Connect with us

Biz & IT

Ahead of third antitrust ruling, Google announces fresh tweaks to Android in Europe

Published

on

Google is widely expected to be handed a third antitrust fine in Europe this week, with reports suggesting the European Commission’s decision in its long-running investigation of AdSense could land later today.

Right on cue the search giant has PRed another Android product tweak — which it bills as “supporting choice and competition in Europe”.

In the coming months Google says it will start prompting users of existing and new Android devices in Europe to ask which browser and search apps they would like to use.

This follows licensing changes for Android in Europe which Google announced last fall, following the Commission’s $5BN antitrust fine for anti-competitive behavior related to how it operates the dominant smartphone OS.

tl;dr competition regulation can shift policy and product.

Albeit, the devil will be in the detail of Google’s self-imposed ‘remedy’ for Android browser and search apps.

Which means how exactly the user is prompted will be key — given tech giants are well-versed in the manipulative arts of dark pattern design, enabling them to create ‘consent’ flows that deliver their desired outcome.

A ‘choice’ designed in such a way — based on wording, button/text size and color, timing of prompt and so on — to promote Google’s preferred browser and search app choice by subtly encouraging Android users to stick with its default apps may not actually end up being much of a ‘choice’.

According to Reuters the prompt will surface to Android users via the Play Store. (Though the version of Google’s blog post we read did not include that detail.)

Using the Play Store for the prompt would require an Android device to have Google’s app store pre-loaded — and licensing tweaks made to the OS in Europe last year were supposedly intended to enable OEMs to choose to unbundle Google apps from Android forks. Ergo making only the Play Store the route for enabling choice would be rather contradictory. (As well as spotlighting Google’s continued grip on Android.)

Add to that Google has the advantage of massive brand dominance here, thanks to its kingpin position in search, browsers and smartphone platforms.

So again the consumer decision is weighted in its favor. Or, to put it another way: ‘This is Google; it can afford to offer a ‘choice’.’

In its blog post getting out ahead of the Commission’s looming AdSense ruling, Google’s SVP of global affairs, Kent Walker, writes that the company has been “listening carefully to the feedback we’re getting” vis-a-vis competition.

Though the search giant is actually appealing both antitrust decisions. (The other being a $2.7BN fine it got slapped with two years ago for promoting its own shopping comparison service and demoting rivals’.)

“After the Commission’s July 2018 decision, we changed the licensing model for the Google apps we build for use on Android phones, creating new, separate licenses for Google Play, the Google Chrome browser, and for Google Search,” Walker continues. “In doing so, we maintained the freedom for phone makers to install any alternative app alongside a Google app.”

Other opinions are available on those changes too.

Such as French pro-privacy Google search rival Qwant, which last year told us how those licensing changes still make it essentially impossible for smartphone makers to profit off of devices that don’t bake in Google apps by default. (More recently Qwant’s founder condensed the situation to “it’s a joke“.)

Qwant and another European startup Jolla, which leads development of an Android alternative smartphone platform called Sailfish — and is also a competition complainant against Google in Europe — want regulators to step in and do more.

The Commission has said it is closely monitoring changes made by Google to determine whether or not the company has complied with its orders to stop anti-competitive behavior.

So the jury is still out on whether any of its tweaks sum to compliance. (Google says so but that’s as you’d expect — and certainly doesn’t mean the Commission will agree.)

In its Android decision last summer the Commission judged that Google’s practices harmed competition and “further innovation” in the wider mobile space, i.e. beyond Internet search — because it prevented other mobile browsers from competing effectively with its pre-installed Chrome browser.

So browser choice is a key component here. And ‘effective competition’ is the bar Google’s homebrew ‘remedies’ will have to meet.

Still, the company will be hoping its latest Android tweaks steer off further Commission antitrust action. Or at least generate more fuzz and fuel for its long-game legal appeal.

