Categories
AI

Google is using AI to help users explore the topics they’re searching for — here’s how

“Can you get medicine for someone at the pharmacy?”

It’s a simple enough question for humans to understand, says Pandu Nayak, vice president of search at Google, but such a query represents the cutting-edge of machine comprehension. You and I can see that the questioner is asking if they can fill out a subscription for another person, Nayak tells The Verge. But until recently, if you typed this question into Google, it would direct you to websites explaining how to fill out your prescription. “It missed the subtlety that the prescription was for someone else,” he says.

The key to delivering the right answer, says Nayak, is AI, which Google is using today to improve its search results. The prescription query was solved in 2019, when Google integrated a machine learning model called BERT into search. As part of a new generation of AI language systems known as large language models (the most famous of which is OpenAI’s GPT-3), BERT was able to parse the nuances of our prescription query correctly and return the right results. Now, in 2021, Google is updating its search tools yet again, using another acronymized AI system that’s BERT’s successor: MUM.

Originally revealed at Google I/O in May, MUM is at least 1,000 times bigger than BERT, says Nayak; on the same order of magnitude as GPT-3, which has 175 billion parameters. (Parameters being a measure of a model’s size and complexity.) MUM is also multimodal, meaning it processes visual data as well as text. And it’s been trained on 75 languages, which allows the system to “generalize from languages where there’s a lot of data, like English, to languages where there’s less data, like Hindi,” says Nayak. That helps in ensuring that any upgrades it provides are spread across Google’s many markets.

A new feature rolling out in the coming months named “Things to know” will use AI to help users explore topics related to their searches.
Image: Google

Nayak speaks of MUM with pride, as the latest AI wunderkind trained in Google’s labs. But the company is also cautious. Large language models are controversial for a number of reasons. They’re prone to lying, for example — as happy writing fiction as fact. And they’ve been shown time and time again to encode racial and gender biases. This is a problem that Google’s own researchers have highlighted and been shot down for doing so. Notably, Google fired two of its top ethics researchers, Timnit Gebru and Margaret Mitchell, after they co-authored a paper highlighting problems with exactly this technology.

For these reasons, perhaps, the changes to search that Google is launching are relatively restrained. The company is introducing three new features “in the coming months,” some powered by MUM, each of which is ancillary to its search engine’s primary function — ranking web results. But Nayak says they’re just the tip of the iceberg when it comes to Google’s ambitions to improve its products with AI. “To me, this is just the start,” he says.

First, though, the features. Number one is called “Things to know” and acts as an advanced snippet function, pulling out answers to predicted questions based on user’s searches. Type in “acrylic painting,” for example, and “Things to know” will automatically generate new queries, like “How do you use household items in acrylic painting.” Nayak says there are certain “sensitive queries” that won’t trigger this response (like “bomb making”) but that most topics are automatically covered. It will be rolling out in the “coming months.”

The second new feature suggests further searches that might help users broaden or refine their queries. So, with the “acrylic painting” search above, Google might now suggest a narrower focus, like “acrylic painting techniques,” or a broader remit, like “different styles of painting.” As Nayak puts it, Google wants to use AI’s ability to recognize “the space of possibilities within [a] topic” and help people explore variants of their own searches. This feature will be available immediately, though it is not powered by MUM.

The third new feature is more straightforward and based on video transcription. When users are searching for video content, Google will use MUM to suggest new searches based on what it hears within the video. Nayak gives the example of watching a video about Macaroni penguins and Google suggesting a new search of “Macaroni penguin life story.” Again, it’s about suggesting new areas of search for users. This feature will launch on September 29th in English in the US.

In addition to these AI-based changes, Google is also expanding its “About This” feature in search, which will give new information about the source of results. It’s also bringing its MUM-powered AI smarts to its visual search tech, Google Lens.

