Google might have a new AI-powered password-generating trick up its sleeve – but can Gemini keep your secrets safe?

If you’ve been using Google Chrome for the past few years, you may have noticed that whenever you’ve had to think up a new password, or change your existing one, for a site or app, a little “Suggest strong password” dialog box would pop up – and it looks like it could soon offer AI-powered password suggestions. 

A keen-eyed software development observer has spotted that Google might be gearing up to infuse this feature with the capabilities of Gemini, its latest large language model (LLM).

The discovery was made by @Leopeva64 on X. They found references to Gemini in patches of Gerrit, a web-based code review system developed by Google and used in the development of Google products like Android

These findings appear to be backed up by screenshots that show glimpses of how Gemini could be incorporated into Chrome to give you even better password suggestions when you’re looking to create a new password or change from one you’ve previously set.

See more

Gemini guesswork

One line of code that caught my attention is that “deleting all passwords will turn this feature off.” I wonder if this does what it says on the tin: shutting the feature off if a user deletes all of their passwords, or if this just means all of the passwords generated by the “Suggest strong passwords” feature. 

The final screenshot that @Leopeva64 provides is also intriguing as it seems to show the prompt that Google engineers have included to get Gemini to generate a suitable password. 

This is a really interesting move by Google and it could play out well for Chrome users who use the strong password suggestion feature. I’m a little wary of the potential risks associated with this method of password generation, similar to risks you find with many such methods. LLMs are susceptible to information leaks caused by prompt or injection hacks. These hacks are designed to trick the AI models to give out information that their creators, individuals, or organizations might want to keep private, like someone’s login information.

A woman working on a laptop in a shared working space sitting next to a man working at a computer

(Image credit: Shutterstock/Gorodenkoff)

An important security consideration 

Now, that sounds scary and as far as we know, this hasn’t happened yet with any widely-deployed LLM, including Gemini. It’s a theoretical fear and there are standard password security practices that tech organizations like Google employ to prevent data breaches. 

These include encryption technologies, which encode data so that only authorized parties can access it for multiple stages of the password generation and storage process, and hashing, a one-way data conversion process that’s intended to make data reverse-engineering hard to do. 

You could also use any other LLM like ChatGPT to generate a strong password manually, although I feel like Google knows more about how to do this, and I’d only advise experimenting with that if you’re a software data professional. 

It’s not a bad idea as a proposition and a use of AI that could actually be very beneficial for users, but Google will have to put an equal (if not greater) amount of effort into making sure Gemini is bolted down and as impenetrable to outside attacks as can be. If it implements this and by some chance it does cause a huge data breach, that will likely damage people’s trust of LLMs and could impact the reputations of the tech companies, including Google, who are championing them.

YOU MIGHT ALSO LIKE…

TechRadar – All the latest technology news

Read More

Google adds biometric verification to Play Store to keep your in-store wallet safe

Google has been emailing Android users about an update to the Play Store allowing you to enable biometric verification for purchases. We got the message over the weekend buried in our inbox. It states users can set fingerprint or facial recognition on the digital storefront as long as they have a mobile device that supports the technology. Once set up, “you’ll be asked to verify it’s you with biometrics” every time you buy something on the platform. 

We can confirm the update is live as it appeared on our phone. To turn it on, open the Play Store app then tap Settings near the bottom. Expand Purchase Verification and toggle the switch to activate Biometric Verification. The storefront will then ask you to type in your password to confirm the setting change. 

It’s important to mention that the final step will change within the coming weeks. According to the email, Google will let users use biometrics instead of requiring them to enter their account password.

The purpose of this feature is to seemingly provide an extra layer of safety to protect yourself against unauthorized transactions in case your phone is ever compromised. You don’t have to use a password anymore, although you will always have the option.

Google Play Store's new biometric verification

(Image credit: Future)

Minor, yet important detrails

There are a few minor details you should know regarding the feature. 