Current EU competition commissioner, Margrethe Vestager, has flagged for years that the division is also fielding complaints about other Google products, including travel search, image search and maps. Which suggests Google could face fresh antitrust investigations in future, even as the last of the first batch is about to wrap up.

The FT reports that Android users in the European economic area last week started seeing links to rival websites appearing above Google’s answer box for searches for products, jobs or businesses — with the rival links appearing above paid results links to Google’s own services.

The newspaper points out that tweak is similar to a change promoted by Google in 2013, when it was trying to resolve EU antitrust concerns under the prior commissioner, Joaquín Almunia.

However rivals at the time complained the tweak was insufficient. The Commission subsequently agreed — and under Vestager’s tenure went on to hit Google with antitrust fines.

Walker doesn’t mention these any of additional antitrust complaints swirling around Google’s business in Europe, choosing to focus on highlighting changes it’s made in response to the two extant Commission antitrust rulings.

“After the Commission’s July 2018 decision, we changed the licensing model for the Google apps we build for use on Android phones, creating new, separate licenses for Google Play, the Google Chrome browser, and for Google Search. In doing so, we maintained the freedom for phone makers to install any alternative app alongside a Google app,” he writes.

Nor does he make mention of a recent change Google quietly made to the lists of default search engine choices in its Chrome browser — which expanded the “choice” he claims the company offers by surfacing more rivals. (The biggest beneficiary of that tweak is privacy search rival DuckDuckGo, which suddenly got added to the Chrome search engine lists in around 60 markets. Qwant also got added as a default choice in France.)

Talking about Android specifically Walker instead takes a subtle indirect swipe at iOS maker Apple — which now finds itself the target of competition complaints in Europe, via music streaming rival Spotify, and is potentially facing a Commission probe of its own (albeit, iOS’ marketshare in Europe is tiny vs Android). So top deflecting Google.

“On Android phones, you’ve always been able to install any search engine or browser you want, irrespective of what came pre-installed on the phone when you bought it. In fact, a typical Android phone user will usually install around 50 additional apps on their phone,” Walker writes, drawing attention to the fact that Apple does not offer iOS users as much of a literal choice as Google does.

“Now we’ll also do more to ensure that Android phone owners know about the wide choice of browsers and search engines available to download to their phones,” he adds, saying: “This will involve asking users of existing and new Android devices in Europe which browser and search apps they would like to use.”

We’ve reached out to Commission for comment, and to Google with questions about the design of its incoming browser and search app prompts for Android users in Europe and will update this report with any response.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Microsoft alleges attacks on French magazine came from Iranian-backed group

Published

on

Microsoft said on Friday that an Iranian nation-state group already sanctioned by the US government was behind an attack last month that targeted the satirical French magazine Charlie Hebdo and thousands of its readers.

The attack came to light on January 4, when a previously unknown group calling itself Holy Souls took to the Internet to claim it had obtained a Charlie Hebdo database that contained personal information for 230,000 of its customers. The post said the database was available for sale at the price of 20 BTC, or roughly $340,000 at the time. The group also released a sample of the data that included the full names, telephone numbers, and home and email addresses of people who had subscribed to, or purchased merchandise from, the publication. French media confirmed the veracity of the leaked data.

The release of the sample put the customers at risk of online targeting or physical violence by extremist groups, which have retaliated against Charlie Hebdo in recent years for its satirical treatment of matters pertaining to the Muslim religion and Islamic countries such as Iran. The retaliation included the 2015 shooting by two French Muslim terrorists and brothers at Charlie Hebdo offices that killed 12 and injured 11 others. To further gin up attention to the breached data, a flurry of fake personas—one falsely claiming to be a Charlie Hebdo editor—took to social media to discuss and publicize the leak.

Twitter post purporting to come from impersonating a Charlie Hebdo editor.
Enlarge / Twitter post purporting to come from impersonating a Charlie Hebdo editor.