Google will give users new option to “refine” or “broaden” their search — using MUM to explore related topics.
Image: Google

The change to search is definitely the main focus, but what’s interesting is also what Google isn’t launching. When it demoed MUM and another model LaMDA at I/O earlier this year, it showed off ambitious features where users could literally talk to the subjects of their searches, like the dwarf planet Pluto, and ask them questions. In another, users asked expansive questions, like “I just hiked Mt. Adams, I want to hike Mt. Fuji in the fall. What should I do differently?” before being directed to relevant snippets and web pages.

It seems these sorts of searches, which are rooted deeply in the functionality of large language models, are too free-form for Google to launch publicly. Most likely, the reason for this is that the language models could easily say the wrong thing. That’s when those bias problems come into play. For example, when GPT-3 is asked to complete a sentence like “Audacious is to boldness as Muslim is to …,” nearly a quarter of the time, it finishes the sentence with the word “terrorism.” These aren’t problems that are easy to navigate.

When questioned about these difficulties, Nayak reframes the problems. He says it’s obvious that language models suffer from biases but that this isn’t necessarily the challenge for Google. “Even if the model has biases, we’re not putting it out for people to consume directly,” he says. “We’re launching products. And what matters is, are the products serving our users? Are they surfacing undesirable things or not?”

But the company can’t completely stamp out these problems in its finished products either. Google’s Photo app infamously tagged Black people as “gorillas” in one well-known incident, and the sort of racial and gender-based discrimination present in language AI is often much more subtle and difficult to detect.

There’s also the problem of what the shift to AI-generated answers might mean for the wider future of Google search. In a speculative paper published earlier this year, Google’s researchers considered the question of replacing search altogether with large language models and highlighted a number of difficulties with the approach. (Nayak is definitive that this is not a serious prospect for the company: “That is absolutely not the plan.”)

And there’s also the consistent grumbling that Google continues to take up more space in search results with its own product, shunting searches to Google Shopping, Google Maps, and so on. The new MUM-powered “Things to know” feature certainly seems to be part of this trend: filleting out the most informative search results from web pages, and potentially stopping users from clicking through, and therefore sustaining the creator of that data.

Nayak’s response to this is that Google delivers more traffic to the web each year and that if it doesn’t “build compelling experiences” for users, then the company “will not be around to send traffic to the web” in the future. It’s not a wholly convincing answer. Google may deliver more traffic each year, but how much of that is just a function of increasing web use? And even if Google does disappear from search, wouldn’t other search engines pick up the slack in sending people traffic?

Whatever the case, it’s clear that the company is putting AI language understanding at the heart of its search tools — at the heart of Google, indeed. There are many open questions about the challenges of integrating this tech, but for now, Google is happy to continue the search for answers of its own.

Repost: Original Source and Author Link

Categories
Game

Epic Games Store will randomly ask users to rate games to prevent review bombing

has added a long-awaited feature to its store: user ratings. The company that only those who have played a game for at least two hours will be able to rate it on a five-star scale. Not everyone will be able to rate a game either. Epic will randomly offer players the chance to score a game after they finish a play session. The company believes this approach will prevent and make sure ratings are from people who are actually playing the games.

An overall rating will be calculated based on players’ scores and this will appear on a title’s page. The aim, of course, is to help users figure out whether a game’s worth playing. Store pages already featured critics’ reviews to help folks make a decision about whether to buy or download something.

Epic says it likely won’t ask for ratings on every game or app and the randomization approach will help it avoid spamming players. That seems like a good call. It’s a little annoying, for instance, that Microsoft asks for feedback after every Xbox Cloud Gaming session.

Polls on Epic Games Store

Epic Games

In addition, Epic may ask you to answer a poll after a game session. There’s a broad range of questions, including the likes of whether a game is better to play with a team or how challenging the combat is. 

Epic will use data from polls to create tags for store pages. Eventually, tags will be used on category pages and to create tag-based categories for the home page. The idea is to improve discoverability and help people gain a better understanding of what to expect from a game. 

Separately, Epic is a set of cross-play tools for developers. Epic Online Services an overlay that can merge Steam and Epic Games friends lists and help players find their buds, send friend requests and hop into multiplayer sessions with cross-platform in-game invites.

