Google Appeals Watchdog That Declared It Guilty of “Search Bias”

Google has allegedly filed an appeal at the National Company Law Appellate Tribunal (NCLAT) against the Competition Commission of India’s (CCI) judgement that ruled the search giant guilty of “search bias.”

Two sources who were aware of this matter informed Reuters, and according to one of them, the appeal was filed on Monday.

The CCI had in February imposed a $20.95 million fine on Google for taking advantage of its dominance in the online search and advertising markets, stating in its 190-page judgement that, "Google was found to be indulging in practices of search bias and by doing so, it causes harm to its competitors as well as to users."

A CCI official called their judgement “robust” and said that the competition watchdog will be defending its verdict at NCLAT.

The commission had discovered that using search results from its database, Google had placed its commercial flight search function at a prominent position on the resulting search page.

The CCI ruling has brought to an end a probe started in 2012 due to complaints by matchmaking website Bharat Matrimony and Consumer Unity and Trust Society (CUTS).

This judgement is the latest anti-trust setback to the search engine company. In a similar case last year, the European Commission had imposed a €2.4 billion fine on Google for being biased towards its own shopping service and demoting its rivals.

Google Rejecting All Cryptocurrency Mining Extensions Submitted To The Chrome Web Store

Google is taking action against all Chrome extensions that incorporate a cryptographic money mining segment and is banning them from the Chrome Web Store. Up until now, Google had permitted cryptocurrency mining extensions till mining was the extension's just reason, and clients were appropriately informed about this conduct, Google's Extensions Platform Product Manager James Wagner noted in a blog post on Monday .

While the organization has no issue listing extensions with a solitary reason for straightforwardly mining digital coins in the background rather, Google has an issue with the developers uploading and posting Chrome extensions promoting one particular functionality, and furthermore furtively mining digital coins in the background without the client's assent.

In the course of recent months, there has been an ascent in virulent extensions that seem to provide useful functionality at first glance, acknowledged Wagner and this happens he further adds, while the embedded and concealed cryptographic money mining scripts keep running in the background without the user's assent.

 These mining scripts often consume significant CPU resources and can severely impact system performance and power consumption.

"Unfortunately, approximately 90 per cent of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with the company’s policy, of adequately informing users about the full behaviour of a listed extension and have been either rejected or removed from the store," Wagner adds.

Nonetheless Google is further planning to delist every current extension that mines cryptocurrency in "late June" however extensions with "block chain-related purposes other than mining" are still permitted. The ban has nothing to do with ads running mining scripts in the background, yet rather the plans and schemes related with the "unregulated or speculative financial products.”


Less Than 10% Gmail Users Enable Two-Factor Authentication

At the Usenix Enigma 2018 security conference this week, a Google software engineer revealed that only about 10% of Gmail users actually have Two-Factor Authentication enabled.

He further said that even this 10% has had trouble figuring out how SMS authentication codes work.

Two-Factor Authentication, or 2FA, is an additional layer of security that prompts users to enter an additional bit of information before they’re allowed to log in, usually codes sent via SMS or through an app like Google Authenticator.

At the question of why Google doesn’t make 2FA default, Grzegorz Milka, the above-mentioned software engineer, answered, “It’s about how many people would we drive out if we force them to use additional security,” saying that it’s about the “usability.”

According to research, people don’t use two-factor authentication because they don’t trust it and fear that their privacy will be compromised.

Experts have agreed that these fears aren’t entirely baseless as SMS authentication has a risk of interception by attackers who spoof phone numbers. However, things have become safer since Google rolled out “Google Prompt,” which offers built-in verification in Google Play services for Android and the Google app on iOS.

The company also launched a new service called “Advanced Protection Plan” for high-profile accounts which enables them to use hardware-based USB 2FA security keys instead.

Chrome Stable v17.0.963.65 addresses 14 High Severity Vulnerabilities


Google released a new version of Chrome, v17.0.963.65 addresses 14 High severity Vulnerabilities including Use-after-free in v8 element wrapper,Use-after-free in SVG value handling,Buffer overflow in the Skia drawing library,Use-after-free in SVG document handling.

Google gave reward to researcher who found vulnerabilities in Chrome;  researcher get reward from $500 to $3000.  Also google reward researcher who found bugs with $10,000.

The full details about the bug and security-flaw can be found in the official Google chrome release blog.

 "We have always reserved the right to arbitrarily reward sustained, extraordinary contributions. In this instance, we’re dropping a surprise bonus. We reserve the right to do so again and reserve the right to do so on a more regular basis! Chrome has a leading reputation for security and it wouldn’t be possible without the aggressive bug hunting of the wider community." wrote in the blog post.

If you are google chrome browser, then download the latest version and stay secure.


Google Provides Secure search(SSL encryption) for Signed in users


"Google Search will be redirected to secure google search connection(https://), if you are signed in" Google said in their official blog.  This will provide security for users search queries by SSL encryption.  They set SSL as a default connection for Gmail in January 2010, four months later they introduced secure search in this link:
https://encrypted.google.com/ 

Recently, Other Giants like Twitter, facebook also introduced the SSL support. 

As searching query is important and risky thing(especially if you are in public cafe), the google is introducing the default SSL encryption in google Search for Signed in users.  If you are signed in, the google search will be redirected to (https://www.google.com), usually it search in direct connection(http://www.google.com).

If you are not google user or not signed in, you can still use the Encrypted Search by visiting https://www.google.com directly.(Don't forget the 's')

Source:
http://googleblog.blogspot.com/2011/10/making-search-more-secure.html

Google partnered with Citizens Advice Bureau provides Online Security Tips


Google joined with Citizens Advice Bureau  and provides Online security tips with title" Good to Know".  This page gives public awareness about the Online risks and need of Security.  The topics separated as four categories namely
  • Stay safe Online
  • Your Data on Google
  • your data on Web
  • Manage your Data
Stay Safe Online:
This section provides basic Online security tips about:
  • Phishing and malware attacks(If you are reader of eHackingNews, then you might aware of it).
  • importance of Sign out(most of users fail to sign out.  if you are in public cafe, others can steal your accounts)
  • Secure Connection(https://)
  • Online shopping safety
  • 2-Step Authentication service(Mobile Authentication service that will send random authentication number, whenever you login to gmail)
  • Mobile Security
Your Data on Google:
It covers about the Google search logs and web history and more.

Your data on Web:
Basic knowledge about the Importance of cookies, accounts and IP address.

Manage Your data:
This section covers about the Google Dashboard, How to manage cookies, and more..

Good To Know is available here:
http://www.google.co.uk/goodtoknow/

Every Internet users must read this page in order to protect them self from online risks. 

Note:
If you want more security tips, you can check our Security Tips Blog: http://www.breakthesecurity.com. We have cover this topic before 6 months.  Also we have developer HashCodeCracker to check the Password Strength.