google I/O has grown significantly since 2008, with the fourth incarnation set to kick off Tuesday. Nearly 5,500 attendees are expected to pony up for access to Google’s roster of engineers, who will present sessions on nearly everything Google, from search to Web application development to browsers to mobile applications. Here’s a breakdown of what to expect:

Android: Google’s most successful product outside of search, Android, will likely draw the most attention during the week. The smartphone version of Android has been a rousing success, but tablet versions have yet to create any serious alternative to Apple’s iPad. It would be surprising if Google didn’t address the tablet question in some detail, either through new operating system versions or applications.

Google TV: One version of Android that hasn’t really taken flight—Google TV—has been reported as worthy of an Google I/O slot. First introduced a year ago at this conference and launched last November, Google TV has faced opposition from the big network television companies and confusion among customers who encounter its remote controls. A preview of a next-generation version is expected, but enthusiasm for the concept in general is not strong leading into the show.

Chrome OS: Netbooks bearing Google’s browser-centric operating system were supposed to have been launched last year, but delays forced the project into a mid-2011 launch schedule. Now that it’s May 2011, presumably Google is ready to shed more light on exactly what types of Chrome OS netbooks will launch, and how much they will cost. It will also be interesting to see if Google talks up Chrome OS tablet-style devices, given that interest in the netbook has waned considerably since Chrome OS was first announced in 2009.

Web Standards: Google has used significant air time at the previous Google I/O conferences to urge adoption of HTML5 technologies as the pathway to a next-generation model of computing centered on the Web. This is still very much a work in progress. Expect Google to continue the evangelical call this week, with demonstrations of the types of sophisticated Web applications that are possible with HTML5 technologies.

Wild Cards: Some form of a Google music locker is inevitable, but has the company locked down enough of the details with the music industry for it to surface this week? Will Google Docs finally get offline access? Which Android tablet will Google give away to attendees, the Xoom or the Galaxy Tab?

Context: Google is a company that famously likes to celebrate its failures. That means Google I/O is probably its most celebratory week of each year, considering it has produced such notable failures as Google Wave and Google Friend Connect. As pointed out over the course of the weekend, Google doesn’t necessarily save some of its most winning ideas for Google I/O: Google Instant was announced at its own event last September, for example.

However, this is the first Google I/O with Larry Page back at the helm of the company, and therefore the first chance for him to really put his stamp on the show. Google has been furiously reorganizing its executive ranks in the weeks since Page has taken over, and this Google I/O may give hints as to the new pecking order at Google with respect to the types of projects demonstrated at the show, and the people chosen to pitch those projects to the world.

It’s a week in which all eyes will be on the company that dominates Web search, fumbles with social skills, and provides a defensible alternative to Apple (NSDQ: AAPL) in the mobile market. We’ll be at Google I/O both days, and will bring you highlights and analysis of Google’s week in the spotlight.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google I/O Kicks Off Tuesday: All Eyes On Android And New-Look Exec Team"https://www.voiceofgreyhat.com/2011/05/google-io-kicks-off-tuesday-all-eyes-on.html</a>

Google CEO Larry Page said G+ Hit 10M Users in 2 Weeks

Google's Facebook competitor Google Plus grew to 10 million users in just two weeks, the company announced Thursday.
That's only a bit more than 1 percent of Facebook's 750 million global users, but it still represents staggering growth for Google's infant social network, which isn't yet open to the public. The site remains in a "limited" trial phase.
"Growth on Google has been great," Google CEO Larry Page said on a conference call with analysts. 

"Over 10 million have joined. That's a great achievement for the team. There has been a ton of activity."

Page said more than 1 billion items are being shared on the network every day. The " 1" button, which populates search results with friends' recommendations, has been clicked 2.3 billion times a day.
Google represents a part of the new CEO's grand vision for the 13-year old company. Despite Google's position as the worldwide leader in search, Page has opted to treat the company as a startup, increasing hiring and starting several new initiatives. 

"Today, I see more opportunities for Google than ever before; we're just at the beginning of what we want to do," Page said. "We're only at 1 percent of what's possible. Google's just getting started."

Accordingly, Google continued its hiring spree in the second quarter, upping its headcount by nearly 9 percent, or 2,500 employees -- including 450 from the acquisition of flight data company ITA .
The company also has spent freely, putting more than $900 million into its infrastructure during the quarter, including expanding its massive data centers. The company says it expects to continue to make "significant" capital expenditures going forward.
Google says all that spending will keep the company ahead of its rivals.

The past quarter has been a busy one. In addition to Google , the company started selling its Chromebook line of laptops aimed at current Microsoft corporate clients and launched its Music application to compete with Apple's iTunes and Amazon's Cloud Drive.
The company also unveiled Google Wallet, which will allow customers to pay for items using their smartphones, and it launched Google Offers, a Groupon competitor.
But Google also shut down several products that weren't working, such as Google Health and PowerMeter.
"Our focus is more wood behind fewer arrows," said Page. "I'm very happy with our progress."
Still, the free spending has made some stock analysts cautious. Page lashed back at that criticism, noting that when Google started its search engine, no one believed the company could monetize that besides the occasional banner ad.

"Fast forward to today, it seems like we're playing the same movie all over again," he said.

The world's online search leader said its net income in the second quarter rose to $2.5 billion, up 36 percent from a year earlier.
Results included one-time charges totaling $1.06 per share. Without the charges, Google said it earned $8.74 per share. Analysts polled by Thomson Reuters, who typically exclude one-time items from their estimates, had forecast earnings of $7.85 per share.
Profit rose as both the number of clicks on Google's ads and the amount that advertising partners pay per click increased substantially: Paid clicks surged 18 percent and cost per click grew 12 percent compared to last year.

Sales for the Mountain View, Calif., company rose 32 percent to $9 billion. Excluding advertising sales that Google shares with partners, a figure also known as traffic acquisition costs, the company reported revenue of $6.9 billion, which topped analysts' forecasts of $6.6 billion.
Shares of Google jumped 12 percent after hours.
Still, not all the news has been positive for Google, which has recently landed in antitrust crosshairs.

The Federal Trade Commission began investigating the company for evidence of abusive practices, and a federal judge rejected Google's planned settlement deal in its attempt to create a universal online book library.
The Department of Justice also heavily scrutinized the company's recent purchase of flight data software company ITA, and Google set aside $500 million for a potential settlement with the DOJ regarding the company's advertising practices. The DOJ is currently studying Google's proposed $400 million purchase of digital advertising toolmaker Admeld.
Late last month, French search company 1plusV said it would seek $423 million in damages from the American search giant over alleged anti-competitive practices.

