Sunday, April 3, 2011

Googland

Googland

[G] Improving SSL certificate security

Posted: 03 Apr 2011 03:44 AM PDT

Google Online Security Blog: Improving SSL certificate security

Posted by Ben Laurie, Google Security Team

In the wake of the recent Comodo fraud incident, there has been a great deal of speculation about how to improve the public key infrastructure, on which the security of the Internet rests. Unfortunately, this isn't a problem that will be fixed overnight. Luckily, however, experts have long known about these issues and have been devising solutions for some time.

Given the current interest it seems like a good time to talk about two projects in which Google is engaged.

The first is the Google Certificate Catalog. Google's web crawlers scan the web on a regular basis in order to provide our search and other services. In the process, we also keep a record of all the SSL certificates we see. The Google Certificate Catalog is a database of all of those certificates, published in DNS. So, for example, if you wanted to see what we think of https://www.google.com/'s certificate, you could do this:

$ openssl s_client -connect www.google.com:443 < /dev/null | openssl x509 -outform DER | openssl sha1
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
DONE
405062e5befde4af97e9382af16cc87c8fb7c4e2
$ dig +short 405062e5befde4af97e9382af16cc87c8fb7c4e2.certs.googlednstest.com TXT
"14867 15062 74"

In other words: take the SHA-1 hash of the certificate, represent it as a hexadecimal number, then look up a TXT record with that name in the certs.googlednstest.com domain. What you get back is a set of three numbers. The first number is the day that Google's crawlers first saw that certificate, the second is the most recent day, and the third is the number of days we saw it in between.

In order for the hash of a certificate to appear in our database, it must satisfy some criteria:
  • It must be correctly signed (either by a CA or self-signed).
  • It must have the correct domain name — that is, one that matches the one we used to retrieve the certificate.
The basic idea is that if a certificate doesn't appear in our database, despite being correctly signed by a well-known CA and having a matching domain name, then there may be something suspicious about that certificate. This endeavor owes much to the excellent Perspectives project, but it is a somewhat different approach.

Accessing the data manually is rather difficult and painful, so we're thinking about how to add opt-in support to the Chrome browser. We hope other browsers will in time consider acting similarly.

The second initiative to discuss is the DANE Working Group at the IETF. DANE stands for DNS-based Authentication of Named Entities. In short, the idea is to allow domain operators to publish information about SSL certificates used on their hosts. It should be possible, using DANE DNS records, to specify particular certificates which are valid, or CAs that are allowed to sign certificates for those hosts. So, once more, if a certificate is seen that isn't consistent with the DANE records, it should be treated with suspicion. Related to the DANE effort is the individually contributed CAA record, which predates the DANE WG and provides similar functionality.

One could rightly point out that both of these efforts rely on DNS, which is not secure. Luckily we've been working on that problem for even longer than this one, and a reasonable answer is DNSSEC, which enables publishing DNS records that are cryptographically protected against forgery and modification.

It will be some time before DNSSEC is deployed widely enough for DANE to be broadly useful, since DANE requires every domain to be able to use DNSSEC. However, work is on the way to use DNSSEC for the Certificate Catalog well before the entire DNSSEC infrastructure is ready. If we publish a key for the domain in which we publish the catalog, clients can simply incorporate this key as an interim measure until DNSSEC is properly deployed.

Improving the public key infrastructure of the web is a big task and one that's going to require the cooperation of many parties to be widely effective. We hope these projects will help point us in the right direction.
URL: http://googleonlinesecurity.blogspot.com/2011/04/improving-ssl-certificate-security.html

[G] Improving finger dexterity for faster web browsing

Posted: 02 Apr 2011 06:02 PM PDT

Google Chrome Blog: Improving finger dexterity for faster web browsing

Three weeks ago, we released a new stable build of Chrome which featured our biggest speed improvements to date—a 66 percent lift in JavaScript performance on the V8 benchmark suite.

However, the Chrome browser can only process data as quickly as users can tell it how to do so—i.e., type. In 1946, Stella Pajunas-Garnand set a world record by typing at a blistering 216 words per minute. Once we learned that the average Internet user ambles in at 33 words per minute—just 15.2778 percent of the existing milestone—we decided to conduct our own research into the state of finger speed and performance.

Browsing the web involves two key finger movements: the up-and-down motion of a finger pressing a key and the back-and-forth movement of a finger scrolling the wheel of a mouse. To reach a standard measurement for speed and performance, we combined eight key metrics from both movements to produce the Finger Dexterity Index (FDI), which we've mapped below against the V8 Benchmark:



As you can see, there have been relatively few advances in finger dexterity since Chrome's launch, which is why we're excited to bring you Chromercise, a new exercise regimen for your hands and fingers. Some existing finger exercise programs focus on upgrading your digits' cardiovascular strength and musculature; others focus on dexterity. Chromercise's unique blend of aerobic motion and rhythmic accompaniment covers all of the above while simultaneously tightening and toning your fingers' actual appearance.



