google Archives - Page 3 of 5 - Chipp.in Tech News and Reviews

Google Needs to Strengthen Ad Security After Latest Malvertising Incident

Posted on January 20, 2025January 20, 2025 by Martin Brinkmann

A recent incident has shown another security vulnerability in Google’s advertising platform: advertisers can display URLs of legitimate websites in their ads while redirecting clicks to malicious destinations.

This deceptive practice has recently been exploited in a concerning incident. Here is what happened.

The popular macOS package manager Homebrew became the target of cybercriminals in a sophisticated phishing campaign. Developer Ryan Chenkie discovered a fraudulent website being promoted through Google Ads that impersonated the official Homebrew platform.

The attackers employed a classic typosquatting technique, registering the domain “brewe.sh” to mimic Homebrew’s legitimate domain “brew.sh.”.

The cybercriminals booked ads on Google’s advertising platform to lure unsuspecting users into their trap. While the target URL was different, the ad on Google Search showed the address of the legitimate website to searches.

In other words: A glance at the address would show the correct address to searchers. A click on the ad, however, would load the malicious website instead.

The fraudulent site was professionally designed to appear identical to Homebrew’s official website. However, instead of providing legitimate software, it distributed malware through compromised cURL downloads. According to reports, the malware specifically targeted user passwords.

The main takeaway for users: do not trust the address, title, or ad text that Google displays on Google Search. Better yet, use a content blocker to get rid of these ads entirely.

Google has apparently reacted to this particular ad and plans to “stop similar patterns in the future”.

Closing Words

One of the main problems of advertisement on the Internet is that it is regularly abused by cybercriminals. Even Google, with all its money that it earns from advertising, seems uncapable of putting an end to this abuse.

It is a trust issue and the only way of protection is to use content blockers. The added benefit of this is that users save potentially gigabytes of data each month,, speed up browsing on the Internet and improve your privacy.

This is why my website does not have any ads. You can still support me though, for instance by subscribing to my newsletter here.

Google’s proposal for avoiding breakup of company is bad news for Mozilla

Posted on December 21, 2024December 21, 2024 by Martin Brinkmann

You may recall that Alphabet is currently under investigation in the United States and that a potential breakup of the company is looming over the company’s head.

Suggestions include selling of Google Chrome and Android, or separating the ad business are all on the table.

The Verge reports that Alphabet has made a counteroffer. Clearly, the company does not want a splitting-up. The counteroffer does not include the splitting up of any company services or products.

Instead, Alphabet suggests the following remedies:

Browser companies should get more flexibility and the ability to change default providers every 12 month period.
Android device makers should also get more flexibility and options to preload any apps.

The first suggestion affects Mozilla and Apple for the most part. Both have search deals in place with Google that give them millions or billions each year for making Google Search the default search engine on their respective platforms.

With Google’s suggestions, Mozilla could sign search engine deals for different platforms. It might not be that beneficial to Mozilla, however, as there are not many search engine companies out there with the financial power to agree to deals.

In fact, Microsoft with its Bing search engine may be the only one that might be a potential partner.

To make matters worse, it may also give Google more of a bargaining chip when brokering deals with the organization.

For Android, device manufacturers would have more freedom to launch their devices with multiple search engines or apps. Google is enforcing certain rules right now, if device manufacturers want to include the company’s apps on their devices.

Closing Words

Google would retain control over all of its properties, if its proposed remedies would be found acceptable. Chrome or ads, for instance, are not even mentioned by Google.

What do you think of this? Should Alphabet be broken up? Feel free to leave a comment down below.

Google Search could soon analyze files you upload to answer questions

Posted on December 17, 2024December 17, 2024 by Martin Brinkmann

Google Search has been the major search engine in most regions for a long time. While it has changed a lot under the hood in that time, it is still used by many as the main tool for searches.

AI is threatening Google’s search dominance. While it is too early to tell how good AI-based search engines will be in comparison, Google is clearly aware of the danger.

To counter this threat, Google has started to push AI into Google Search. The main user-facing feature is AI Overviews, which displays a summary based on a user’s search query at the very top of the search results.

It works similarly to how Brave Search and other search engines display AI-generated results at the top. Verdict is still out on the usefulness of the solution.

File uploads

Soon, Google users might also be able to upload files directly on Google Search to ask questions about the uploaded file. Upload a financial report, and you might ask questions about it once Google has processed the file.