-The News Source (Chicago Tribune)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google CEO Larry Page said G+ Hit 10M Users in 2 Weeks"https://www.voiceofgreyhat.com/2011/07/google-ceo-larry-page-said-g-hit-10m.html</a>

Google Vs. Microsoft (For Cloud)

Google has locked horns with Microsoft in a high-stakes showdown to dominate what could be the next great mother lode of Internet-derived profits. Each is seeking to attract businesses to lease its hosted versions of essential communications and office programs, instead of maintaining these basic tools in house. It's an emerging form of digital office outsourcing — often referred to as cloud computing — one which Microsoft's outspoken CEO, Steve Ballmer, has vowed to own. "At Microsoft, for the cloud, we're all in," Ballmer told an auditorium full of University of Washington computer science students last spring. "It's just a great time to be all-in and really drive the next generation of technology advances." The software giant recently released a near-final test version of Office 365, a hybrid of its ubiquitous productivity software suite. Tuned for the Internet, Office 365 extends the slow-but-steady advances the company has been making since 2002 in delivering business programs over the Web, much as a utility delivers water or electricity. But now that's being challenged again by search-advertising company Google. At its recent Google I/O developer conference, Google made a move to steal some of Ballmer's thunder. There, Google unveiled Chromebooks, stripped-down computers optimized to run its hosted messaging, calendaring and collaboration tools. "Chromebooks is actually a huge leap forward for cloud computing," says Dave Girouard, Google's president of enterprise. "We're excited about putting more pieces of the puzzle together. Our aim is to be No.1 in cloud computing." Delivering software over the Internet is nothing new. Cloud computing occurs when an individual accesses services housed on a third-party server rather than a local PC. Consumers use cloud computing with free Web mail services and popular social-networking sites. The race among Amazon, Google and Apple to popularize cloud-based storage of your music collection is yet another example. And Salesforce.com and NetSuite have long supplied businesses with specialized customer relationship management and bookkeeping programs as hosted services. Yet, a confluence of developments has buoyed the big pushes by Microsoft and Google to extend cloud computing to basic workplace tools: e-mail, messaging, calendaring, word processing, spreadsheets, slide presentations and file sharing. Many companies that hunkered down during the recession are eager to refresh aging systems. Security has become a major pain, and everything is getting more complex as mobile-device use rises. And capital spending budgets are as tight as ever. A desire to become more efficient and reduce long-term costs was identified as an influential factor by 60% of information technology buyers from government agencies recently surveyed by CompTIA, a non-profit association for IT pros. For the tech companies wrestling for the future of office software, the stakes are high. Tech researcher Gartner forecasts that global spending on e-mail, collaboration and cloud-based applications will more than double to $20.7 billion by 2014, up from $9.8 billion this year. 


Cloud savings 
Now cloud computing is getting a second look by often-conservative IT buyers because Internet connectivity has become ubiquitous, and data storage, dirt cheap, says Wes Miller, industry analyst at research firm Directions on Microsoft. "But the real reason people are flocking to it has to do with saving money, whether directly or indirectly." In many cases, the first basic tool companies look to outsource is e-mail. Shane Ochotny, tech architect at Tampa General Hospital, had four technicians working full time maintaining e-mail for 7,000 employees, including 1,000 physicians, spread through the hospital, a clinic and separate administrative offices. After testing several hosted e-mail services, including Google's Gmail, Ochotny chose to outsource e-mail, instant messaging and video conferencing to Microsoft; the software giant first began offering hosted e-mail in 2002, and it added other services in 2005 and 2008. That freed four technicians to create a customized program that provides instant e-mail access to new workers. Next up for the hospital's techs: developing a way to integrate video conferencing with instant messaging and voice over Internet. While some analysts worry that cloud outsourcing will ultimately cut employment, Tampa General's experience is likely more the norm. "Moving stuff that isn't central to the business into the cloud frees up IT people to work on systems that are central," says Rob Helm, analyst at Directions on Microsoft. The hospital is one of the early testers of Office 365, which features a lightweight version of Office that can be accessed by workers from any device with an Internet browser. Ochotny is prepping a test to see if Microsoft's approach to cloud computing — which continues to require traditional desktop PC software in combination with new hosted services — can be tweaked to let doctors and nurses instant message each other on their iPhones, as well as BlackBerry, Android and Windows Phone 7 smartphones. "Since we spend less time on maintenance, we can focus on innovation and better use of existing tools," says Ochotny. Microsoft's huge advantage over Google: "The sheer number of companies of literally every size for whom Office is the de facto productivity suite," says Charles King, principal analyst at Pund-IT. "After years of fumbling with its online strategy, Microsoft now has a viable plan with Office 365 to entice enterprises to dip a toe in." 


Google’s cloud 
Google's strategy is 100% cloud-based. Basic versions of Gmail and its office productivity suite, Google Apps, are free to consumers; businesses pay a monthly per-user fee for commercial versions. It all runs through a Web browser on servers owned and maintained by Google. This arrangement works especially well for businesses looking to extend Internet communications and file sharing to managers in far-flung operations or to workers on the factory floor or out in the field. Jason's Deli, a Beaumont, Texas-based restaurant chain, uses Google Docs to schedule meetings, share reports and plan events among managers working in 230 eateries, five corporate offices and two food distribution hubs. "Our use cases are wide and varied," says Kevin Verde, chief information officer of Jason's Deli. "We currently have 10,000 documents that our users are collaborating on using Google Docs." When Google approached Jason's Deli about testing Chromebooks, Verde says, he was skeptical that a device built solely to access a Web browser, and which could not store files nor run applications as a tablet or laptop PC could, would prove useful. But he distributed test models to sales reps who spend all day pitching catering services to schools, churches and local businesses. He was pleasantly surprised. Using Chromebooks, the reps could tap into spreadsheets and monitor successful sales campaigns in other regions. They could access customer relationship management programs hosted by Salesforce.com. Verde is now a Chromebook fan. "The administration side of the Chromebook is almost effortless, and that is a big deal for corporate IT," he says. But can Google make any meaningful encroachment on Microsoft's turf? Chromebook, while intriguing, is going head-to-head against tablets and netbooks, priced roughly the same. "The competitive landscape has been complicated by the emergence of tablets, particularly the iPad," analyst King says. "Though tablets essentially offer the same browser-centric experience Google is promoting, they also enhance the user experience via a wide variety of apps." Google remains undaunted. In an effort to entice Microsoft Office fans to give Google Docs a whirl, the search giant in March 2010 reportedly spent $25 million to acquire start-up DocVerse, launched by two former Microsoft engineers. DocVerse subsequently came out in February as Google Connect, a free browser plug-in that lets users access Microsoft Office files using Google Apps. "It really knocks down some of the last reasons people have for not wanting to use Google," says Girouard. "This makes it easier." Microsoft swiftly counterpunched., with officials lambasting Google Connect in the tech media for ruining the formatting of complicated Office docs. Lately, they've been spinning Connect as a concession that Office cannot be displaced. "Google was trying to shoehorn a consumer offering, Google Apps, into an enterprise value proposition, by telling customers, 'You don't need Office anymore,'" says Tim O'Brien, general manager of Microsoft's platform strategy. "That strategy failed. So now they've changed tack and are telling customers, 'We don't think Office is going anywhere soon, so let us show you how our product can work alongside of it.'" Maybe, but Microsoft can't get complacent, analysts say. Google claims more than 30 million "active users" of Google Apps at some 3million businesses, with more than 3,000 new sign-ups every day. That includes midsize companies, such as Virgin America and National Geographic, and a few large ones, such as Jaguar Land Rover, Motorola andInterContinental Hotels. "Google is a serious wannabe contender," says King. "The search giant has to be taken seriously if only because it has deep pockets and a strong will."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Vs. Microsoft (For Cloud)"https://www.voiceofgreyhat.com/2011/05/google-vs-microsoft-for-cloud.html</a>

