Think Twice Before Using Google To Download Software, Researchers Warn

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries. Ars Technica reports: “Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not “the norm.'”

The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.

On the same day that Spamhaus published its report, researchers from security firm Sentinel One documented an advanced Google malvertising campaign pushing multiple malicious loaders implemented in .NET. Sentinel One has dubbed these loaders MalVirt. At the moment, the MalVirt loaders are being used to distribute malware most commonly known as XLoader, available for both Windows and macOS. XLoader is a successor to malware also known as Formbook. Threat actors use XLoader to steal contacts’ data and other sensitive information from infected devices. The MalVirt loaders use obfuscated virtualization to evade end-point protection and analysis. To disguise real C2 traffic and evade network detections, MalVirt beacons to decoy command and control servers hosted at providers including Azure, Tucows, Choopa, and Namecheap. “Until Google devises new defenses, the decoy domains and other obfuscation techniques remain an effective way to conceal the true control servers used in the rampant MalVirt and other malvertising campaigns,” concludes Ars. “It’s clear at the moment that malvertisers have gained the upper hand over Google’s considerable might.”

Read more of this story at Slashdot.

Google’s Stadia Controller Is Getting Bluetooth Support

Google is launching its final Stadia game today and is promising to release a tool next week to enable Bluetooth connections on its Stadia Controller. The Verge reports: The last Stadia game to launch on the service is Worm Game, a test game that was technically available on Stadia before Stadia launched publicly in November 2019. Developers at Google have decided to release the game just before the streaming service disappears next week. […] Alongside the new game, Google is also committing to enabling Bluetooth on Stadia controllers. Google Stadia owners will be pleased to hear there’s a self-serve tool coming next week that will enable Bluetooth on the Stadia Controller. “We’ll share details next week on how to enable this feature,” says a Google Stadia community manager in a forum post.

Google originally launched the Stadia Controller as a device that connects directly to Stadia services and had the Bluetooth chip disabled. After news broke of the Stadia shutdown, fans have been finding ways to save the controller from an e-waste fate by using workarounds to connect it wirelessly to other devices. Workarounds like connecting to an Android device will no longer be required thanks to this new tool. It means that most Stadia players that purchased a Founders or Premiere edition will have been effectively gifted a free Bluetooth controller thanks to Google’s refunds.

Read more of this story at Slashdot.

Google Rolls Out New Features Across Maps, Search and Shopping

Google announced today that it’s introducing a slew of new Maps, Search and Shopping features. The company revealed a majority of the new features during its Search On event in September and is now starting to roll them out to users. TechCrunch reports:
Search
Starting today, users will be able to use Search to find their favorite dish at a restaurant near them. For example, you can search “truffle mac and cheese near me” to see which nearby restaurants carry the dish on their menu. Once you find a specific dish that you’re looking for, you can get more information about its price, ingredients and more. Another new Search functionality lets you use Google’s multisearch feature to find specific food near you. Say you see something tasty-looking online, but don’t know what it is or where to find it. You can now use Lens in the Google app for Android or iOS to snap a picture or take a screenshot of a dish and add the words “near me” to find a place that sells it nearby. Later this year, Google is going roll out an update to its Lens AR Translate capabilities so users can more seamlessly translate text on complex backgrounds. Instead of covering up the original text like it currently does, Google is going to erase the text and re-create the pixels underneath with an AI-generated background, and then overlay the translated text on top of the image.
Maps
As for the new Maps features, Google is launching a new visual search experience called Live View in London, Los Angeles, New York, Paris, San Francisco and Tokyo. […] In addition to displaying information about where places are, users will be able to see key information about each spot overlaid, such as whether the location is busy, if its open, what the price range is, etc. Another new Maps feature makes it easier for EV owners to find the best charging station for their vehicle. Now, you can search for “EV charging stations” and select the “fast charge” filter. You can also filter for stations that offer your EV’s plug type. Google also announced that it’s expanding its “accessible places” feature globally after initially launching it in the U.S., Australia, Japan and the U.K. in 2020. The feature is designed to help people determine whether a place is wheelchair accessible.
Shopping
Google has announced a new AR shopping feature that is designed to make it easier to find your exact foundation match. The company says its new photo library features 148 models representing a diverse spectrum of skin tones, ages, genders, face shapes, ethnicities and skin types. As a result, it should be easier for shoppers to better visualize what different products will look like on them. […] Users can now also shop for shoes using AR.

Read more of this story at Slashdot.