A few words of caution: be sure to stretch before and after your Chromercise workout, and only attempt the complex moves at the end of the workout video after mastering the core movements from the first half. In fact, we strongly encourage finger sweatbands throughout your workout for your comfort and the safety of those around you. And as with any fitness program, don't forget to consult your physician before committing to a rigorous Chromercise regimen.

To learn more visit Chromercise.com today.



Posted by Chris Wright, certified Chromercise Instructor
URL: http://chrome.blogspot.com/2011/04/improving-finger-dexterity-for-faster.html

[G] Google Cloud Print Ready printers now available

Posted: 02 Apr 2011 06:02 PM PDT

Google Chrome Blog: Google Cloud Print Ready printers now available

Imagine printing an important email from your Chrome notebook on your train ride to work, then finding the completed printout in the printer tray when you reach the office. Or printing your airline boarding pass from your smartphone to your home printer, so you can grab the printout on your way out the door. Today, we are one big step closer to this vision.

Last year, we launched Google Cloud Print, a service that enables users to print from any device, operating system, or browser to any printer without the need for drivers or a PC connection. The service can be used with any printer, but the most seamless experience is offered by Google Cloud Print Ready devices, a new generation of web-connected printers that don't need to be attached to a computer. Today, HP has announced that all of its ePrint-enabled printers are Google Cloud Print Ready, in most cases right out of the box. With a Google Cloud Print Ready printer, you can print emails, documents and web pages from supported apps without having to hunt for drivers or printer cables.

You can already use Google Cloud Print on Chrome notebooks and in the mobile versions of Gmail and Google Docs. Many more supported apps are on the way. There are also a third-party Android app, Chrome extension and Firefox add-on to help you use Google Cloud Print in more places.

We're also continuing to release enhancements to the Google Cloud Print service. We've released a Mac version of the Google Cloud Print connector for non-cloud printers in the Chrome beta channel. And over the next few days we'll be enabling printer sharing for current Google Cloud Print users, so your family, friends and colleagues can print their documents from anywhere to anywhere.

Happy printing!

Posted by Abhijit Kalamkar, Software Engineer
URL: http://chrome.blogspot.com/2011/03/google-cloud-print-ready-printers-now.html

[G] Contoso has gone Google

Posted: 02 Apr 2011 02:32 PM PDT

Official Google Enterprise Blog: Contoso has gone Google

Editor's note: Today we'll hear from Albert V. Leems, CIO at Contoso, a manufacturing firm headquartered near Seattle.

As a subsidiary of a traditional software company, we went against the grain and switched all 1,200 Contoso employees across nine continents to the cloud. After previously considering Google Apps, we were finally convinced to make the move when Google Docs began supporting the Corsiva font. I still can't find track changes in Docs, but now we can use Corsiva from anywhere, on any device. We decided against Microsoft® Office 365 beta, because we'd heard for years that beta software was too risky.

Before the switch our work maintaining IT systems was never done. Now it's easy. And when people still need Clippy, they can write TPS reports without attachments through Google Cloud Connect for Microsoft Office. We're still waiting for offline Docs, so in the meantime we're using TiSP to access the Internet in our remote locations and corporate jets.

Since moving to Gmail, HR violations and after-hours sharing of Rebecca Black videos have gone down by 76 percent thanks to Mail Goggles, and Old Snakey has doubled our IT satisfaction scores. Our teams are especially excited to start communicating more efficiently using body language alone with Gmail Motion.


Google Apps helps give our business the agility and fast decision-making of a startup, and now our parent company is considering the switch as well. We'll be sure to pay another visit here to share their story if they go all in.

Posted by Albert V. Leems, Chief Information Officer at Contoso
URL: http://googleenterprise.blogspot.com/2011/04/contoso-has-gone-google.html

[G] Geographic Stars Compete in the National Geographic Bee State Championships

Posted: 02 Apr 2011 01:02 PM PDT

Google LatLong: Geographic Stars Compete in the National Geographic Bee State Championships


Understanding the world around you is imperative, especially since technology has made it easier and fun to explore places you could, otherwise, only imagine. Being geographically literate helps you interpret the plethora of information that comes your way each day (and that's no joke)! Without the perspective of knowing where you are or where things happen, you can find it difficult to navigate your way through it all. That is why Google is excited and proud to sponsor the National Geographic Bee for the third year, which sparks student interest in geography.

Last fall, over four million students started preparing for the 2011 Bee. Today, the students who have progressed to the state bee level, will compete for one of the coveted 54 spots at the finals in Washington DC in May. It's not as simple as memorizing a list of capitals or identifying places on a map. These geographic black belts answer tough questions about human, environmental, physical, and regional geography.