Justice Department saysGoogle product doesn't really have security credential

Google Inc. has maintained that its suite of office products aimed at government clients has been certified under a law that mandates strict information security rules for federal agencies.  But the Justice Department says that's not the case.

Google has maintained that Google Apps for Government, the company's government-focused email and office software product, is certified under the Federal Information Security Management Act, known as FISMA. FISMA requirements derive from a 2002 law designed to safeguard and manage digital information used by federal government agencies.  

Google has been trying to win more clients in the lucrative government email market, long dominated by rival Microsoft Corp. Building a special, extra-secure government version of its popular Google Apps software has been key to those efforts, and in various promotional and support documents, Google says its government offering is certified and accredited under FISMA.

But in documents unsealed last week as part of a lawsuit that Google filed in October against the Department of the Interior, the Justice Department disagrees.

In its recent brief, Justice Department lawyers wrote that "notwithstanding Google's representations to the public at large, its counsel, the [Government Accountability Office], and this Court, it appears that Google's Google Apps for Government does not have FISMA certification."

The brief cites a December email in which a security officer at the U.S. General Services Administration, which issues the certifications, tells another official that "google for government does not have a c and a yet," referring to a FISMA certification and accreditation, but that the company was seeking the credential.

The General Services Administration did not immediately respond to a request for comment.

Google has responded that the consumer and business version of its office software -- Google Apps -- did receive a FISMA certification last July from the GSA.

"Google Apps for Government is the same system with enhanced security controls that go beyond FISMA requirements," said David Mihalchik, who oversees Google's government software intiatives, in a statement. He noted that Google "did not mislead the court or our customers."

In January, a judge granted Google a preliminary injunction in its case against the Interior department, in which Google alleged that in the agency's process to procure a new email system for its 88,000 employees, it had illegally skewed the bidding process to favor Microsoft products.

Microsoft jumped on the unsealed documents on Monday morning, with its Deputy General Council David Howard noting in a blog post the apparent contrast between Google's claims and those by the Justice Department.

"When it comes to security," Howard wrote, "the facts matter."

The city of Los Angeles has partially adopted Google's government email system for some of its 30,000 employees.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Justice Department saysGoogle product doesn't really have security credential"https://www.voiceofgreyhat.com/2011/04/justice-department-saysgoogle-product.html</a>

Google begins war against Windows

Google does battle with Microsoft in most of its business areas, but it's gearing up to tackle the big daddy of them all: Windows.

With Windows -- and Macs and other PC operating systems -- Google sees an inefficient, costly, and decidedly 20th century mode of computing. Data is stored on each PC's hard drive, so if a laptop is lost or damaged, all the data stored on it could be gone forever too. And when PCs break, they're expensive and time-consuming to fix.
 
That's especially true in the corporate world. Gartner estimates that each desktop in a corporation costs between $3,000 and $5,000 per year to manage. Laptops can cost even more.

Ironically, all that spending means offices end up with old, rickety computers that the users would never buy for themselves. The high cost of tech support makes it prohibitively expensive for many companies to keep their hardware and software up to date. Services firm NetApplications says that more than 50% of computers are still using Windows XP -- a 10-year-old operating system.

Google's (GOOG, Fortune 500) solution: Chrome OS, a Web-based operating system that is set for release on June 15.

On computers running Chrome OS, all of a user's information is stored in the cloud, in remote servers controlled by Google or other companies. Instead of a desktop software model, which relies on installed apps like Microsoft (MSFT, Fortune 500) Outlook and Word, customers will use on Gmail or another Web mail program, and Google Docs or Office 365, which exist online only. (Yes, you can run Microsoft's cloud Office software on a Google Chrome device.)

That goes for IT departments too. Intricate administrative software is replaced by a Web page that allows tech staff to manage all Chrome OS PCs. And Chrome OS automatically updates with the newest version, saving businesses from spending a fortune deploying new software versions.

"We're venturing into a really new model of computing," Sergey Brin, Google's co-founder, said at a press conference this week. "This head-to-toe software model eliminates a lot of complexity. Complexity is torturing everyone, and that's a flawed model."
0:00 / 2:51 Google's 'me too!' music cloud

Google believes it can save businesses at least 50% on their desktop support expenses if they switch to Chrome OS.

But Google has a long, long uphill battle to fight against the entrenched corporate behemoth that is Microsoft Windows. More than 90% of the world's computers run Windows.

Not every business is ready to simplify its hardware, since many rely on high-end software that does not yet exist as a Web application. And Google has had a shaky relationship with the enterprise in the past, gaining only tepid support for its cloud-based business applications suite.

Also, this has been tried before with practically zero success.

Nearly 20 years ago, Oracle CEO Larry Ellison predicted that "thin client," hard-drive-less desktops connected to and managed by a server would be the future of business computing. Sun Microsystems -- now owned by Oracle (ORCL, Fortune 500) -- also tried and failed to get businesses to adopt thin clients.

Google acknowledged past failures but says that this time, it's different. The company surveyed 400 businesses of all sizes and found that 75% said they could migrate to Chrome OS.

People are now more accustomed to running applications out of a browser, Google executives say. The company partnered with virtualization giant Citrix to allow Chrome OS computers to run Windows applications hosted in the cloud, letting businesses run Adobe (ADBE) Photoshop, for instance, on Chrome OS.

Also, unlike pervious attempts, Google is providing both the operating system and the computer as one package: For $28 per user per month ($20 for government offices and schools), companies can rent "Chromebook" netbooks from Google and get support included.

"For the first time, hardware and software are being packaged together as a service," said Sundar Pichai, Google's senior vice president of Chrome. "We think this can fundamentally change the way people use computing in companies."