Epic has broader ambitions for support beyond Steam. It’s working to support other PC launchers, as well as macOS and Linux. It will add cross-play tools for consoles and mobile to the SDK further down the line. Several of Epic’s own games — including Fortnite, Rocket League and Fall Guys: Ultimate Knockout — have full cross-play support.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Security

Anonymous bulletin board app Yik Yak is revealing its users’ exact locations

Yik Yak, an app that acts as a local anonymous message board, makes it possible to find users’ precise locations and unique IDs, Motherboard reports. A researcher who analyzed Yik Yak data was able to access precise GPS coordinates of where posts and comments came from, accurate within 10 to 15 feet, and says he brought his findings to the company in April.

First launched in 2013, Yik Yak was popular on college campuses, where it was often used to gossip, post updates, and cyberbully other students. After waning relevance and failed attempts at content moderation, the app shut down in 2017, only to rise from the dead last year. In November, the company said it had passed 2 million users.

Motherboard spoke with David Teather, a computer science student based in Madison, Wisconsin, who raised the security concerns to Yik Yak and went on to publish his findings in a blog post. The app shows posts from nearby users but displays only approximate location, such as “around 1 mile away,” up to five miles, to give users a sense of where in their nearby community updates are coming from.

Though Yik Yak promises anonymity, Teather points out that combining GPS coordinates and user IDs could de-anonymize users and find out where people live since many are likely to be using it from home and the data is accurate to within 10 to 15 feet. That combination of information could be used to stalk or watch a particular person, and Teather mentions that the risk could be higher for people living in rural areas where homes are more than 10 to 15 feet apart because a GPS location could narrow a user down to one address.

As Motherboard reports, the data is accessible to researchers like Teather, who know how to use tools and write code to extract information — but the risk was real enough to prompt Teather to bring it to Yik Yak’s attention.

“Since user ids are persistent it’s possible to figure out a user’s daily routine of when and where they post YikYaks from, this can be used to find out the daily routine of a particular YikYak user,” Teather writes. He listed other ways the data could be abused, like finding out where someone lives, monitoring users, or breaking into someone’s home when they’re not there.

Yik Yak did not respond to a request for comment from The Verge.

According to Motherboard, the latest version of the app released by Yik Yak no longer exposes precise location and user IDs, but Teather says he can still retrieve that information using previous versions of the app.

“If YikYak did take this more seriously they would restrict these fields from being returned and break older versions and force users to upgrade to a newer version of the app,” he wrote in the blog post.



Repost: Original Source and Author Link

Categories
Security

Phishing attack pop-up targets MetaMask users visiting popular crypto sites

As if this week weren’t bad enough for many cryptocurrency owners, with stablecoins crashing and Coinbase suffering an outage at a particularly bad time, now they’ve reportedly been targeted by a new phishing attack. As reported by CoinDesk and The Block Crypto, sites including Etherscan, CoinGecko, and DexTools all warned users that they were aware of suspicious popups appearing for visitors, and advised them not to confirm any transactions based on popups.

Like many recent phishing attacks, this one appeared to promise a link to the Bored Ape Yacht Club project, with an ape skull logo and a (now-disabled) nftapes.win domain. It prompted users to connect their MetaMask wallets (a software cryptocurrency wallet that enables access on your phone or via a browser extension) to use on the site, and since it was appearing on domains that many people trust and use every day, they may have fallen for it and given it access.

Last November, the security company Check Point Research identified a phishing attack that used Google Ads that would either attempt to steal someone’s credentials or trick them into logging into the attacker’s wallet so that it would receive any transactions they attempted. In February, a phishing attack stole $1.7 million worth of NFTs from OpenSea users, while a more recent attempt via Discord only snagged $18,000 worth of tokens.

Etherscan said it has disabled third-party integrations for the time being. A tweet from CoinGecko identified the source of the malicious popup as Coinzilla, an industry advertising network that told customers it could deliver over 1 billion impressions per month across more than 600 reputable sites popular with crypto enthusiasts.