Microsoft

On Friday, Clint Watts, the general manager of Microsoft’s Digital Threat Analysis Center, wrote:

We believe this attack is a response by the Iranian government to a cartoon contest conducted by Charlie Hebdo. One month before Holy Souls conducted its attack, the magazine announced it would be holding an international competition for cartoons “ridiculing” Iranian Supreme Leader Ali Khamenei. The issue featuring the winning cartoons was to be published in early January, timed to coincide with the eighth anniversary of an attack by two al-Qa’ida in the Arabian Peninsula (AQAP)-inspired assailants on the magazine’s offices.

The tactics, techniques, and procedures of the influence campaign led Microsoft researchers to conclude it was the work of Emennet Pasargad, an Iranian group that has long been monitored and targeted by the US government. The FBI said in January 2022 that Emennet Pasargad was behind “a multi-faceted campaign to interfere in the 2020 US presidential election.”

Participants in the operation obtained confidential US voter information from at least one state election website, sent threatening emails designed to intimidate voters, and published a video airing disinformation concerning non-existent voting vulnerabilities. The group also claimed affiliation with the neo-fascist group Proud Boys to further intimidate voters.

Last October, the FBI said that Emennet Pasargad targeted groups in Israel with “cyber-enabled information operations that included an initial intrusion, theft, and subsequent leak of data, followed by amplification through social media and online forums, and in some cases the deployment of destructive encryption malware.”

The US Treasury in 2021 placed sanctions on Emennet Pasargad and six Iranian nationals who are members, citing their attempts “to sow discord and undermine voters’ faith in the US electoral process.”

Friday’s post said Microsoft had “high confidence” that the group, which the company refers to as Neptunium, was behind the Charlie Hebdo influence campaign. The assessment was based on elements including:

  • A hacktivist persona claiming credit for the cyberattack
  • Claims of a successful website defacement
  • Leaking of private data online
  • The use of inauthentic social media “sockpuppet” personas—social media accounts using fictitious or stolen identities to obfuscate the account’s real owner for the purpose of deception—claiming to be from the country that the hack targeted to promote the cyberattack using language with errors obvious to native speakers
  • Impersonation of authoritative sources
  • Contacting news meida organizations
Attribution matrix Microsoft used to arrive at its assessment.
Enlarge / Attribution matrix Microsoft used to arrive at its assessment.

Microsoft

Microsoft said the January campaign used French-language sockpuppet social media accounts, many with low follower counts, to amplify the leak and “distribute antagonistic messaging.” The accounts also posted criticisms of the cartoon competition aimed at Khamenei.

“Crucially, before there had been any substantial reporting on the purported cyberattack, these accounts posted identical screenshots of a defaced website that included the French-language message: ‘Charlie Hebdo a été piraté’ (‘Charlie Hebdo was hacked’),” Watts wrote.

Shortly after that, at least two social media accounts—one purporting to belong to a tech executive and the other to a Charlie Hebdo editor—posted screenshots of the leaked customer data.

The campaign Microsoft has documented is the latest reminder that social media is often manipulated by special interest groups—some with deep pockets. People would do well to remember this manipulation and be careful to verify claims before spreading them further.

Continue Reading

Biz & IT

The newest feature in the Microsoft Store is more ads

Published

on

Microsoft

If your main problem with the Microsoft Store is that you get too many relevant results when you search for apps, good news: Microsoft is officially launching Microsoft Store Ads, a way for developers to pay to get their apps in front of your eyes when you go to the store to look for something else.

Microsoft’s landing page for the feature says the apps will appear during searches and in the Apps and Gaming tabs within the app. Developers will be able to track whether and where users see the ads and whether they’re downloading and opening the apps once they see the ads.