As evidence that companies of any size can deploy Chrome OS, Google itself is in the process of switching over to the new operating system.

"We will be deploying them increasingly internally," Brin said. "I hope to report next year that we have a very small percentage of anything other than Chromebooks at Google."

Google thinks it can change the face of computing. The only obstacles: The world's largest software maker, notoriously stubborn IT departments and decades of history going against it.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google begins war against Windows"https://www.voiceofgreyhat.com/2011/05/google-begins-war-against-windows.html</a>

Google engineers deny Chrome hack exploited browser's code

Several Google security engineers have countered claims that a French security company found a vulnerability in Chrome that could let attackers hijack Windows PCs running the company's browser.

Several Google security engineers have countered claims that a French security company found a vulnerability in Chrome that could let attackers hijack Windows PCs running the company's browser.

Instead, those engineers said the bug Vupen exploited to hack Chrome was in Adobe's Flash, which Google has bundled with the browser for over a year.

Google's official position, however, has not changed since Monday, when Vupen announced it had successfully hacked Chrome by sidestepping not only the browser's built-in "sandbox" but also by evading Windows 7's integrated anti-exploit technologies.

"The investigation is ongoing because Vupen is not sharing any details with us," a Google spokesman said today via email.

But others who work for Google were certain that at least one of the flaws Vupen exploited was in Flash's code, not Chrome's.

"As usual, security journalists don't bother to fact check," said Tavis Ormandy, a Google security engineer, in atweet earlier today . "Vupen misunderstood how sandboxing worked in Chrome, and only had a Flash bug."

"It's a legit pwn, but if it requires Flash, it's not a Chrome pwn," tweeted Chris Evans, a Google security engineer and Chrome team lead, using the security-speak term for compromising an application or computer.

Justin Schuh, whose LinkedIn account also identifies him as a Google security engineer, chimed in with , "No one is saying it's not a legit exploit. The point is that it's not the exploit [Vupen] claimed."

When asked to confirm the source of the vulnerabilities it exploited, Vupen was blunt in its refusal to share any information.

"We will not help Google in finding the vulnerabilities," said Chaouki Bekrar, Vupen's CEO and head of research, in an email reply to questions. "Nobody knows how we bypassed Google Chrome's sandbox except us and our customers, and any claim is a pure speculation."

Last year, Vupen changed its vulnerability disclosure policies when it announced it would no longer report bugs to vendors -- as do many researchers -- but instead would reveal its work only to paying customers.

Today's Twitter back-and-forth between Google's engineers and Bekrar grew heated at times.

"When it comes to critical vulnerabilities, all software vendors/devs (including Google) always try to downplay the findings," Bekrar said on Twitter .

"I was thinking something similar about researchers who inflate their accomplishments," Schuh replied , also on Twitter, to Bekrar.

The point made by Ormandy, Evans and Schuh was that Vupen didn't exploit a bug in Chrome's own code, but in Flash, which has been partially sandboxed in the stable version of the browser since early March 2011 .

While the Google engineers seemed to acknowledge that a bug in Flash was involved in Vupen's exploit, they also defended the sandbox technology -- meant to isolate Flash from the rest of the computer -- even as it apparently failed to prevent an attack.

"The Flash sandbox blog post went to pains to call it an initial step," said Evans. "It protects some stuff, more to come. Flash sandbox [does not equal] Chrome sandbox."

The blog Evans referred to was published in December 2010 , where Schuh and another Google developer, Carlos Pizano said, "While we've laid a tremendous amount of groundwork in this initial sandbox, there's still more work to be done."

Chrome's Flash sandbox is currently available only in the Windows version of the browser; Google has promised to implement it in the Mac and Linux editions, but has not yet done so.

While Bekrar later hinted that Vupen's exploit did leverage a Flash vulnerability, he said the attack code also took advantage of at least one other bug. "[Chrome's] built-in plug-ins such as Flash are launched inside the sandbox which was created by Google, so finding and exploiting a Flash or a WebKit vulnerability will fall inside the sandboxes and will not circumvent it," he wrote. "A sandbox bypass exploit is still required."

Chrome has a reputation as a secure browser, in large part because of its sandbox technology. Chrome is the only browser to have escaped unscathed at the last three Pwn2Own hacking contests, the annual challenge hosted by the CanSecWest conference in Vancouver, British Columbia, and sponsored by HP TippingPoint's bug bounty program.

In March 2011, no one took on Chrome at Pwn2Own, even though Google had offered a $20,000 prize to the first researcher who hacked the browser and its sandbox.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google engineers deny Chrome hack exploited browser's code"https://www.voiceofgreyhat.com/2011/05/google-engineers-deny-chrome-hack.html</a>

Google TV Update For Android 3.1 (Honeycomb)

Google announced on its Google TV blog Friday that the platform will be upgraded to Android 3.1 (otherwise known as Honeycomb) for Sony devices Sunday, with the Logitech Revue set-top box getting its upgrade "soon thereafter." What will you get with this software upgrade to Android? Google says it's "much simpler." Its customization capabilities will go a long way toward alleviating the awkwardness of its first iteration, which Google admits was "not perfect."
And the addition of the Android Market will open up a variety of applications, with the promise of more -- perhaps thousands more -- on the way. One welcome improvement will be an easier ability to search across all the TV shows at your disposal. With this update, Google's trying to answer that age-old question, "What's on?" If Google can pull that off, it could be a powerful thing indeed. The company says it has learned from its mistakes with the first version of Google TV and is "committed to find the best way to discover and engage with the high-quality entertainment on your television." So does that mean Google TV will be able to find all the shows from whichever cable or satellite provider you're subscribing to, or from the web via all of the apps within Google TV, such as Netflix, Amazon Instant Video, and HBO Go? Maybe. Of course, Google plans to improve Google TV's search across YouTube, its own video streaming service.
In the blog post, Google also hinted at future software updates (Ice Cream Sandwich, anyone?) and new devices "on new chipsets from multiple hardware partners." Hey, this is getting interesting.
We'll have to reserve judgment until we can install this software update on our Logitech Revue box, but for now, clearly this update has great potential. It makes perfect sense for Google -- purveyor of Android, the Chrome browser, YouTube and by the way, the world's search expert -- to leverage these powerful capabilities in its TV set-top. The hurdle Google needs to navigate is not so much a technical or software one, but a matter of negotiating and arm-twisting of content providers. Will the company gain cooperation from TV networks and movie studios, allowing their content to be searchable on the Google TV platform? That's the key to Google TV's success.

