5 Surprising Ways Google Improves Your Online Security
Pinterest Whatsapp

Google is famous for a lot of things, but privacy and security aren’t usually on the top of that list. Alongside Facebook, they are often heavily criticized for their behavior with your data. Whether it’s scanning your Gmail inbox to show you targeted ads or cooperating with the NSA to spy on users around the world, there’s a lot to be critical of.

At first glance, it would seem like you shouldn’t trust Google at all. But looks can be deceiving. Behind the countless headlines on privacy concerns, Google is working hard to improve your security.

1. Capture The Flag

Google's Capture the Flag game

Bug bounty programs 25 Awesome "Bug Bounty" Programs for Earning Pocket Money 25 Awesome "Bug Bounty" Programs for Earning Pocket Money If you have expertise in security protocols, you could make some extra money hunting for bugs in popular apps and websites, and being rewarded with a bug bounty. Here are the best-paying programs in 2016. Read More are common in the tech world. Software companies promise rewards to programmers, hackers, and security experts who find vulnerabilities in their products. The company harnesses the power of a worldwide network of experts, who get to hone their skills and earn money at the same time. Capture The Flag (CTF) events also take advantage of the skill of experts, but use gamification 3 Unusual Ways Gamification Is Changing Your Life Today 3 Unusual Ways Gamification Is Changing Your Life Today Gamification is about motivation, participation, and loyalty. It is a popular trend and a powerful business strategy. But have you noticed its subtle impact on your daily life? Read More and teamwork to get the job done.

CTF events differ from bug bounty programs though. To be rewarded for on a bounty program, developers have to spend time hunting through the software’s code looking for potential problems. CTF sets challenges around known issues as part of a timed competition, with points awarded to the winning team. The organizers can set challenges around any topic, but the most popular focus is on reverse engineering, exploitation, and real-world attacks like ransomware.

Google hosted their first CTF in April 2016, and it is now an annual event. Teams sign up to the qualifying round, typically hosted a few weeks before the main contest. Four members from each of the top ten teams then get flown to one of Google’s offices to participate. Prizes are paid out to the top three teams, with the first place winners receiving $13,337.

All competing teams can submit challenge write-ups and could earn between $100 and $500 for their efforts. For the 2018 contest, Google introduced Beginners’ Quests for any first timers or those new to security. Although these quests don’t qualify for contest points, they are an enjoyable introduction to security research.

2. Safe Browsing

Google's Safe Browsing tool

In May 2007, a year before Google launched their Chrome web browser, the search engine debuted its Safe Browsing anti-malware effort. They’d recognized that malware is commonly spread through “drive-by downloads” from compromised web servers. Google couldn’t patch the vulnerabilities in your web browser and plugins, but they decided they could alert you to potentially compromised websites in your search results.

Safe Browsing now protects over three billion devices worldwide. It’s not just Google products either—Safe Browsing is integrated into Firefox and Safari too. Even apps like Snapchat have begun to use Google’s Safe Browsing API to keep their users safe. As we live in an increasingly mobile world, Google has set an Unwanted Software Policy for Android. Any apps found to be in breach of that policy display warnings about misuse of data through Safe Browsing too.

3. HTTPS Everywhere

Google used Chrome to push for HTTPS adoption

Your connection to a website isn’t secure; at least it didn’t use to be. If the URL of a site begins HTTP, then the connection isn’t encrypted. This means that any data sent between your device and the website’s server could be intercepted. These are known as man-in-the-middle attacks What Is a Man-in-the-Middle Attack? Security Jargon Explained What Is a Man-in-the-Middle Attack? Security Jargon Explained If you've heard of "man-in-the-middle" attacks but aren't quite sure what that means, this is the article for you. Read More and allow an attacker to insert themselves between both devices and read all the data. Sites that handle sensitive data, like email and online banking providers, have used HTTPS encryption for many years to secure your data in transit.

Google decided that Chrome should do more to warn you when your connection isn’t encrypted. This helps you decide whether to enter payment details and to identify phishing websites. The padlock next to the URL bar is a simple and clear visual aid to keep you informed. Although this was progress, Google decided this still wasn’t enough.

Chrome is the world’s most popular web browser with a 60.6% usage share. Decisions and features implemented in Chrome have a significant impact across the internet. So when Google decided to advocate for the adoption of HTTPS it had a huge knock-on effect. They began moving non-HTTPS websites lower down search rankings, and displaying a “not secure” warning alongside Chrome’s padlock. It was initially placed only on HTTP sites that asked for your data, but in July 2018, Google enabled the “not secure” warning for all non-HTTPS sites Google Is Making HTTPS the Chrome Default Google Is Making HTTPS the Chrome Default With well over half of all websites now encrypted, it's time to think of HTTPS as the default option rather than the exception. That is, at least, according to Google. Read More .

4. Google Play Protect

To stem the flow of Android malware, Google introduced Google Play Protect How Google Play Protect Is Making Your Android Device More Secure How Google Play Protect Is Making Your Android Device More Secure You may have seen "Google Play Protect" popping up, but what exactly is it? And how does it help you? Read More at their developer conference I/O 2017. Android had security protections, but they often didn’t communicate with one another, gave vague advice, and required a fair amount of input from you. Play Protect unites a lot of these features under one name. It now protects over two billion devices and scans 50 billion apps every day.