Repost: Original Source and Author Link

Categories
Security

Signal launches in-app sustainer program to accept donations from users

Secure messaging app Signal has launched a new feature that allows users to make donations within the app, the company announced. As a nonprofit, Signal doesn’t receive financial support from any advertisers or shareholders, a new blog post notes, and relies on users for donations.

Users can choose to make monthly donations, or one-off contributions within the app using Apple Pay or Google Pay, and their payment information won’t be associated with a user’s Signal account, according to the blog post, as the company will use the same anonymous credential scheme it uses for private Signal groups:

Clients make payments and then associate a badge to their profile such that the server can authenticate the client is in the set of people who made a payment, but doesn’t know specifically which payment it corresponds to.

Long a popular messaging app for people who want to secure their text messages, earlier this year, Signal began adding some of the more consumer-friendly features that other messaging apps have had for a while, like stickers and wallpapers.

To donate to Signal, users can choose from three different sustainer levels, at $5, $10, or $20, each with its own badge. Sustainer subscriptions will only renew if a customer uses Signal during the course of a month; if you uninstall or stop using the app, the payments will be canceled before the next cycle to “eliminate the ‘dark pattern’ of subscriptions you’ve forgotten about,” the company said. Signal plans to add support for additional payment methods in the future.

Repost: Original Source and Author Link

Categories
Computing

The Best Gifts for Mac Users: Holiday Gifts for Apple Fans

It’s the time of year to start looking for gifts for all the important people in your life. If you’ve got a loved one who’s a Mac obsessive — or you just want to get a great Mac accessory for yourself — our round-up of tip-top Mac gifts will have you sorted this holiday season.

We’ve put together a range of goodies that’ll work for even the most demanding of Mac users. From mice and keyboards to Thunderbolt docks, microphones, and webcams, there’s something here for everyone.

Logitech MX Master 3 for Mac

Apple’s Magic Mouse is great for MacOS gestures, but its low-profile shape can become uncomfortable to use after a while. The good news is there’s a much better alternative that’s designed specifically for Mac users: The Logitech MX Master 3 for Mac.

This superb wireless mouse is comfy to use and features a clever scroll wheel that automatically switches between precise ratchets and free-flowing movement, depending on how hard you spin it. On the side, there is also a thumb wheel that scrolls your pointer horizontally.

Even better, the mouse comes preloaded with built-in MacOS shortcuts. In Photoshop, for instance, the thumb wheel adjusts your brush size, while the thumb buttons undo and redo actions. Press and hold the button at the foot of the thumb rest, and you can even perform native MacOS gestures — just swipe the mouse as you would on an Apple trackpad while pressing the button. When it comes to Mac mice, there’s simply nothing better.

Logitech MX Keys

Logitech MX Keys Mini charges via USB-C.

The perfect pairing for a great mouse is a brilliant Mac keyboard, and Logitech’s MX Keys is just that. It’s the ideal gift for any Mac user stuck on a MacBook’s older butterfly keyboard or for anyone who is left unsatisfied by Apple’s Magic Keyboard.

Each key is dished slightly so that it comfortably fits your finger with each press. There’s a built-in backlight and full numpad, plus a row of function keys too. It can switch between three different devices — no need to use multiple keyboards for multiple Macs — and if you install the Logitech Flow app, you can copy and paste files directly from one Mac to another. There’s even a smaller MX Keys Mini if you want to ditch the number pad.

If you’re looking for a mechanical keyboard to match with your Mac, try the Keychron K8. It’s superbly comfy and reliable and can switch between multiple devices in a snap. And with its satisfying mechanical switches, it’s a great option for someone who spends all day typing on their Mac.

Satechi Aluminum Laptop Stand

The Satechi Aluminum Laptop Stand for MacBook Pro and MacBook Air.

If you know someone who spends a lot of time hunched over a MacBook, do their back a favor by getting them a MacBook stand that raises their device to a more comfortable height. The Satechi Aluminum Laptop Stand does exactly that.

What it does well is combine style and substance. Its aluminum frame comes in silver or space gray to match your existing Apple devices, and its simple hinge is unobtrusive and unassuming. It looks great and will fit right in on your desk.