• To see the google TV blog post click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google TV Update For Android 3.1 (Honeycomb)"https://www.voiceofgreyhat.com/2011/11/google-tv-update-for-android-31.html</a>

Outage Day -Google Talk & Twitter Knocked Offline For Hours

Outage Day -Google Talk & Twitter Knocked Offline For Hours 

Yet again social networking giant Twitter faced massive cyber attacks which interrupts its normal service. Millions of people across the planet were having problems while accessing Twitter on Thursday, a day before the 2012 Olympic Games are expected to cause a spike in use of the micro-blogging site. The San Francisco-based company acknowledged the problem, saying "Users may be experiencing issues accessing Twitter. Our engineers are currently working to resolve the issue". Visitors to the site were greeted with a half-formed message partially in code saying that "Twitter is currently down."

At the time of outage, VOGH team took the above screen shot which clearly indicating that twitter was indeed down. Sluggishness or outages were reported from countries in North America, Europe, Asia, Latin America, the Middle East, and Africa. Some users were apparently able to post updates known as 'tweets' through their phones or third-party  applications. About an hour after issues were first spotted, service appeared to be restored in parts of the U.S. and Asia, but users elsewhere continued to report problems. So far Twitter did not confirmed the reason of this disturbance. But its predictable that the cause of this outage was either cyber attack or some kind of technical issues. We also like to remind you that, this is not the first time; last month a hacker collective group named UG Nazi performed massive denial of service attack which send Twitter offline for a certain peroid. 

_________

Not only Twitter, Google Talk the popular instant messaging service used by millions across the world, suffered a massive outage lasting over four hours. The outage, which started around 4PM India time, affected users across the world. Millions of Google Talk users around the globe reported that they could log into the service, saw their contacts with the respective status but failed to send messages to them. Some other users could not log in. Google immediately acknowledged that Google Talk service was having some issues at 4.10pm, saying, "We're investigating reports of an issue with Google Talk."

The service is not only used by people to keep in touch with friends but has also become a popular way to interact with co-workers in offices.

According to Google, the service was restored around 8.25pm. "Google Talk service has already been restored for some users, and we expect a resolution for all users in the near future. Please note this time frame is an estimate and may change," said the company. Nearly 40 minutes after this message, the company declared that Google Talk service was fully restored. "The problem with Google Talk should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better," it said. Earlier, Google responded fast to the problem. 

"We're aware of a problem with Google Talk affecting a majority of users. The affected users are able to access Google Talk, but are seeing error messages and/or other unexpected behavior. We will provide an update by 7/26/12 5.20pm detailing when we expect to resolve the problem. Please note that this resolution time is an estimate and may change," the company said on the status page of Google Talk app. After that the company provided hourly report on the outage.

However, like Twitter Google also did not explain what caused the outage and how many users were affected by it.

-Source (TOI)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Outage Day -Google Talk & Twitter Knocked Offline For Hours"https://www.voiceofgreyhat.com/2012/07/OutageDayGoogleTalkTwitterKnockedOffline.html</a>

Google Has 1 Billion Unique Monthly Visitors

Google revealed more than a year ago that it has more than 1 billion searches a day and averages 1 billion searchers a week. Now it can add 1 billion unique visitors per month to that storied stat club. comScore revealed that Google's Websites, including its search engine, YouTube video-sharing site and Gmail, lured more than a billion unique visitors in May. That's up 8.4 percent from a year ago. It is the first time an Internet company has hit that benchmark, according to the researcher. See the report here or this snapshot on Search Engine Land. That would be nice if it weren't for the fact that Google's rivals are growing their online traffic, too. Microsoft, whose Bing search engine came on strong last year, followed with 905 million unique visitors in May, good for growth of 15 percent. Facebook, meanwhile, saw its visitor count balloon to 714 million visitors, perhaps an accurate reflection of its current user base. Facebook's year-to-year growth was a remarkable 30 percent. More impressive (and scary, for Google) is Facebook's user engagement stat: comScore said the social network's users logged 250 billion minutes worldwide in May, up 66 percent from May 2010. 

In a June 15 blog post, comScore said Facebook's average U.S. visitor engagement has grown from 4.6 hours to 6.3 hours per month over the past year. Nielsen confirmed the six-hour stat in its own research.

Microsoft is next at 204 billion minutes, down 13.6 percent, while Google is third with 200 billion minutes, good for growth of 13 percent. Facebook's ability to keep users logged in the walled garden is the reason why Google is logically infusing its Web services with social software. 

This Web phenomenon is also the reason Google has been revving up its mobile and display advertising efforts. The company acquired mobile ad maker AdMob for $750 million last year and agreed to buy display ad player Admeld last week. Google has also accelerated its YouTube efforts, adding thousands of streaming movie titles and using Google TV as a new access point for YouTube and its display ads.

Near-term, Google has little to worry about. EMarketer said Google will take 41 percent of all ad dollars, with Facebook netting 7 percent of U.S. online ad spending this year.

What Google is nervous about is that Facebook is getting more users to stay online with its site longer, which means more users are seeing more display ads on the network.

This generates more ad cash for Facebook and its partners. Moreover, ad partners who would normally go to Google, Microsoft or Yahoo for display ad placement now have Facebook as the optimal choice to spread their message. This is why Google has been boosting social -- adding the +1 button -- and why it's been fortifying its already strong ad arsenal.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Has 1 Billion Unique Monthly Visitors"https://www.voiceofgreyhat.com/2011/06/google-has-1-billion-unique-monthly.html</a>

Google Sent 20,000 Hacked Notification Message To Webmasters

Google Sent 20,000 Hacked Notification Message To Webmasters 

Matt Cutts from Google has just announced that they have sent out 20,000 messages to owners of websites which may have been hacked. As part of Google’s search quality efforts, strong communication with the webmaster community continues via numerous on-line channels. 

Google advises webmasters and website owners that Google Webmaster Tools remains the single most reliable channel of communication with the search engine. The recent set of notifications was targeting websites which may have been hacked and demonstrating strange redirects.  Privacy advocates are pressing for an investigation into Google after a report by the Federal Communications Commission (FCC) failed to find evidence the search engine giant broke the law in collecting data through its Street View service. The Electronic Privacy Information Center (EPIC) penned a letter to U.S. Attorney General Eric Holder requesting the U.S. Department of Justice launch an investigation into Google. EPIC filed the original complaint with the FCC regarding Google's controversial Street View data-collection practices.

“Over a three-year period, Google, Inc., deployed hundreds of cars on roadways across the United States, outfitted with digital cameras and WiFi receivers, to capture both images available from public roadways and the private communications of Internet users,” EPIC Executive Director Marc Rotenberg wrote in the letter. Google’s “Street View” program has given rise to numerous investigations and lawsuits, but none have adequately determined whether Google’s conduct violated the federal Wiretap Act.”

The letter follows a decision by the FCC to fine Google $25,000 for obstructing its investigation into the allegations surrounding Street View. However, “by the agency’s own admission, the investigation conducted was inadequate and did not address the applicability of federal wiretap law to Google's interception of emails, usernames, passwords, browsing histories, and other personal information," Rotenberg contended.