This is not a new feature, considering that several AI solutions can do the same already. Even Google has a very basic file upload feature baked into search already. You can upload an image to Google Images to find out matching images online. While no AI is involved, it at least highlights that Google has the technology in place already.

X user Khushal Bherwani published an image and a short video that shows the new feature in action. It seems to work as one might expect: you activate the file upload button on Google Search, pick a file that you want analyzed, and hit the upload button.

It is likely only available for certain file types. The video shows that the feature is not complete at this point. The upload appears to have worked in the video, but Google Search did not answer the question that the user asked about the file.

Closing Words

It remains to be seen if the feature will roll out to more users in the coming months or if it gets pulled before release. There is also the question of its usefulness and whether users feel comfortable uploading files to Google.

What is your take on the feature? Would you upload files to Google to get the chance to ask an AI question about it? Feel free to leave a comment down below.

Android may soon warn you when you download a low quality app

Posted on November 26, 2024November 26, 2024 by Martin Brinkmann

Is the app any good? This is probably one of the first questions that come to mind when you stumble upon a new app.

User reviews and ratings, as well as other information, such as the developer’s history of application releases, only help that much.

Google appears to be working on a new Google Play feature for Android that may warn users about apps before the download is started.

A report by Android Authority suggests that Google is working on such a feature. A deep-dive into the lastest release brought the information to light, according to the site.

So, how is Google going to determine if an app is low quality? Messages baked into the app give clues:

This app is frequently uninstalled compared to similar apps on Play
Play has limited user data about this app
This app has few active users compared to others on Play

Android Authority says that the messages will be displayed on an application’s “details page” on the Play Store. In other words, Google won’t display popups that warn users about a potentially low quality app.

The messages cover several scenarios. The first looks at uninstalls. If an app gets more uninstalls than comparable apps, it may be considered low quality by Google.

The second is for new apps. If Google Play has little data about the app, it may warn users. This does not necessarily mean that an app is low quality. All apps start with zero installs and reviews after all.

The third looks at user activity while the app is installed. If it is lower than that of comparable apps, Google may also show a warning.

There may be others, but that is all that Android Authority could extract from the latest Play Store APK file.

No clear definition of low quality

There is no strict definition of low quality. That is likely the reason why Google is not showing popups about certain apps, but adding information to the application’s page on Google Play instead.

Especially new apps cannot be judged by common metrics. They have no or only a few reviews or ratings, and the lack of users makes other metrics, such as user engagement, also difficult to use.

Still, the information that Google provides may be useful in a user’s decision making process.

What is your take on Google’s plan? Do you think it is useful? Feel free to leave a comment below.

Will Google be forced to sell its Chrome web browser?

Posted on November 19, 2024November 19, 2024 by Martin Brinkmann

Google could be forced to sell of the company’s Chrome web browser and be required to make changes to other company products and services, including Android and AI.

Bloomberg reports that Justice Department antitrust officials will ask a judge to force Alphabet Inc to make the changes. The same judge ruled in August that Google has monopolized the search market illegally.

Why Chrome? According to Bloomberg, Chrome is the entry point for many interactions with Google Search. It is the default search engine on Chrome and most users keep it that way. Chrome is also a powerful weapon for Google to understand what users are searching for and what they do on the Internet.

Lastly, Google is using Chrome to support or promote other products and services. AI will play a much bigger role in the future, and what better way than Chrome to get it in from of hundreds of million of Chrome users.

Google may also be forced to “uncouple its Android smartphone operating system from its other products”. This includes search and Google Play.

Bloomberg says that the government has options to remove Chrome from the deal if Google makes other changes that “create a more competitive market”.

The judge planned for a two-week hearing in April 2025 and a final verdict by August 2025. Google already said that it is going to appeal the verdict.

Closing Words

The forced sale of Chrome and some of the other changes would have a major impact on Google’s business. With Chrome sold, it might have to broker a deal with the company that acquired the browser to make Google Search the default search engine. Considering that it pays millions to Mozilla and billions to Apple for that, it would probably cost Google a lot to remain Chrome’s default search engine.

The final verdict is less than a year away, but that won’t be the end of it. Google will appeal, which means that it could years before anything comes out of it.

What is your take on this? Should Google be forced to sell Chrome or make changes to any of its other services or products?

Google Messages: new protections may cause issues for some

Posted on October 23, 2024October 23, 2024 by Martin Brinkmann

Google announced a range of new security features for its messaging app and service Google Messages.

Google says that the service is used by more than 1 billion users per day and that it filters out 2 billion suspicious messages each month already.