At a glance, it seems the biometric verification will primarily live on the Play Store. We attempted to purchase an ebook and were met with a fingerprint reader to authenticate our identity before checkout. Then we discovered the security feature will appear on third-party apps, but its presence on them varies. 

We purchased items for the game Arknights on our Android phone to see if a biometric verification reader popped up. It didn’t. The checkout went through without any hindrance. However, when we signed up for a three-month trial on Amazon Music, a Play Store message showed up asking if we would like to enable biometrics for future purchases. 

This leads us to believe that some apps will support the new verification method while others won’t. It may depend on whether or not a developer decides to support the security fixture on their product. 

Do note this has been our personal experience with the tool. It may operate differently for you. Google didn’t provide much information in their email or Play Store Help page. Of course, we reached out to the tech giant for clarification and will update the story if we learn anything new.

If you're looking for a great new app to download, be sure to check out the best 10 Android apps of 2023 according to Google.

You might also like

TechRadar – All the latest technology news

Read More

WhatsApp’s new security label will let you know if future third-party chats are safe

WhatsApp is currently testing a new in-app label letting you know whether or not a chat room has end-to-end encryption (E2EE).

WABetaInfo discovered the caption in the latest Android beta. According to the publication, it’ll appear underneath the contact and group name but only if the conversation is encrypted by the company’s “Signal Protocol” (Not to be confused with the Signal messaging app; the two are different.) The line is meant to serve as a “visual confirmation” informing everyone that outside forces cannot read what they’re talking about or listen to phone calls. WABetaInfo adds that the text will disappear after a few seconds, allowing the Last Seen indicator to take its place. At this moment, it’s unknown if the two lines will change back and forth or if Last Seen will permanently take the E2EE label’s place.

This may not seem like a big deal since it’s just four words with a lock icon. However, this small change is important because it indicates Meta is willing to embrace third-party interoperability.

See more

Third-party compatibility

On March 6, the tech giant published a report on its Engineering at Meta blog detailing how interoperability will work in Europe. The EU passed the Digital Markets Act in 2022 which, among other things, implemented new rules forcing major messaging platforms to let users communicate with third-party services. 

Meta’s post gets into the weeds explaining how interoperability will work. The main takeaway is the company wants partners to use their Signal Protocol. The standard serves as the basis for E2EE on WhatsApp and Messenger, so they want everyone to be on the same playing field.

Other services don’t have to use Signal. They can use their compatible protocols, although they must demonstrate they offer “the same security guarantees”. 

The wording here is pretty cut and dry: if a service doesn’t have the same level of protection, then WhatsApp won’t communicate with it. However, the beta suggests Meta is willing to be flexible. They may not completely shut out non-Signal-compliant platforms. At the very least, the company will inform its users that certain chat rooms may not be as well protected as the ones with E2EE enabled.

Interested Android owners can install the update from the Google Play Beta Program although there is a chance you may not receive the feature. WABetaInfo states it’s only available to a handful of testers. No word if WhatsApp on iOS will see the same patch.

While we have you, be sure to join TechRadar's official WhatsApp channel to get all the latest reviews on your phone.

You might also like

TechRadar – All the latest technology news

Read More

Nvidia’s GeForce Now’s free tier will soon show you up to two minutes of ads while you wait to play – proving nowhere is safe from commercials

Nvidia’s free tier of GeForce Now, its cloud gaming service, will soon run up to two minutes of ads before you play, according to Nvidia spokesperson Stephanie Ngo.

GeForce Now is a service offered by Nvidia that allows you to connect to digital PC game stores and stream games you already own across a multitude of different devices – including Macs, Windows laptops, iPhones and iPads, Android phones, and more.

It offers three membership tiers, with the free membership offering a queue system with an hour-long gaming session length that will then bring you back to the start of the queue once your time is up. It’s in this waiting time that the ads will be shown, so while it could be a little annoying, your actual gameplay time won’t be interrupted. 