The love of geography is a great asset for these students as they continue their education and careers. It might also lead them to a life of exploration and adventure. We asked a few famous explorers why geography is important to them and how they use Google Earth. Watch our Geography video below to hear their great insight:



We wish all of the competitors the best of luck!

Posted by Brian McClendon, VP of Engineering, Google Earth and Maps
URL: http://google-latlong.blogspot.com/2011/04/geographic-stars-compete-in-national.html

[G] Real-World Sightings, Now in Google Earth and Maps

Posted: 02 Apr 2011 01:02 PM PDT

Google LatLong: Real-World Sightings, Now in Google Earth and Maps

[Cross-posted from the Google SketchUp Blog]

Today we're premiering our new Real-World Sightings series on Google Earth and Google Maps. As part of this experiment, we've added 10 images to the map based on stories we've heard from our users. As is common with betas, we'll evaluate interest and engagement with this feature before determining future rollout plans.

It all started with a recent visit to my friend Nessie in Boston. As I crossed the bridge into town, the car in front of me stopped short so I slammed on the brakes. The cars next to me were also stopped, so I got out to see what was causing the back up.

There was a huge, red lobster sitting on the bridge.


He wasn't scared or hostile. In fact, he seemed quite amused as a few brave drivers navigated around his over-sized legs to successfully cross the bridge. Soon everyone's fear and alarm gave way to wonder and surprise.

As I made the journey under the giant crustacean's torso, I was reminded how much bigger the world is than we often realize. I made it to Nessie's place in Boston safely and got to thinking: the world must be full of magical stories like this.

My friends at Google agreed, and so we asked users from around the world to share stories of the strange and delightful things they've seen. We were surprised at how many reports we received, so today we're adding a new feature to Google Maps and Earth: Real-World Sightings. People have witnessed fantastical creatures in every corner of the globe, and in our effort to mirror the real world as completely as possible, we have decided to start including these eyewitness reports on the map.

So if you happen to run into a dragon or alien today in Google Earth (make sure you have 3D Buildings turned on) or Maps, don't be alarmed. Instead, we encourage you take a few minutes to look for other creatures that have been reported in places all across the world. We'll tweet some tips to help you get started finding these images on our Twitter handle @GoogleMaps, so follow along throughout the day to spot some fun things you may have thought only existed in legends and fairy tales!

Posted by Dave Barth, Product Manager
URL: http://google-latlong.blogspot.com/2011/04/real-world-sightings-now-in-google.html

[G] Who’s the next big thing on YouTube? You tell us

Posted: 02 Apr 2011 06:01 AM PDT

YouTube Blog: Who's the next big thing on YouTube? You tell us

Last month, we told you about two new programs to help connect aspiring YouTube Partners and creators with the tools, education, funding and promotion they need to turn their video creation hobbies into careers. The YouTube Creator Institute will send up-and-coming video producers to two of the US's leading film and television schools for an advanced 4-8 week program to train alongside industry leaders, helping them take their skills to the next level. And YouTube NextUp asked members of the YouTube Partner Program to make a video application outlining the future direction they'd like to take their content, with the strongest submissions receiving $35,000 in funding from YouTube and a spot at a special boot camp for them to learn new skills.



We're running these programs because we believe that the next superstars of music, film, comedy, animation, and whole new content genres are practicing their craft on YouTube today. Every day we come across extremely talented creators of all ages and from all walks of life, and we want to see them succeed and reach bigger audiences. We're also aware that you, the YouTube community, are often the best judges of talent! You've already made stars of people like MysterGuitarMan, the Annoying Orange, and Dave Days, and we want to ask you to help pick the next generation of leading creators.



The top-scoring eligible entries to the YouTube Creator Institute and YouTube NextUp have moved on to the public voting stage, and we're inviting you to go to youtube.com/creators to vote for the people you'd like to see advance to the final round.



On the voting site, you'll be able to review submissions from:

  • New types of vloggers

  • Claymation storytellers

  • Horror film afficianados

  • Budding musicians

  • Special effects pyromaniacs

  • And many more







We encourage you to judge the videos and creators based on their creativity, uniqueness, and potential to become a star. Of course, also think about what you'd like to see more of on YouTube! You can vote up to once a day for the creators you like from now until 5pm PT on April 8.



Top voted videos will move on to the final rounds of judging, and we'll keep you posted on the winners in the coming weeks.



Austin Lau, Partner Program Specialist, recently watched "The Coolest Extreme Skiing Dudes".


URL: http://feedproxy.google.com/~r/youtube/PKJx/~3/nADJ4c6EtDM/whos-next-big-thing-on-youtube-you-tell.html
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)