Good to know: the improvements roll out over time and some are currently available for Beta users in select markets. Others will be launching later this year or next year.

Here is what is getting improved:

Better protections against scam messages, starting with package delivery and job scams.
Improved protections against potentially dangerous links.
Option to turn off messages from unknown international phone numbers.
Option to turn on Sensitive Content Warning to blur images that may contain nudity.
Verification option to confirm the recipient or sender of messages. (next year).

Some of these may require additional explanations.

Google Messages gets improved message and link scanning protections. The first “will automatically move the message into your spam folder” or display a warning. Google says that it is using on-device algorithms to identify scams, which means that the information never leaves the device by default.

Issue: False positives may move legitimate messages into the spam folder. If you are waiting for such a message, but have not received it, you may want to check the spam to make sure it was not improperly classified as a scam by Google.

For links, Google is using two classifications.

Links from unknown senders display a warning.
Links from suspicious senders blocked automatically.

Controls to turn off messages from unknown senders sounds like a good idea. It is, for most users. It may be problematic if you receive messages regularly from users from other countries.

Issue: If you travel a lot, you may receive messages regularly. If you enable this feature, you may want to check the “Spam & blocked” folder, as they are moved there automatically when the feature is enabled.

Closing Words

Most users will benefit from the new features and options. While it may take months or even longer for them to roll out to all Android users who use Google Messages, they will arrive eventually.

For some users, these protective features may introduce issues, as some legitimate messages or message attempts will be moved to spam or blocked outright.

Now you: what is your take on the new functionality? Do you use Google Messages at all, or do you prefer a different kind of messaging system? Feel free to leave a comment down below.

Google services dominated web tracking last year

Posted on September 25, 2024September 25, 2024 by Martin Brinkmann

When it comes to user tracking on the Internet, Google continues to have a firm hold on the top positions. Kaspersky released its annual web tracking report for the past year.

The data comes from a Do Not Track plugin that Kaspersky uses in its software products. It is designed to prevent different forms of tracking, but is disabled by default.

The key findings:

Google dominates tracking on the Internet.
Other companies that track users are Microsoft, Amazon, and Yahoo.

Note: The data comes from products from a single company. It may not reflect the monitoring landscape as accurately as possible because of that.

Google’s dominance becomes clear when you look at regional tracking. Here in Europe, Google Display & Video 360, and Google Analytics are the dominating trackers with an exposure of 17.27% and 11.93%. Third-placed Amazon sits at 9.13% and fourth placed Criteo at 6.80.

Then it is Google again with YouTube Analytics (5.65%), Microsoft with Bing (5.33%) and Google again with Adsense (5.23%).

In North America, it is again Google Display & Video 360 (16.84%) that dominates. Amazon is second this time (9.08%), but then it is Google again with Analytics (8.42%). Google is also placed fifth and sixth in North America.

The situation is similar in other regions. In Latin America, Google holds the first three spots and the fifth. In the Middle East, Google holds the first four spots. In Africa, it is the top three and the sixth.

It is interesting to note that some Google services lost eyes on users compared to the year before in many regions. Growth was limited to East Asia and Commonwealth of independent states. Google’s monitoring declined in all other regions, but it still dominates by a large margin.

Google Adsense and YouTube Analytics are the two exceptions. They managed to increase significantly in nearly every region.

You can check out the entire report on the Secure List website.

How do you protect yourself from tracking? Do you run content blockers? Other options? Feel free to leave a comment down below.

Oh look, Google ads are again used to scam Google Search users

Posted on August 19, 2024August 19, 2024 by Martin Brinkmann

Threat actors have launched another malvertising campaign on Google Search. While that is not really anything to write about anymore in this day and age, this time is special.

Not only did the threat actors manage to plant scam ads on Google, they did furthermore impersonate Google’s entire product line and used Google domains for the scams. If that is not something to write about.

The story comes from Malwarebytes. Security researchers at Malwarebytes discovered the campaign.

Here are the details:

The campaign was run on Google Search.
The threat actor used Google’s Looker Studio service to show the google.com domain as the address.
The ads targeted Google {product}, e.g., Google Translate or Google Flights.

Even after Malwarebytes reported the ads to Google, ads that impersonated official Google products continued to show up on Google Search.

Locker Studio is a service by Google that creates “interactive dashboards and beautiful reports” from data.

The scammers used the service to display a copy of the Google Search homepage. The homepage is just an image with a hidden link. When the victim clicks on the image, the link is triggered.