The ads will help pay for the free tier service and keep it free, with Ngo adding that the change is also expected to reduce wait times for free users in the long run – though it’s not entirely clear at this point how that’s going to work. Perhaps Nvidia is expecting the arrival of ads to push users to pay for the premium tiers or simply drive some users away from the platform entirely – either would, in theory, help reduce queues for the free tier.  GeForce Now users should expect an email on 27 Feb to let them know about the changes. 

 Major inconvenience or just … meh?  

I’m not a user of Nvidia’s game-streaming service myself, but I reached out to GeForce Now Members within the TechRadar team and learned that wait times currently fluctuate between five to fifteen minutes – and scrolling through the GeForce Now subreddit proves that wait times can go on even longer. 

Most people who use the free tier of GeForce Now go in aware that they will be spending a not-insignificant amount of time in a queue, so in reality, two minutes of ads when you know you’re likely going to be waiting for longer anyway isn’t much of an inconvenience – it might even help kill some time. Many users are likely to simply do something else while queuing for their free hour timeslot anyway, so why shouldn’t Nvidia get some extra ad revenue from it?

That being said, it is a gloomy example of the inescapable modern torture of being advertised at non-stop. Almost every facet of the internet is packed with ads at this point (this article included – sorry about that, but we’ve got to eat!) and while a lot of platforms offer ad-free paid tiers, it seems like that isn’t enough anymore. 

Amazon Prime has received a lot of (well-deserved) flak for slapping ads onto paid memberships, and Netflix’s ad-supported free tier wasn’t very well-received either. While Nvidia’s latest move seems fairly innocuous right now, who’s to say the ‘up to two minutes’ won’t extend further in the future, until you’re sat watching a full ten minutes of commercials to play an hour-long session of your current favorite game? Do you just give in and buy a paid membership? I just might, personally – but I wouldn’t be happy about it.

Via The Verge 

You might also like…

TechRadar – All the latest technology news

Read More

Google is shutting down Play Movies & TV, but don’t worry, your purchases are safe

Google will be pulling the plug on the last vestiges of Play Movies & TV, and to help with the transition, it’ll be moving users’ purchased content to other services.

The tech giant has been slowly shutting down the platform for the past two years beginning with its removal from various smart TVs. The storefront has since existed on Android TV devices and Google Play undisturbed until recently when a post on the Android TV Help website announced the changes. According to the page, the update will roll out over the coming weeks, but the day you’ll receive the patch depends on what country you live in. Then on January 17, Google will officially move everything you bought on or are currently renting from Play Movies & TV to its new home. Something you should know is access to your content depends on what hardware you own.

For example, if you have an Android TV or streaming device, you can find your purchases over “in the Your Library row on the Shop tab.” People who own a cable or set-top box “powered by Android TV” will have to open the YouTube app and then go to the Movies & TV section. Media will be under the Purchased tab. On web browsers, it’s the same process: head over to YouTube and hop on over to Movies & TV on your account.

Also, the post from earlier mentions you can view content on the Google TV mobile app. It doesn’t say exactly where people can find their media, but if we have to take a wild stab in the dark, it’ll most likely be under Your Stuff.

A small limitation

There aren’t a lot of restrictions. One we found is the fact that the ability to buy or rent movies on YouTube isn’t available around the globe. It's only in a few regions. A full list of supporting countries can be found on Google’s Help website. It’s worth mentioning some online reports claim they’ve already received the patch as they’re “already seeing old movie buys” on YouTube so the release may be happening sooner than expected.

We reached out to Google asking for some clarification on the rollout, like are certain countries being prioritized first? Additionally, what if someone gets the update earlier than January 17? Does this mean they'll be locked out of their purchases until then? We’ll let you know what the company says if they respond.

Be sure to check out TechRadar's list of the best Android box of 2023 if you're looking for a way to upgrade your TV.

You might also like

TechRadar – All the latest technology news

Read More

Google Photos’ Locked Folder can now keep your sensitive images safe on iOS

Google is expanding the reach of its Locked Folder tool on the Google Photos app so it will soon be available on iOS and web. This means that if you decide to switch from an Android device to an iPhone, you can still access your secure files without issue.

