Google – Cyber Law Watch

No News is Bad News! Big digital platforms flex their influence to no avail.

Mar 03 2021

By Cameron Abbott, Michelle Aggromito and Jacqueline Patishman

After severe criticism from the Australian government and others, Facebook has reversed its initial response to the controversial news media code of banning all Australian news on its platform, now stating that news and key pages concerning public health and government will be restored (although it has not provided a deadline for when this will occur).

No news is good news…not always!

Sep 03 2020

By Cameron Abbott, Michelle Aggromito and Max Evans

The Commonwealth Government is proposing to introduce a controversial new mandatory code that intends to regulate digital platforms and their distribution of news content.

Hand Out of a Different Cookie Jar: Google to Eliminate all Third Party Cookies

Feb 26 2020

By Cameron Abbott, Max Evans and Florence Fermanis

Google is aiming to eliminate all third party cookies by 2020, according to a recent article by ABC Science.

‘Cookies’ have gained a somewhat infamous reputation beyond their sweet moniker. Third party cookies particularly are created by a party that is different to the website you are using, and are designed to help market a certain good to you as you surf across the web. Think of a pair of trousers you viewed once that now pop up in different advertisements across different websites. These are the sort of cookies Google wants to ban.

This comes amidst increasing demand by consumers for better privacy protection, according to Justin Schuh, Google’s director of Chrome Engineering.

Is your iPhone spying on you (again)?

Sep 03 2019

By Cameron Abbott and Allison Wallace

In the latest installment of this seemingly ongoing tale, Google uncovered (for the second time in a month) security flaws in Apple’s iOS, which put thousands of users at risk of inadvertently installing spyware on their iPhones. For two years.

“Hey Google, could you be used against me in court?”

Mar 13 2018

By Cameron Abbott and Allison Wallace

Smart home devices like the Google Home and Amazon Echo were popular gifts this past Christmas – just like Fitbits have been the Christmases past.

But could these smart devices that we rely on to seek out and relay information to us, turn on our favourite music, or count our calories and steps, be used to produce evidence against us, if we were to commit a crime? Read More

Tech giants scramble as gigantic vulnerability revealed

Jan 09 2018

By Cameron Abbott and Harry Crawford

In one of the largest cybersecurity scares in history, researchers revealed two CPU vulnerabilities for practically all computers manufactured in the last two decades which could allow hackers to gain access to stored data.

What Pokémon ‘needed’ to know about you

Jul 22 2016

By Cameron Abbott and Rebecca Murray

The hugely popular Pokémon GO app is at the centre of privacy and security concerns after recent media reports noted that its installation required access to a significant amount of users’ personal information. This prompted Australian Privacy Commissioner, Timothy Pilgrim to make enquiries with the developer of the app, Niantic Labs, to “ensure the personal information of users is being managed in accordance with the Australian Privacy Act.” Read the OAIC statement here.

Available on iOS and Android platforms, the smash-hit game uses augmented reality technology and your smart-phone GPS and camera to display fictional Pokémon which users then aim to find and capture.

Privacy concerns arose after users noted that installing the iOS version of the app required full access to users’ Google accounts. In response, Niantic Labs reported that the access was requested erroneously and that Google would reduce Pokémon GO’s permission to only the basic profile data that it needs. Niantic and Google have since corrected the permissions. Read Niantic’s statement here.

Commissioner Timothy Pilgrim warned that the security scare was a “timely reminder that people need to read the privacy policies of all smartphone apps before signing up. This way people can make an informed decision about if they want to use an app.” However, we will wager that 99% of people just click “accept”.

Hacked accounts anyone?

May 09 2016

By Cameron Abbott and Giles Whittaker

Have you been hacked? If you are the user of a Google, Yahoo or Microsoft e-mail account then it is a possibility. Alex Holden, the founder and Chief Information Officer of Hold Security who discovered the hack has identified 272.3 million account credentials have been stolen. The majority of these accounts are users of Mail.ru which is Russia’s most popular e-mail service.

57 million Mail.ru account credentials had been hacked and Mail.ru “are now checking any combinations of usernames/passwords match users’ e-mails and are still active”, from initial checks there were no live combinations.

Google and Yahoo are yet to provide any response.

This recent hack, which was performed by a young Russian hacker who is more determined to become famous than rich from his recent efforts after only asking for 50 roubles (less than $1) for the entire dataset, is one of the biggest collection of stolen credentials since the attacks on major US banks and retailers two years ago. The information which was stolen, as suggest by Holden in an interview with Reuters is “potent [and] it is floating around in the underground…which can be abused multiple times.”

Some of the stolen credentials include those for employees of large US banking, manufacturing and retail companies. When considering that 22 percent of big data breaches come from stolen online credentials (according to a recent survey of 325 computer professional) and hacks of this nature typically allow for further break-ins or phishing attacks by accessing the contacts of each hacked account, the domino effect of a hack such as this is substantial. Furthermore, individuals that like to re-use their preferred passwords across multiple accounts have exposed themselves to additional hacks.

So what is the take away message? According to Will Harwood, founder and Chief Technology Officer of Silicon SAFE, the solution as he told Infosecurity is to put the “password data in a dedicated hardware supported database that only allows data to be stored and compared, never revealed.”

For more of Will Harwood’s security suggestions and the Infosecurity article click here.

To read more about Alex Holden’s discovery of the Russian hacker click here.

Gone in a ‘Flash’ – Google ditches Adobe for HTML5

Feb 17 2016

By Cameron Abbott and Meg Aitken

Google has recently announced a plan to shift away from displaying ads built using Adobe Flash Player, instead opting for the HTML5 platform.

While the Adobe Flash plug-in technology has arguably been the premier tool for producing interactive media and animated video displays for some time, it has been criticised for employing inadequate security controls, leaving it susceptible to attacks by malware hackers.

Even Adobe itself is aware of the superior capabilities of HTML5. Adobe attempted to respond to the shift away from plug-in technology last year by rebranding the Flash Player and launching the ‘Animate CC’, which was touted as “Adobe’s premier web animation tool for developing HTML5 content while continuing to support the creation of Flash content”.

Google’s not sold, and has been blogging to encourage advertisers to convert their Flash Player ads HTML5 in order to influence a wider audience for some time, even providing ‘how to guides‘. From 30 June 2016, Google will no longer allow advertisers to upload new display ads built using Adobe Flash, and from January 2017, all ads built in the Adobe Flash format will not be supported by Google.

Access Google’s update here.

Tag:Google