It’s solidly built and clever, too. Because it works on a single hinge, it folds down flat and is easy to slip into a backpack. There are rubber strips on the top and bottom, helping to keep the stand in place and prevent your MacBook from slipping. It’s fairly priced, so won’t break the bank either.

Anker PowerExpand+ 7-in-1 USB-C Hub Adapter

The Anker PowerExpand+ 7-in-1 USB-C Hub Adapter.

Apple’s latest MacBooks have finally restored some of the port variety that the company’s laptops have been missing for so many years. While they added HDMI and an SD card slot, you still don’t get any USB-A ports. And if you use an older MacBook, all you have are USB-C ports.

A USB-C hub can go a long way to fixing this problem, and Anker’s PowerExpand+ is a great choice. It adds seven new ports, including HDMI, SD card, microSD, two USB-A slots, and two USB-C ports. One of those USB-C slots supports up to 100W of power delivery, so you can juice up your MacBook via the PowerExpand+ if all your other USB-C ports are in use.

You get all that for $35, which is an excellent price for the frustration it prevents and the expansion options it brings.

CalDigit TS3 Plus

The CalDigit TS3 Plus Thunderbolt 3 dock.

If you’re looking for some more serious port expansion, a Thunderbolt dock will be right up your street. Our favorite — by some distance — is the CalDigit TS3 Plus.

Why do we love it so much? It sounds strange, but one of its biggest draws is simply its reliability. When you’re plugging a host of different devices into a Thunderbolt dock, you want them to work properly 100% of the time. That’s surprisingly unusual in the Thunderbolt dock world, but CalDigit’s offering never skips a beat.

It offers a ton of ports (15 in total), including five USB-A, three Thunderbolt 3 (including one that provides 87W of power delivery), audio in and out, an SD card slot, DisplayPort 1.2, Gigabit Ethernet, and more. If you need to connect something to a Mac, chances are the CalDigit TS3 Plus can handle it with ease.

Elgato Wave:3

With so many of us working from home these days, either permanently or temporarily, sounding your best on work calls is essential. The built-in mics inside Apple’s MacBooks are fine, but if you want to go to the next level, the Elgato Wave:3 makes for an excellent gift.

Part of its appeal is how easy it is to get set up and running. For instance, instead of needing to monitor and adjust levels, the Wave:3 has a built-in feature called Clipguard,  which helps combat sudden peaks in volume that can produce rasping or unpleasant sounds. You can tweak levels if required, but it’s nice knowing Elgato’s mic has your back from the off.

Outside video calls, it’s our favorite microphone for streaming, thanks to its Mac companion app that lets you blend audio inputs while your show is live. That makes it a great all-rounder that excels in a number of different fields.

Logitech Brio Ultra HD Pro

Logitech Brio
Brad Bourque/Digital Trends

Apple has been dragging its heels in recent years when it comes to webcams, and we had to wait until the 2021 MacBook Pro before we saw the first 1080p webcam grace the company’s portable Macs. If you’re stuck on a 720p MacBook (or know someone else who is), you might be looking for a better webcam to help you look your best on video calls.

If it’s quality you’re after, there are none better than the Logitech Brio Ultra HD Pro, which is one of the best 4K webcams you can buy. It offers ultra-sharp 4K resolution running at 30fps, or if you need smoother footage, it also runs at 1080p 60fps and 720p 90fps. There are further customizations for the field of view, ranging from 65 degrees to 90 degrees — depending on what you want to capture.

There’s much more, including RightLight 3 tech that corrects your lighting, HDR image capture, and omnidirectional microphones with noise cancellation. It’s a brilliant gift for someone who needs a webcam that can do it all.

iFixit Essential Electronics Toolkit

The iFixit Essential Electronics Toolkit for repairing electronic devices.

For all the great things you can do with a MacBook, you’ll be hard-pressed to repair it if it ever breaks. Apple packs so much inside its laptops that finding your way around the components, cables, screws, and glue can be a real nightmare. If you’re a tinkerer, there’s a secret weapon that can make things much easier: iFixit’s Essential Electronics Toolkit.

