Google

Google stored some passwords in plain text for 14 years

/ mbenlawson / Leave a comment

This is an interesting admission by the team at Google.  Though they have not confirmed the number of affected enterprise customers, I know it least one local organization that was contacted by Google concerning this unintentional data leak.  Fortunately, that organization had ceased using the service some time ago.

It does appear that Google has remediated the problem.  That said, any potentially affected organization should address password reuse and other related opportunities to mitigate the risk.

https://nakedsecurity.sophos.com/2019/05/23/google-stored-some-passwords-in-plain-text-for-14-years/

Safer browsing coming soon to MacOS Chrome users

/ mbenlawson / Leave a comment

It’s about time Google decided to care about those of us who choose to browse the Internet from a Mac.  In all seriousness, long gone are the days when Mac users can live under the security blanket of obscurity, fueled by the assumption that no one bothers to write viruses for MacOS.  The threat of infection is real and so should be the tools we use to defend against it.

https://nakedsecurity.sophos.com/2018/03/07/safer-browsing-coming-soon-to-macos-chrome-users/

Google collects Android users’ locations even when location services are disabled

/ mbenlawson / Leave a comment

I honestly do not know where to begin with this article.  I believe the most logical place to start is I have no doubt similar problems may exist within devices from other mobile operating systems.  I doubt this is exclusively an Android or Google problem.  That said, it is deeply concerning, especially given the data collection and sharing process going on in the absence of even an active SIM card.

I am not advocating for the mass production of tin foil hats, but I will say this.  If you have your smartphone with you, you are most certainly never alone.

https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/