It doesn’t appear like there’s any major difference between the three versions. All three types of users can store their content in a Locked Folder then back it up so it can be accessed across multiple devices. According to Google in the official announcement that you’ll be saving your files on “one of the world’s most advanced security infrastructures.”

When it first launched, Locked Folder was exclusive to Google Photos on Android. It provided users a “passcode-protected space” for images or videos, ensuring that they won’t appear on your “photo grid or other apps.” 

The problem was the Locked Folders feature wasn't available outside of Android smartphones, as we just covered. So if an iPhone owner wanted to hide particularly sensitive media, they were out of luck. Those images could end up on other connected apps where they're displayed in full view. 

With this update, you can rest easy knowing that moving forward, any embarrassing snapshots of you at that Christmas party will remain hidden on your iPhone.

See more

In addition to the expansion, the company is also simplifying the settings page on Google Photos to make finding and adjusting privacy controls easier. The menu will no longer have everything messily displayed on a single screen. Instead, individual tabs will be compartmentalized into larger sections for a much cleaner look. The Privacy tab, for example, will have all of the sharing tools where you can decide which of your friends has access to your image folders.

Availability

Keep an eye out for the update patch when it arrives. Google states the new layout for the settings page is now available on Google Photos for Android and iOS. Also, Locked Folder support begins rolling out to iOS users today. 

It’s unknown when Locked Folder will make its way to Google Photos on web browsers. We didn’t see anything on our personal account. However, it is worth mentioning there are instructions for setting up Locked Folders for desktop via the official Google Photos Help website. This could mean the browser update will be launching soon – although we don’t know when. We reached out to Google for more information about when we can expect the final patch. This story will be updated at a later time.

If you’re looking for alternatives, be sure to check out TechRadar’s list of the best photo storage and sharing sites for 2023

YOU MIGHT ALSO LIKE

TechRadar – All the latest technology news

Read More

WhatsApp’s new Chat Lock feature will keep your private conversations safe

WhatsApp is currently rolling out a new Chat Lock feature that will ensure your private conversations stay that way.

The Chat Lock update takes chat threads and places them behind their own locked folder which can only be accessed via your device’s own password or biometrics. Additionally, the content of those conversations will be hidden in your notifications so nosy people can't see what you're talking about.

Meta states in the announcement post that Chat Lock is ideal for people who share an unlocked smartphone with family, or, as shown in the official trailer, have their device stolen by their annoying, little brother. To enable the protection, all you have to do is tap the name of the chat and select the locking option. To reveal those chats, “pull down on your inbox” then enter your password or biometric in order to unlock them. Pretty simple stuff.

There are plans to expand Chat Lock options “over the next few months”. Meta states it’ll be possible to lock your conversations on companion devices. Plus, users will soon be able to create custom passwords for the chat that differ from the ones on their smartphones.

As for the launch, the post doesn’t say whether or not this is a global rollout nor does it mention anything about being able to use Face ID to unlock chats. We reached out to Meta for clarification. This story will be updated if we hear back. 

Chat Lock feature on WhatsApp

The new Chat Lock feature on WhatsApp (Image credit: WhatsApp)

Room for improvement

Chat Lock joins WhatsApp’s long list of security features from Device Verification to end-to-end encryption and two-factor authentication, but that doesn’t mean things are perfect. There's always room for improvement as every now and again something goes wrong.

In this instance, we’re specifically referring to a recently discovered bug that allows WhatsApp to continuously use a phone’s microphone even if the app is closed. This was first discovered by a Twitter engineer who posted a screenshot of the app using the mic at least nine times in the early morning of May 6. Meta is aware of this but claims it isn’t their fault. Instead, the official WhatsApp Twitter account points the finger at Google, claiming there’s a bug in the Privacy Dashboard on Android. Regardless of whose fault it is, we do recommend turning off your microphone through your device’s settings menu to ensure complete privacy. 