Produced by the famous repair company and used in all its product teardowns, this toolkit contains everything you need to pry open a MacBook and dig into its high-tech internals. You get 16 screwdriver heads of different shapes and sizes, tweezers, a suction handle, a spudger, and more.

Put together, these tools should make light work of the booby traps you often find inside Apple devices. If you’ve been dying to repair your Mac or know someone else who is, this kit makes for a great holiday present.

Editors’ Choice




Repost: Original Source and Author Link

Categories
AI

Facebook’s AI moderator will tell group admins when users are beefing in the comments

Facebook is launching a suite of new tools to help group admins get a grip on their communities. Some simply offer a clearer overview of posts and members, while others are designed to help admins tackle conflict — including an AI-powered feature that Facebook says can identify “contentious or unhealthy conversations” taking place in the comments.

This tool is called Conflict Alerts, and Facebook says it’s just testing it for now so availability is unclear. It’s similar to the existing Keywords Alerts feature, which lets admins create custom alerts for when commenters use certain words and phrases, but uses machine learning models to try and spot more subtle types of trouble. Once an admin has been alerted, they can take action by deleting comments, booting users from a group, limiting how often individuals can comment, or how often comments can be made on certain posts.

How exactly the feature will detect “contentious or unhealthy conversations” isn’t clear though, and when reached for comment, Facebook offered little additional detail. A spokesperson said only that the company would use machine learning models to look at “multiple signals such as reply time and comment volume to determine if engagement between users has or might lead to negative interactions.”

Presumably, though, Conflict Alerts uses AI systems similar to those Facebook already deploys to flag abusive speech on the site. These sorts of models are far from 100 percent reliable and are often fooled by simple things like humor, irony, and slang. However, they should be able to pick up on the more obvious cues that an argument is happening — like someone calling people “IDIOTS!” as in the sample screenshot above.

Other new tools for admins being introduced today include a new admin homepage that will function as a dashboard, offering an overview of ”posts, members and reported comments” as well as access to new member summaries, which compile “each group member’s activity in the group, such as the number of times they have posted and commented, or when they’ve had posts removed or been muted in the group.”

And there’s also a new Admin Assist feature for automated comment moderation. This will let admins restrict who is allowed to post comments (letting them block recently joined users, for example) as well as curb spam and unwanted promotions by banning certain links. The Conflict Alerts feature will be part of Admin Assist.

You can read more about all these features in Facebook’s blog post announcement.

Repost: Original Source and Author Link

Categories
Security

Windows users can now manage their iCloud Passwords

If you sync your iCloud Passwords with Windows, Apple’s new, dedicated iCloud Passwords app is going to give you some much-needed new abilities. The app, which comes with the iCloud for Windows 12.5 update, lets you search through your saved passwords, update them, add new ones, and delete login info you no longer want.

Apple’s documentation explains how to manage your iCloud Passwords using the new app, but it’s relatively straightforward. You can access the app from the Start menu, and make any changes to your passwords that you need. Those changes will then be synced to your Apple devices.

iCloud Passwords running on Windows 10 (note that all data included in screenshots is example data).

Apple rolled out some support for iCloud Passwords on Windows earlier this year. In January, an iCloud for Windows update added support for a Chrome extension that would let you use the passwords already in your iCloud Keychain, as well as add new ones to your keychain from Chrome. That extension had a very rocky rollout, but it eventually became available to users in a somewhat working state. It’s still part of iCloud for Windows 12.5’s password management system, and the 12.5 update brings support for an Edge version of the extension as well (in theory, Chrome extensions work with Edge, but reviews on the Chrome web store indicate that this wasn’t the case for iCloud Passwords).

The Chrome extension lets you use passwords saved in your iCloud Passwords.

This update makes using iCloud to sync your passwords significantly more viable if you’re someone who jumps between Windows and Mac (or who uses Windows and an iPhone). Being able to see and search through a list of your saved passwords gives you more flexibility than the browser extension, and being able to manage your passwords means that you don’t have to jump to an Apple device if you want to make changes to your logins. While the new app isn’t as fully featured as a dedicated password manager (or, indeed, as Keychain Access on Mac), it’s certainly better than the little-to-no management abilities Windows users had before for their iCloud Passwords.