The user is then redirected to fake Microsoft or Apple alert pages. These go into full screen mode and play a recording according to Malwarebytes. The alerts suggest that something is not right.

They display a number to call for support and also a form to type the Microsoft account name and password.

Calls land in overseas call centers that try to scam the callers into purchasing gift cards or logging into their bank accounts to pay for the support.

The URL used in this case is on a Microsoft Azure domain, which is designed to instill further trust.

Closing Words

There is not much to like about ads nowadays. They slow down web browsing, use additional bandwidth, collect data about users, and may be distracting. If that is not enough, they may also push ads, as seen over and over again.

The only thing that is positive about ads is, in my opinion, that they allow certain services or publications to exist. There are not viable alternatives. While subscriptions are picking up, this won’t work for everyone as users seem to be fed up already with the ever increasing list of services that is asking for a monthly or yearly payments.

More safeguards need to be in place to prevent blatant abuses like the one discovered by Malwarebytes.

What is your take on this? Feel free to leave a comment down below.

Brand Love: Google’s unethical attempt to get only positive Pixel reviews

Posted on August 18, 2024August 18, 2024 by Martin Brinkmann

Influencers play an important role in marketing today. They tend to have a certain reach that makes cooperations with them attractive to companies.

It should not come as a surprise that influencers get offers to test devices. Companies send them the devices free of charge in the hope that they get a review by the influencer in question.

This cooperation should not come with any requirements, or only light requirements, such as disclosing that the device was not paid for.

Reports suggest that Google has altered the terms for influencers recently. To get a new Pixel device for testing, influencers had to acknowledge and agree to the following:

By opting into this program, do you acknowledge that you are expected to feature the Google Pixel device in place of any competitor mobile device? Please note that if it appears other brands are being preferred over the Pixel, we will need to cease the relationship between the brand and the creator.

In other words, Google tried to influence reviews of influencers with the new terms.

At least some YouTubers who joined “Team Pixel” in the past have quit citing that the new terms were not giving them the editorial freedom that they needed and their audiences deserved.

The Verge asked Google about the new terms and Google said that they “missed the mark” and that “it has been removed”.

Still, the agreement was in place for a time and it seems likely that the participating influencers would make sure that their reviews and takes on the new Pixel devices would not violate it.

All in all, it is a new low. It is good to see that some influencers decided to quit the program because of the changes.

Do you check out what creators or influencers have to say about a certain device before you make a buying decision? Or do you get your information from elsewhere instead? Feel free to leave a comment down below.

A first look at Google’s new Weather app

Posted on August 16, 2024August 16, 2024 by Martin Brinkmann

Google announced several new Pixel devices this week as well as new AI and services, some of them exclusive at the time of writing.

The company’s main announcement on its official The Keyword website focuses more on software and services, and less on the hardware of the Pixel devices.

Among the new features is a “better weather app” that uses AI to give “super accurate weather forecasts” and “custom AI weather reports”.

The app is available for Pixel devices, but APK files are available already that can be installed on non-Pixel Android devices. The main restriction is that it requires Android 14.

Some of the advertised features, mostly those linked to KI, do not appear to work at the time of writing. I tried the app on a Samsung Galaxy A55 5G device and it worked. Other users claimed that the app was crashing on them, which some fixed by clearing the cache.

The app is basic at the time of writing and on non-Pixel devices. Weather data comes from weather.com.

You can add multiple locations to it and every location is shown on the startpage. A tap opens more details for the selected location.

Here you get:

Warnings
Hourly Forecast
10-day Forecast
Sunrise & Sunset
Wind speed and direction
UV Index
Air Quality Index (for some locations)
Visibility
Humidity
Pressure.

You can move the items around using drag & drop.

It lacks the weather background for the selected location and the weather map.

A tap on 10-day Forecast opens another page with additional details for the selected day and the period as a whole.

The app has a few widgets that you can place on the screen. At least one of is dynamic, but there are others that you may display.

I have not received any notifications, warnings, or AI reports at the time of writing. Maybe that is reserved for Pixel devices or accounts that are subscribed to Google Gemini in one form or another.

Closing Words

Google’s new Weather app is limited when you run it on a non-Pixel 9 device. It is likely that it may come to older devices, but that some features, mostly those powered by AI, may not come to older devices.

You can download the latest version from APK Mirror to give it a try.

Do you use a weather app on your mobile devices? If so, which app do you use and why? Feel free to leave a comment down below.