But if that doesn’t satisfy you, check out TechRadar’s list of the best-encrypted messaging apps of 2023 for alternatives. 

TechRadar – All the latest technology news

Read More

This new PDF tool might be the best way to keep your confidential data safe

Foxit has announced the release of Smart Redact – an AI-powered tool that can detect and redact sensitive information contained within PDF documents. 

The new tool promises to provide businesses with a more efficient way to stay compliant with global data laws and regulations like GDPR. Now, firms can search and hide sensitive data without having to exit the PDF editor and disrupt the workflow. 

Smart Redact comes as an optional add-on. However, it’s built directly into Foxit PDF Editor – considered one of the best PDF readers for Windows – so unlike other PDF plugins, you won’t need to install it. You just need to switch it on. 

 Smart, sensitive, secure

Privacy-conscious Foxit users are no strangers to redaction. The PDF editor, which we champion as one of the best Adobe Acrobat alternatives, included the option to manually locate and mark text, images, areas, and even whole pages for redaction. 

Now, Foxit claims that Smart Redact “builds upon the redact capability in PDF Editor by expanding the number of automatic sensitive data pattern searches, including those without static patterns, such as person names, organization names, personal roles.”

Alongside the AI tool, user profiles are also now available. Profiles let you set certain types of confidential data that are always to be obscured. That means you won’t have to constantly search and scrub protected information across multiple documents and document types, as Smart Redact will automatically do it for you. 

With cybersecurity front of mind, Smart Redact is TAA compliant and SOC 2 Certified. Data transferred between the software and the Foxit cloud server deploys AES-256 encryption. 

Frank Kettenstock, Foxit CMO, said “By leveraging artificial intelligence, Foxit Smart Redact dramatically improves the productivity of knowledge workers involved in redaction. Users will save time and reduce the potential for errors.”

TechRadar – All the latest technology news

Read More

Norton looks to keep you safe from ID theft with new Identity Advisor Plus platform

Norton has launched a new Identity Advisor Plus service for identity theft protection and restoration

The antivirus and security software provider says it developed the software to tackle potential ID theft and the restoration of ID theft, which it claims has affected 30% of Brits.

The company cited its own recent research that found over half (55%) of British adults admitting they would have no idea what to do if their identity was stolen.

Norton Identity Advisor Plus 

Dark web monitoring from Norton ID theft advisor plus

(Image credit: Norton Security)

Norton Identity Advisor Plus offers a mix of social media monitoring, personal information monitoring and dark web monitoring tools to highlight suspicious activity on existing accounts. The software also highlights if personal information is being accessed elsewhere on the web without consent. 

The social media monitoring software focuses on the most popular social media sites, including Facebook, Instagram, Twitter, LinkedIn and YouTube.

Customers can sign up to use the new Identity Advisor Plus software now, with an easy-to-use Norton dashboard allowing its experts to detect any suspicious activity on your behalf, from £29.99 for the first year

The subscription also comes with Identity Restoration Support, including a devoted Restoration Specialist who acts as your case manager for handling any information breach, collecting ID theft case evidence and overseeing any necessary communication with third parties. They’ll also talk you through any necessary steps to restore your online identity and recover stolen information until your case is resolved. 

Read more

Norton 360 running on a PC, laptop and phone

(Image credit: Future)

The launch is the latest release from Norton as it bids to help keep customers safe and secure online.

The cybersecurity experts have also recently  released Norton 360 Advanced, a complete online security package to keep your data private and secure online. The platform includes a password manager, 200GB PC cloud backup, a secure VPN and parental control tools in order to help defend your whole family against cyberthreats. 

Read next

We've put together a help guide on which Norton antivirus plan you should get. Alternatively, here’s our rundown of the best identity theft protection services, best password managers, best antivirus software and best VPN service providers available today.

TechRadar – All the latest technology news

Read More