The 12.5 update for iCloud for Windows is available now, and you can get it by going to the Windows Store and searching for updates. If you don’t already have iCloud Password syncing set up on your Windows machine, you’ll have to enable it in iCloud Settings before you can use the password manager, but the process is relatively simple. Doing so requires an Apple account that uses two-factor authentication, along with an Apple device running iOS 14 / macOS 11 or later, which you’ll need to get the security code. You’ll also have to have Windows Hello set up — but don’t worry if your computer doesn’t have biometric authentication, because you can also use a PIN.

Repost: Original Source and Author Link

Categories
Game

Twitch data breach update brings users good news

Earlier this month, Twitch suffered a major security breach in which many details about the website and its streamers were leaked to the internet. While it seems the extent of the breach is still being investigated, Twitch has provided an update about its findings so far, and it’s made a big confirmation for users who were worried that their personal information or login credentials were leaked.

In an update published to the Twitch blog earlier today, the company started by reiterating that the “incident was a result of a server configuration change that allowed improper access by an unauthorized third party.” Twitch says that the configuration issue has since been fixed and the company’s systems secured.

Twitch then went on to say that Twitch passwords haven’t been exposed, which is good news indeed. When news of the breach first broke, it was unclear if passwords had been revealed, but Twitch said early on that it had no indication that login credentials were compromised. Now it seems to have confirmation that at least passwords were left untouched.

“We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information,” Twitch added. “The exposed data primarily contained documents from Twitch’s source code repository, as well as a subset of creator payout data. We’ve undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly.”

So, even though the customer impact is minimal, Twitch’s statement on the matter suggests that there’s still some kind of impact. If you’re a regular Twitch user, it might be a good idea to keep an eye on your email to see if you’re one of the users Twitch is reaching out to directly.

Repost: Original Source and Author Link

Categories
Security

Google is about to turn on two-factor authentication by default for millions of users

In May, Google announced plans to enable two-factor authentication (or two-step verification as it’s referring to the setup) by default to enable more security for many accounts. Now it’s Cybersecurity Awareness Month, and Google is once again reminding us of that plan, saying in a blog post that it will enable two-factor for 150 million more accounts by the end of this year.

In 2018, Google said that only 10 percent of its active accounts were using two-factor authentication. It has been pushing, prodding, and encouraging people to enable the setting ever since. Another prong of the effort will require more than 2 million YouTube creators to turn on two-factor authentication to protect their channels from takeover. Google says it has partnered with organizations to give away more than 10,000 hardware security keys every year. Its push for two-factor has made the technology readily available on your phone whether you use Android or iPhone.

A tool that also helps users keep their accounts secure is using a password manager, and Google now says that it checks over a billion passwords a day via its built-in manager for Chrome, Android, and the Google app. The password manager is also available on iOS, where Chrome can autofill logins for other apps. Google says that soon it will help you generate passwords for other apps, making things even more straightforward. Also coming soon is the ability to see all of your saved passwords directly from the Google app menu.

Last but not least, Google is highlighting its Inactive Account Manager. This is a set of decisions to make about what happens to your account if you decide to stop using it or are no longer around and able to make those decisions.

Google Inactive Account Manager

Google Inactive Account Manager
Image: Google

Google added the feature in 2013 so that you can set a timeout period for your account between three and 18 months of disuse before the Inactive Account Manager protocols take effect. Just in case you only switched accounts or forgot about your login, Google will send an email a month before the limit is up. At that point, you can choose to have your information deleted or have it forwarded to whatever trusted contacts you want to have handling things on your behalf. Google’s blog post notes that an inactive account led to the massive Colonial Pipeline attack earlier this year, and just for security’s sake, you probably don’t want your digital life simply hanging around unused for whatever hackers are bored in the future.



Repost: Original Source and Author Link