Rep. Edward Markey, a member of the House Energy and Commerce Committee, recently called the $25,000 fine "a mere slap on the wrist for Google."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Sent 20,000 Hacked Notification Message To Webmasters"https://www.voiceofgreyhat.com/2012/04/google-sent-20000-hacked-notification.html</a>

critical Chrome bugs has been patched

Google on Tuesday patched several vulnerabilities in Chrome, including two a French security company said could be used to bypass the browser's anti-exploit technology.

But Chrome 11.0.696.71, which Google rolled out yesterday to users via its automatic update mechanism, does not patch the flaw that Vupen researchers said earlier this month could be exploited on Windows 7. Tuesday's security update was the second for the Chrome "stable" build -- the most polished version of the browser -- this month. Google fixed four vulnerabilities in the update, including two rated "critical," the category typically reserved for bugs that may let an attacker escape Chrome's "sandbox." Google has patched five critical bugs so far this year. One of the remaining pair of flaws was ranked "high" -- and got the researcher who reported it a $1,000 bug bounty -- while the other was labeled "low" on Google's four-step threat scoring system. The two critical vulnerabilities were credited to Google's own security engineers. Although Google declined to confirm that the two most serious bugs could be used by attackers to break out of the Chrome sandbox, and thus plant malicious code on the computer, French security firm Vupen said that that was likely. "The vulnerabilities fixed today and related to GPU and blob handling are a typical example of critical vulnerabilities that can affect Chrome and can be exploited to execute arbitrary code outside the sandbox," said Chaouki Bekar, Vupen's CEO and head of research, in an email reply to questions. Still unpatched, said Bekar, is the bug or bugs that Vupen said its researchers found, then figured out how to exploit, earlier this month. "The recent flaws we discovered in Chrome, including the sandbox bypass, remain unpatched and our exploit code works with version 11.0.696.71, too," said Bekar. Those vulnerabilities made news earlier this month when Vupen announced it had hacked Chrome by sidestepping not only the browser's built-in sandbox but also by evading Windows 7's integrated anti-exploit technologies. Within days, several Google engineers denied that the bugs Vupen exploited were in Chrome itself, claiming instead that the French firm leveraged a flaw in Adobe's Flash, which Google bundles with Chrome. Chrome has been resistant to attack, primarily because of its sandbox technology, which is designed to isolate the browser from the rest of the machine, making it very difficult for a hacker to execute code on the computer. For example, Chrome has escaped unscathed in each of the last three Pwn2Own hacking contests, an annual challenge hosted by the CanSecWest conference in Vancouver, British Columbia, and sponsored by HP TippingPoint's bug bounty program. No other browser included in Pwn2Own has matched Chrome's record at the contest. On Tuesday, Google spokesman Jay Nancarrow declined to comment further about the Vupen exploit claims, and referred to previous statements that Google was unable to investigate the bugs because Vupen would not share details of the flaws. Last year, Vupen announced a change in its vulnerability disclosure policies, saying it would no longer report bugs to vendors -- as do many researchers -- but would reveal its work only to paying customers. According to Web measurement company Net Applications, Chrome accounted for 11.9% of all browsers used last month, putting Google's program in third place behind Microsoft's Internet Explorer, with 55.1%, and Mozilla's Firefox, with 21.6%. Chrome 11 can be downloaded for Windows, Mac OS X and Linux from Google's Web site. Users already running the browser will be updated automatically.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">critical Chrome bugs has been patched"https://www.voiceofgreyhat.com/2011/05/critical-chrome-bugs-has-been-patched.html</a>

Google Deodorizes Sniffable Android Security Flaw

A new round of patching has begun for Android phones, the vast majority of which were found to be vulnerable to hackers if the owner was using it on an open WiFi network. The flaw affected 99.7 percent of all Android smartphones running Android 2.3.3 and earlier versions because they don't use a secure HTTPS connection, according to researchers.

Google (Nasdaq: GOOG) has begun rolling out a patch to fix a security flaw in versions 2.3.3 and earlier of its Android mobile operating system.

That flaw affects all Google services using the ClientLogin authentication protocol.
It lets hackers access any personal data available through Android's application programming interfaces (APIs).
"The flaw is now fixed for all versions of Android worldwide," Google spokesperson Randall Sarafa told LinuxInsider.
The patch is being rolled out in stages over several days, Sarafa said.

The Hole in Android

The flaw gained media attention after it was publicized by the University of Ulm.
Here's how it works: When an application wants to get access to Android's APIs, it requests an authentication token through ClientLogin by providing an account name and password.
The system then returns an authorization token, which is good for up to two weeks.
If the token is used in requests sent over unencrypted networks, such as WiFi networks, hackers can steal it. They can then use the token to access any personal data made available through the service API.
The hackers will gain full access to the victim's calendar, contacts information, or private Web-based photo albums. They'll be able to view, delete, or modify any calendar events, contacts, or private pictures, the Ulm University researchers said.
The flaw affected 99.7 percent of all Android smartphones running Android 2.3.3 and earlier versions because they don't use a secure HTTPS connection, the researchers said.
Google's patch forces an HTTPS connection for calendar and contacts sync on Android, Sarafa said.

More on the Flaw

Authentication tokens are widely used for online services such as eBay (Nasdaq: EBAY). They are also used by software and application vendors such as Microsoft (Nasdaq: MSFT) and Splunk, and in Apple's (Nasdaq: AAPL) iOS mobile operating system.
There was a problem with the authentication token on Android because Google's implementation was faulty, Paul Laudanski, director of ESET's cyber threat analysis center, told LinuxInsider.
"The entry point is having an unpatched or vulnerable Android system connecting to Google services using ClientAuth over an unencrypted public WiFi network," Laudanski explained. "The correct implementation is to transmit the authorization token in a secured manner."
Google services transmit the authorization token as an open text message, which can be easily stolen.
If the technology is implemented correctly and the authorization tokens are sent securely, then even if an unencrypted WiFi network is used, the user information would appear as garbage to snoopers, Laudanski pointed out.
Google's implementation of the technology may not have been faulty in and of itself, argues Mike Paquette, chief strategy officer at Top Layer Security.
"The problem appears to be the use of the ClientLogin protocol, allowing these sniffable authentication protocols, combined with a long expiry time," Paquette told LinuxInsider. "This makes exploits practical and even likely," he added.
Android smartphone owners should stay away from heavily used public WiFi hotspots, Paquette warned. "It's likely that attackers would target areas with large numbers of users of public WiFi in order to have the greatest return," he explained.