Microsoft also provided an update on the health of the Microsoft Store, pointing to 2022 as “a record year,” with more than 900 million unique users worldwide and “a 122% year-over-year increase in developer submissions of new apps and games.” Microsoft has steadily loosened its restrictions on Store apps in the last year or two, allowing in traditional Win32 apps and also leaning on Amazon’s Android app store and the Windows Subsystem for Android to expand its selection.

The company launched a “pilot program” of the Microsoft Store Ads back in September of 2022, and the look of the ads doesn’t appear to have changed much since then. Ads will be served to Microsoft Store users on Windows 10 and Windows 11 and are only available to developers who have already published their apps to the store.

Samples of the new Microsoft Store ads, including one for the prolific developers at Contoso Inc.

Samples of the new Microsoft Store ads, including one for the prolific developers at Contoso Inc.

Microsoft

These kinds of ads are usually described in benign terms—that they’re merely a way for the developers on the Microsoft Store to boost their work and find more users. The reality is that similar ads on Apple’s platforms, at least in my experience, tend to be either irrelevant (ads for Twitter or Truth Social on a search for Mastodon clients), annoying (ads for shovelware free-to-play games), actively malicious (the brief period where gambling ads took over the store), or some combination of all three.

The new addition may or may not turn up relevant search results for users, but it does add more advertisements to a platform that already has plenty of them. A fresh Windows 11 install from a USB stick automatically pulls down a range of third-party apps from the Microsoft Store the first time you connect to the Internet, and Windows includes plenty of Microsoft house ads for Edge, Bing, Microsoft Start, Microsoft 365, OneDrive, and other products and features.

Continue Reading

Biz & IT

Until further notice, think twice before using Google to download software

Published

on

Getty Images

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.

“Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not ‘the norm.’”

One of many new threats: MalVirt

The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.

On the same day that Spamhaus published its report, researchers from security firm Sentinel One documented an advanced Google malvertising campaign pushing multiple malicious loaders implemented in .NET. Sentinel One has dubbed these loaders MalVirt. At the moment, the MalVirt loaders are being used to distribute malware most commonly known as XLoader, available for both Windows and macOS. XLoader is a successor to malware also known as Formbook. Threat actors use XLoader to steal contacts data and other sensitive data from infected devices.

The MalVirt loaders use obfuscated virtualization to evade end-point protection and analysis. To disguise real C2 traffic and evade network detections, MalVirt beacons to decoy command and control servers hosted at providers including Azure, Tucows, Choopa, and Namecheap. Sentinel One researcher Tom Hegel wrote:

As a response to Microsoft blocking Office macros by default in documents from the Internet, threat actors have turned to alternative malware distribution methods—most recently, malvertising. The MalVirt loaders we observed demonstrate just how much effort threat actors are investing in evading detection and thwarting analysis.

Malware of the Formbook family is a highly capable infostealer that is deployed through the application of a significant amount of anti-analysis and anti-detection techniques by the MalVirt loaders. Traditionally distributed as an attachment to phishing emails, we assess that threat actors distributing this malware are likely joining the malvertising trend.

Given the massive size of the audience threat actors can reach through malvertising, we expect malware to continue being distributed using this method.

Google representatives declined an interview. Instead, they provided the following statement:

Bad actors often employ sophisticated measures to conceal their identities and evade our policies and enforcement. To combat this over the past few years, we’ve launched new certification policies, ramped up advertiser verification, and increased our capacity to detect and prevent coordinated scams. We are aware of the recent uptick in fraudulent ad activity. Addressing it is a critical priority and we are working to resolve these incidents as quickly as possible.

Anecdotal evidence that Google malvertising is out of control isn’t hard to come by. Searches seeking software downloads are probably the most likely to turn up malvertising. Take, for instance, the results Google returned for a search Thursday looking for “visual studio download”:

Clicking that Google-sponsored link redirected me to downloadstudio[.]net, which is flagged by VirusTotal as malicious by only a single endpoint provider:

On Thursday evening, the download this site offered was detected as malicious by 43 antimalware engines:

Continue Reading

Trending