Pebble, the OG Smartwatch That May Never Die, Updated To Work With Pixel 7

Nearly six years after the Pebble smartwatch was purchased by Fitbit and discontinued, a new Pebble app for Android has been released by the Rebble Alliance, a group that has kept Pebble viable for its users since Fitbit shut down Pebble’s servers in mid-2018,” writes Ars Technica’s Kevin Purdy. “Pebble version 4.4.3 makes the app 64-bit so it can work on the mostly 64-bit Pixel 7 and similar Android phones into the future. It also restores a caller ID function that was hampered on recent Android versions.” From the report: Most notably, the app is “signed using the official Pebble keys,” with Google Fit integration maintained, but isn’t available through Google’s Play Store. Google acquired Fitbit for $2.1 billion, making it the steward of Pebble’s remaining IP and software pieces. Katharine Berry, a key Rebble coder and leader, works on Wear OS at Google and was one of the first to tweet news of the new update, “four years after 4.4.2.” That was the last Play Store update to the Pebble app from Pebble developers, one that freed up many of the app’s functions to be replaced by independent servers.

That’s exactly where Rebble picked up, providing web services to Pebble watches, including (for paying subscribers) voice dictation. But those services still relied on the core Pebble app to connect the watch and smartphone. If Android did make the leap to a 64-bit-only OS, it could have left Pebble/Rebble users in the lurch. Berry’s post on r/pebble offers “thanks to Google for providing us with one last update!” This is, to be sure, not the typical outcome of products that have been acquired by Google, even if second-hand.

Read more of this story at Slashdot.

Google Starts Real-World Testing Its Giant Video Chat Booths

A year after announcing its “Project Starline” video booth idea, Google says it’s expanded enterprise testing with third parties and is working on making Starline “more accessible,” reports Ars Technica. From the report: Project Starline basically asks the question, “What if Zoom was a giant, sit-down arcade machine?” While the home console version of video chat just involves a tiny camera above your laptop screen, Starline brings 3D video chat to life in a 7×7-foot sit-down booth, with seemingly no regard given to cost, size, or commercialization. The goal is to make it seem like the other person is in the room with you, and Google categorizes it as a “research project.” As for what Starline actually is, a Google Research paper contains a good amount of detail. The display side of the video booth features 14 cameras and 16 IR projectors, which all work to create, capture, and track a real-time, photorealistic 3D avatar of the user. Four microphones and two speakers don’t just play back speech; spatialized audio and dynamic beamforming supposedly make the speech sound like it’s coming out of the avatar’s mouth.

People who have tried Starline seem to like it, but considering you have to be personally invited by Google to try it, that’s only a very small handful of people. It’s hard to imagine much of a market for what must be a six-figure video booth the size of a small bathroom, but Google is pushing ahead with more testing. A Google statement says: “Today, Project Starline prototypes are found in Google offices across the US, with employees using the technology every day for meetings, employee onboarding and building rapport between colleagues.” The company continues: “Beyond Google employees, we’ve also invited more than 100 enterprise partners in areas like media, healthcare and retail to participate in demos at Google’s offices and provide us with feedback on the experience and applications to their businesses. We see many ways Project Starline can add business value across a number of industries, and we remain focused on making it more accessible.” Salesforce, WeWork, T-Mobile, and Hackensack Meridian Health have signed up to try it. WeWork, a company based around renting too-expensive-to-own office space, seems particularly enthused with the idea.

Read more of this story at Slashdot.

US Approves Google Plan To Let Political Emails Bypass Gmail Spam Filter

The US Federal Election Commission approved a Google plan to let campaign emails bypass Gmail spam filters. From a report: The FEC’s advisory opinion adopted in a 4-1 vote said Gmail’s pilot program is permissible under the Federal Election Campaign Act and FEC regulations “and would not result in the making of a prohibited in-kind contribution.” The FEC said Google’s approved plan is for “a pilot program to test new Gmail design features at no cost on a nonpartisan basis to authorized candidate committees, political party committees, and leadership PACs.” On July 1, Google asked the FEC for the green light to implement the pilot after Republicans accused the company of giving Democrats an advantage in its algorithms. Republicans reportedly could have avoided some of their Gmail spam problems by using the proper email configuration. At a May 2022 meeting between Senate Republicans and Google’s chief legal officer, “the most forceful rebuke” was said to come “from Sen. Marco Rubio (R-Fla.), who claimed that not a single email from one of his addresses was reaching inboxes,” The Washington Post reported in late July. “The reason, it was later determined, was that a vendor had not enabled an authentication tool that keeps messages from being marked as spam, according to people briefed on the discussions.”

Read more of this story at Slashdot.

Do Inaccurate Search Results Disrupt Democracies?

Users of Google “must recalibrate their thinking on what Google is and how information is returned to them,” warns an Assistant Professor at the School of Information and Library Science at UNC-Chapel Hill.

In a new book titled The Propagandists’ Playbook, they’re warning that simple link-filled search results have been transformed by “Google’s latest desire to answer our questions for us, rather than requiring us to click on the returns.” The trouble starts when Google returns inaccurate answers “that often disrupt democratic participation, confirm unsubstantiated claims, and are easily manipulatable by people looking to spread falsehoods.”