Old Problems Refreshed

The security flaw in Android was apparently first discovered by Dan Wallach of Princeton University, who blogged about it in February.
In an experiment during his undergraduate security class, he set up a sniffer with fellow students to listen in on his Android smartphone. They used Wireshark and Mallory.
Wireshark is a network protocol analyzer for Unix and Windows. Mallory is a transparent TCP and UDP proxy. It can be used to access network streams and assess mobile Web applications, among other things.
UDP, the User Datagram Protocol, is one of the core members of the Internet Protocol (IP) Suite. It lets applications directly send messages, or datagrams, to other hosts on an IP network.
The team found that Google doesn't encrypt traffic to Google Calendar, although it properly encrypts traffic to Gmail and Google Voice. Eavesdroppers could see victims' calendar transactions and likely impersonate them on Google Calendar, Wallach found.
The University of Ulm researchers built on Wallach's research.
Android smartphone users should apply the same security precautions to their devices as they would do with their laptops, Torsten George, vice president of marketing at Agiliance, told LinuxInsider.
"Smartphones are essentially taking on the role of a regular computer," George pointed out. "Thus, they are just as vulnerable to attack by cybercriminals as regular laptop or desktop computers."
Because they lack built-in security, smartphones "open up a bigger attack surface than traditional computer devices," George added

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Deodorizes Sniffable Android Security Flaw"https://www.voiceofgreyhat.com/2011/05/google-deodorizes-sniffable-android.html</a>

Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever

Android 4.4 'KitKat' All You Need to Know-The More Compatible, Intelligent and Simple Android Ever 

Earlier we have discussed several times on android- which is one of the world's most popular and widely used operating system based on Linux kernel, mainly designed for smartphones and tablet computers. Since last four years we have got various flavor of android among them 2.2 (Froyo), 2.3.3–2.3.7 (Gingerbread), 3.2 (Honeycomb), 4.0.3–4.0.4 (Ice Cream Sandwich) & 4.1.x-4.3.x (Jelly Bean) successfully drawn public attention and gained popularity. After the success of Jelly Bean, now Google has introduced Android 4.4 nicknamed 'KitKat.' Official website of android explained the reason of this nomenclature -'as everyone finds chocolate so tempting, we decided to name the next version of Android after one of our favorite chocolate treats, the KitKat®!' Immediately after this release android 4.4 is vogue as with this version of android Google improved performance and memory usage, makes this version more compatible than ever; you can easily try KitKat on your older smartphones. Now lets illuminate android 4.4 briefly-

Introduction:-

Readers, I will introduce a simple way the new features of the version of android, "The KitKat" Accompanies the more intelligent and simple search for Android, says the official Google blog, and more importantly, Should Have compatibility with older devices. This means more people que can have access to the innovations than other Android updates.

Performance and improved use of memory:-

Many of the major changes are the KitKat under the hood. The overall performance should improve, especially in relation to RAM. The Android developers site says "KitKat streamlines all the key components to reduce memory consumption", so even older smartphones running Android 4.4 will be faster and more responsive - even with 512MB of RAM. The multitasking should work better and you can switch applications without lock your smartphone.

Simpler and more powerful: (Google Now)

The Google Now gained much prominence in KitKat, with quick, more cards, and more features without using their hands. Not too can wake up your smartphone to start a search and take a picture saying only "OK Google Now"? It's like Google Glass, but on your smartphone.

The Google Now will also gain space on your homescreen, if you want (and you can slide left to right to find it), and Google will add more cards to make your smartphone smarter automatically suferindo things based on your interests , location, and more.

Support SMS, location sharing, and animated GIFs in Hangouts:-

Google announced this week that Hangouts will turn the main messaging app - is text messaging, video calls and instant. If you hate having your conversations scattered in several different apps, with KitKat you need only Hangouts, which replaces the old Mail app.

The use of location sharing can be very convenient when you're meeting a friend and wants to tell exactly where it is.

Finally, if you like to put emojis in messages, are present in many new keyboard Google.

Improvements in NFC, Cloud Printing and File Management:-

The KitKat also includes improvements that developers can now use apps to improve their apps. Regarding the NFC, it may automatically take you to the right app when you touch your device into a payment terminal. Printer manufacturers can develop served to send print files from Android to your printer. And the new framework for access to storage provides a consistent way to access files stored in other facilities in other apps (eg, open or save files in Dropbox or Box when you're in the browser).

In short, I will whole heartily agree with Google while saying -KitKat 4.4 is Smart, simple, and truly yours To know more about Android 4.4 'KitKat' click here

While concluding this article, I on behalf of Team VOGH, want to thank our new guest editor Mr. Rafael Souza, for sharing his view and extensive thought on android 4.4. Rafael we love you. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever"https://www.voiceofgreyhat.com/2013/12/android-4.4-kitkat.html</a>

GOOLGE Plus is Putting Pressure on Facebook

 

Google is making a fresh attempt at social networking with a service that competes with Facebook. The service, called Google Plus, has a similar appearance as Facebook, with streaming updates of photos, messages, comments and other content from selected groups of friends, said Bradley Horowitz, vice president, product management. It will integrate Google’s maps and images.
As Internet users spend more time on social-networking sites, Google, the world’s biggest Internet-search company, is releasing new social features to lure web surfers to its own services and expand advertising sales. Facebook, the world’s most popular social network, captured 13 percent of total hours people spent online in May, while Google attracted 10 percent, according to ComScore Inc.
“It’s something that is changing the quality of Google itself,” Horowitz said of the push into social networks. “It’s the Google you know and love, but now with people.”
Chief Executive Officer Larry Page is starting Google (plus) after missteps last year with the introduction of a social component to Gmail called Buzz. In March, Google reached a settlement with the Federal Trade Commission to resolve concerns it violated its own privacy policies. Executive Chairman Eric Schmidt, CEO for a decade before Page assumed the role, said earlier this month that he “screwed up” in the area of social networking. “I clearly knew I had to do something and I failed to do it,” he said.

The new service will initially be available to only a limited set of users in a test. The company has been testing internally and it’s now ready to gradually open up what it calls a “project” to the general public. The service is available only by invite for now.

“This is a project that will span many years,” Horowitz said. “This is not something where we’re done. On the contrary — we’re just getting started, laying some of the foundation and then many features will evolve.”

With Google (plus), users easily share information based on the circle of friends they think would most like to see a photo or read a message. Once users sign up, they have a profile page with security settings that let them share or hide personal information, such as education or job descriptions.

Other Google (plus) features include Sparks, which gathers videos and articles on topics of interests or hobbies, and Hangouts, which lets friends join video chat with multiple people at once. There is also a mobile version of Google (plus) for handsets running the Android software, and the company is developing a version for Apple’s iPhone. The mobile version enables text-message chats with multiple users and, with an opt-in, photos and videos are automatically stored in an online album for later access.

