To enhance privacy and security, Google will automatically deploy two-factor authentication for all eligible users, display iOS-style privacy labels on the list of Android apps, and more for users. Announced a number of internal changes.
“Today, I would like to ask those who have joined. Two-step certification (2SV) Every time you sign in, you can be sure you’re really them, just by tapping from the Google prompt on your phone, “the company said. Said.. “If the account is properly configured, we will soon start auto-registering users with 2SV.”
Google Play to get an Apple-like privacy label
The Google Play Store for Android has also undergone a major overhaul in terms of privacy.Search giant said it plans to include new ones Safety section The type of data collected and stored, such as approximate location and exact location, contacts, personal information, photos and videos, audio files, and data, whether to provide app functionality or personalize. For app lists or ads that emphasize how to use.
Transparency measurements of how the app uses the data reflect a similar push by Apple deployed. Privacy label Held on the App Store in December 2020, it aims to condense how to collect data for your app in an easy-to-understand and user-friendly format.
Interestingly, enforcement goes beyond the privacy-oriented nutritional information attached to each app entry. The change requires app developers, including Google, to provide information about whether their apps comply with security practices such as data encryption. Google policy Describe your children’s apps and games, why certain data is collected, or if users have the option to opt out of data sharing.
Another important difference is that this section also highlights whether an independent third party has reviewed the app’s privacy label and whether users can request deletion of data if they decide to uninstall the app. Is to be done.
Third party verification seems to be a transition to Opposition criticism It’s like Apple faced because it didn’t scrutinize apps that provide “misleading or completely inaccurate” labels. The changes will take effect in the second quarter of 2022.
Google debuts Cosign to validate container images
Earlier this March, Google, the Linux Foundation, and Red Hat released the following tools: Sigstore It protects the software supply chain by allowing developers to sign the code, and allows users to validate the code and prevent software supply chain attacks such as: Dependency confusion..
Now the company Expanding With that effort CosineSimplifies signing and validation of container images, resulting in users being prey to typo squatting attacks or “receiving malicious images when the distroless build process is compromised”. A new command line tool aimed at preventing.
Google Chrome gets hardware exploit protection
That’s not all.Tuesday google clearly It Chrome 90 for WindowsReleased on April 13, 2021, it features a new Windows 10 security feature called “”.Hardware stack protection“Protects the memory stack from arbitrary code execution attacks.
“Enabling hardware-enhanced stack protection makes it more difficult and expensive for attackers to exploit, combined with existing and future measures,” said Alex Gough of the Chrome Platform Security team. It states.
4 major privacy and security updates from Google you should know
http://feedproxy.google.com/~r/TheHackersNews/~3/ops3M_DSsh0/4-major-privacy-and-security-updates.html 4 major privacy and security updates from Google you should know