By adding all of these features, Google — as well as competitors such as DuckDuckGo and Bing, which also summarize content — has effectively changed the experience from an explorative search environment to a platform designed around verification, replacing a process that enables learning and investigation with one that is more like a fact-checking service…. The problem is, many rely on search engines to seek out information about more convoluted topics. And, as my research reveals, this shift can lead to incorrect returns… Worse yet, when errors like this happen, there is no mechanism whereby users who notice discrepancies can flag it for informational review….

The trouble is, many users still rely on Google to fact-check information, and doing so might strengthen their belief in false claims. This is not only because Google sometimes delivers misleading or incorrect information, but also because people I spoke with for my research believed that Google’s top search returns were “more important,” “more relevant,” and “more accurate,” and they trusted Google more than the news — they considered it to be a more objective source….

This leads to what I refer to in my book, The Propagandists’ Playbook, as the “IKEA effect of misinformation.” Business scholars have found that when consumers build their own merchandise, they value the product more than an already assembled item of similar quality — they feel more competent and therefore happier with their purchase. Conspiracy theorists and propagandists are drawing on the same strategy, providing a tangible, do-it-yourself quality to the information they provide. Independently conducting a search on a given topic makes audiences feel like they are engaging in an act of self-discovery when they are actually participating in a scavenger-hunt engineered by those spreading the lies….

Rather than assume that returns validate truth, we must apply the same scrutiny we’ve learned to have toward information on social media.

Another problem the article points out: “Googling the exact same phrase that you see on Twitter will likely return the same information you saw on Twitter.

“Just because it’s from a search engine doesn’t make it more reliable.”

Read more of this story at Slashdot.

Google Files a Lawsuit That Could Kick Tinder Out of the Play Store

Google has counter-sued Match seeking monetary damages and a judgement that would let it kick Tinder and the group’s other dating apps out of the Play Store, Bloomberg has reported. Engadget reports: Earlier this year, Match sued Google alleging antitrust violations over a decision requiring all Android developers to process “digital goods and services” payments through the Play Store billing system. Following the initial lawsuit in May, Google and Match reached a temporary agreement allowing Match to remain on the Play Store and use its own payments system. Google also agreed to make a “good faith” effort to address Match’s billing concerns. Match, in turn, was to make an effort to offer Google’s billing system as an alternative.

However, Google parent Alphabet claims that Match Group now wants to avoid paying “nothing at all” to Google, including its 15 to 30 percent Play Store fees, according to a court filing. “Match Group never intended to comply with the contractual terms to which it agreed… it would also place Match Group in an advantaged position relative to other app developers,” the document states. Match group said that Google’s Play Store policies violate federal and state laws. “Google doesn’t want anyone else to sue them so their counterclaims are designed as a warning shot,” Match told Bloomberg in a statement. “We are confident that our suit, alongside other developers, the US Department of Justice and 37 state attorneys general making similar claims, will be resolved in our favor early next year.”

Read more of this story at Slashdot.

Google Launches Advanced API Security To Protect APIs From Growing Threats

Google today announced a preview of Advanced API Security, a new product headed to Google Cloud that’s designed to detect security threats as they relate to APIs. TechCrunch reports: Built on Apigee, Google’s platform for API management, the company says that customers can request access starting today. Short for “application programming interface,” APIs are documented connections between computers or between computer programs. API usage is on the rise, with one survey finding that more than 61.6% of developers relied on APIs more in 2021 than in 2020. But they’re also increasingly becoming the target of attacks. According to a 2018 report commissioned by cybersecurity vendor Imperva, two-thirds of organizations are exposing unsecured APIs to the public and partners.

Advanced API Security specializes in two tasks: identifying API misconfigurations and detecting bots. The service regularly assesses managed APIs and provides recommended actions when it detects configuration issues, and it uses preconfigured rules to provide a way to identify malicious bots within API traffic. Each rule represents a different type of unusual traffic from a single IP address; if an API traffic pattern meets any of the rules, Advanced API Security reports it as a bot. […] With the launch of Advanced API Security, Google is evidently seeking to bolster its security offerings under Apigee, which it acquired in 2016 for over half a billion dollars. But the company is also responding to increased competition in the API security segment. “Misconfigured APIs are one of the leading reasons for API security incidents. While identifying and resolving API misconfigurations is a top priority for many organizations, the configuration management process is time consuming and requires considerable resources,” Vikas Ananda, head of product at Google Cloud, said in a blog post shared with TechCrunch ahead of the announcement. “Advanced API Security makes it easier for API teams to identify API proxies that do not conform to security standards… Additionally, Advanced API Security speeds up the process of identifying data breaches by identifying bots that successfully resulted in the HTTP 200 OK success status response code.”

Read more of this story at Slashdot.