“We already have users,” Horowitz said. “This isn’t a startup that’s trying to acquire users. The users are here already. It’s just that the experience we’ve offered them is incoherent and disconnected.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">GOOLGE Plus is Putting Pressure on Facebook"https://www.voiceofgreyhat.com/2011/07/goolge-plus-is-putting-pressure-on.html</a>

Google Increases Bounties For Serious Code Execution Bugs found in Google Product

Google Increases Vulnerability Bounties In Anniversary of Vulnerability Reward Program

In Anniversary of Vulnerability Reward Program Google has officially declared that the company is increasing its bounties for serious code execution bugs found in production versions of Google products. This announcement is made through the official blog of Google Online Security. The blog post says that the programme has been a great success so far, with over 780 vulnerability reports being received from around 200 individuals. In the first year of the programme's existence, Google has paid out around $460,000 in total. Bounties are only paid to individuals if the vulnerabilities have been disclosed in a responsible manner, allowing Google to fix them before hackers can build proof-of-concept attack code. 

At the same time, Google has decided to decrease rewards for flaws found in products that have been acquired by the company but have not yet been integrated into the main Google product line. The company says that it will decide what vulnerabilities qualify as high risk issues and will be paying bounties based on that assessment.

According to Google Online Security the bounties will be -

• $20,000 for qualifying vulnerabilities that the reward panel determines will allow code execution on our production systems. 

• $10,000 for SQL injection and equivalent vulnerabilities; and for certain types of information disclosure, authentication, and authorization bypass bugs. 

• Up to $3,133.7 for many types of XSS, XSRF, and other high-impact flaws in highly sensitive applications.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Increases Bounties For Serious Code Execution Bugs found in Google Product"https://www.voiceofgreyhat.com/2012/04/google-increases-bounties-for-serious.html</a>

Vulnerabilities Found in Google Plus, An Attacker Can Perform DDoS Attack Using Google's Bandwidth

Hello hacker meet your new friend Google plus. Don't get panic. Now you can perform DDoS attack while using the bandwidth of Google.  A security expert has discovered certain flaws in Google’s server which can allow hackers to mount massive distributed denial of service (DDOS) attacks. Simone Quatrini, a penetration tester with Italy-based security firm AIR Sicurezza Informatica, revealed that vulnerabilities in Google’s server allow hackers to use the search engine as a proxy to retrieve content for them.
The security expert has developed a script which can allow it to use Google’s bandwidth to launch DDOS attacks on any website. Quatrini contacted Google about the flaw on August 10, but got no reply from the company. It was then that he decided to disclose the vulnerabilities to the public. Researcher and computer student Ryan Dewhurst had also alerted Google about the flaws, but also did not receive a reply. Quatrini claimed he was getting a bandwidth of 91Mbps even though his home server only receives bandwidth of 6Mbps.

“Is possible to request any file type, and G+ will download and show all the content. So, if you paralyse so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+,” Said Quatrini.

Here is video which will clarify you how to do DDoS while using Google's Bandwidth:-

To Download the DDoS Source Code click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Vulnerabilities Found in Google Plus, An Attacker Can Perform DDoS Attack Using Google's Bandwidth"https://www.voiceofgreyhat.com/2011/08/vulnerabilities-found-in-google-plus.html</a>

Google Patches Sidejacking Vulnerability

Google has been rolling out a server-side patch for the ClientLogin authentication protocol vulnerability that affects 99.7% of Android smartphones.
"We recently started rolling out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days," said a Google spokesperson via email.

 Google's fix comes in response to a warning, published earlier this month by researchers at the University of Ulm in Germany, that Android devices could be exploited in a sidejacking-like attack. Just as website session cookies can be stolen (sidejacked), allowing attackers to impersonate a user, attackers could sniff data being sent to and from Android smartphones that are connected to unsecured Wi-Fi networks--by using a tool such as Wireshark--and capture tokens for any Google service that uses the ClientLogin authentication protocol. Applications that use this protocol include Google Calendar, Contacts, and Picasa, as well as third-party applications for Facebook and Twitter.
Android smartphone users running the latest OS, 2.3.4, were already protected against the vulnerability. But 99.7% of Android users are still on older operating systems.
Accordingly, Google's solution has been a server-side fix that forces Android devices to use HTTPS--to keep data encrypted--when syncing with the Google Contacts or Calendar, so that authentication credentials can't be intercepted. "The great news is that it doesn't require a software update on the Android devices themselves--meaning the fix is automatic and worldwide. Effectively this is a silent fix," said Graham Cluley, senior technology consultant at Sophos, in a blog post.
No attacks have been seen that exploit the vulnerability, and a fix is still in the works for Picasa. For now, Picasa users can mitigate the vulnerability by avoiding unsecured Wi-Fi networks, which would prevent their authentication credentials from being stolen.
Security-wise, Google's server-side patch is a crucial move because most cell phone carriers rarely push patches or OS updates to their customers. Because of that, some industry watchers had worried that Google would have difficulty securing older devices. For now, it's dodged that bullet, but in the future, major flaws could still pose a problem. "Concerns still remain as to how easy it would be to fix a serious security vulnerability on the Android devices themselves, given that Google is so reliant on manufacturers and carriers to push out OS updates," said Cluley.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Patches Sidejacking Vulnerability"https://www.voiceofgreyhat.com/2011/05/google-patches-sidejacking.html</a>

Google Gets Another Chance To Operate In China For One Year

Google’s relationship with the government of China has been a tad tense over the past couple of years. There have been accusations of state-sponsored hacking, interference with access to services, and, of course, Google’s flat-out refusal to censor search results. China also wasn’t pleased with the introduction of Google Plus in Gmail this summer, which shouldn’t have come as a surprise. The Chinese government is widely regarded as being afraid of social networks and some officials even believe that they are being used by the U.S. to destabilize China.
But despite those fears and tensions with Google, a government spokesperson has announced that the license Google requires to continue operations within Chinese borders has been renewed for another year. China’s Ministry of Industry and Information Technology stated that the Google license was one of more than a hundred that were renewed following “adjustments” to operations, though no details about those changes were given.

It’s worth noting that the Internet content license doesn’t actually belong to Google, and that could very well have something to do with the renewal. The license actually belongs to a Chinese partner who works with Google, since the Ministry doesn’t allow foreign companies to own such licenses. Since the spat began, Google’s presence in China has diminished greatly. Its search market share has been devoured by Baidu, who now has its sights set on Google Chrome and Android. Baidu recently announced the Baidu Yi mobile operating system, which will begin shipping on Dell tablets and smartphones in China in the near future.

-News Source (Geek.com)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Gets Another Chance To Operate In China For One Year"https://www.voiceofgreyhat.com/2011/09/google-gets-another-chance-to-operate.html</a>