Play Protect uses machine learning What Is Machine Learning? Google's Free Course Breaks It Down for You What Is Machine Learning? Google's Free Course Breaks It Down for You Google has designed a free online course to teach you the fundamentals of machine learning. Read More to help identify Potentially Harmful Apps (PHA). By training the system to recognize patterns of behavior similar to known PHAs, it can scan new apps and identify any that may be PHAs. According to Google, the behaviors include “apps that attempt to interact with other apps on the device, access or share your personal data, download something without your knowledge, connect to phishing websites, or bypass built-in security features.” Google’s security team reviews potential PHAs for confirmation. That information is fed back into the machine learning algorithms to improve its detection capabilities.

5. Accounts Settings & Security Checkup

Account settings let you control your Google accounts

Hopefully, this won’t come as a surprise, but Google knows a lot about you How Much Does Google Really Know About You? How Much Does Google Really Know About You? Google is no champion of user privacy, but you might be surprised just how much they know. Read More ; probably more than you realized. Unlike some of their contemporaries, though, they understand the importance of trust. You’d only feel comfortable with Google handling your location, emails, calendar, search history, YouTube uploads, and more, if you could be sure that data stays safely locked away inside your account.

As it contains so much personal information, the security of your Google account is critical, not just to you, but to Google too. The My Account dashboard What Does Google Know About You? Find Out and Manage Your Privacy and Security What Does Google Know About You? Find Out and Manage Your Privacy and Security For the first time, search giant Google is offering a way for you to check the information it has about you, how it is gathering that data, and new tools to start reclaiming your privacy. Read More has been designed to make securing your account and managing the data Google holds about you easy to maintain. The sidebar navigation lets you quickly switch between Sign-In & Security, Personal Info & Privacy, and Account Preferences.

Their Security check-up tool even guides you through the most crucial security settings so that if you don’t want to deep dive into all the settings, you don’t have to. When using Google products, you’ll occasionally be prompted to review your security settings. In the past, Google has even given away free Google Drive storage as a reward for completing the checkup.

Unlike Facebook, where a labyrinth of complex options get in your way, Google makes it very easy to view and remove data stored in your account. Navigate to the My Activity page, and you’ll be able to find your full history, filterable by product and date. Either select the data you want to delete or use the “Delete activity by” tool to easily find the information you want to be removed.

Do You Trust Google?

In many ways, Google deserves its reputation as a security and privacy nightmare. Their longstanding motto “don’t be evil” was even recently removed from the preface of their code of conduct. This was right around the time they courted controversy with their involvement in developing AI for military drones.

Despite these apparent concerns, Google is a large, complex company with many aims. Their commitment to security—even if it comes at the detriment to your privacy—is commendable. By using their considerable influence to remove malware from Android, and nurture the development of security professionals around the world, Google makes the internet safer for us all.

Explore more about: Google, Online Security.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. dragonmouth
    July 5, 2018 at 1:35 pm

    Ostensibly, Safe Browsing, protects browser users from malware. In actuality, it is used by Google to track user's browsing habits.

    • James Frew
      July 5, 2018 at 1:46 pm

      That's why I was interested to do this article - the idea that things can be both good and bad at the same time.

  2. ReadandShare
    July 5, 2018 at 5:54 am

    Yes, granted that Google does a lot to protect us from third-party baddies. But never forget that everything we do/read within Google (search, browser, mail, voice, maps, etc., etc. are all essentially transparent to Google itself -- which is at heart the world's most powerful and most successful marketing company!

    • James Frew
      July 5, 2018 at 6:16 am

      They are definitely incentivized to secure your data for their own purposes, but some things like promoting a switch to HTTPs work out great for everyone.

      • dragonmouth
        July 5, 2018 at 1:49 pm

        " some things like promoting a switch to HTTPs work out great for everyone."
        Just because Google encourages the use of HTTPS does not mean they have turned into the paragons of security and privacy. Everything Google does has only one goal - to increase the bottom line, not for any altruistic reasons. If it doesn't improve the profits, it gets deep-sixed. How many projects has Google killed in the last few years? Google is as ruthless and rapacious as Microsoft and Facebook. Whether the hand that has you by the throat wears a steel gauntlet or a a velvet glove, it still has you by the throat.

        • James Frew
          July 5, 2018 at 1:53 pm

          I don't disagree - their business model is generally harmful to protecting privacy and security. But, the profit motive incentivises them to put more effort into improving security outside of their own products, which has a positive effect.

      • dragonmouth
        July 5, 2018 at 2:17 pm

        "the profit motive incentivises them to put more effort into improving security outside of their own products, which has a positive effect."
        Do you perchance work as a spinmeister for a politician?

        "Positive effect" for whom? Google? The question is whether Google is not a greater threat to security/privacy than the actors it is trying to stop.

        • James Frew
          July 5, 2018 at 2:21 pm

          Well, yes, that is the right question - so although it has a positive effect, its not necessarily a net positive.