Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

Latest articles

How the Atheris Python Fuzzer Works

Posted by Ian Eldred Pudney, Google Information Security On Friday, we announced that we’ve released the Atheris Python fuzzing engine as open source. In this post, we’ll briefly talk about its origins, and then go into lots more detail on how it works.The Origin Story Every year since 2013, Google has held a “Fuzzit”, an internal event where Googlers...

Announcing Bonus Rewards for V8 Exploits

Posted by Martin Barbella, Chrome Vulnerability Rewards PanelistStarting today, the Chrome Vulnerability Rewards Program is offering a new bonus for reports which demonstrate exploitability in V8, Chrome’s JavaScript engine. We have historically had many great V8 bugs reported (thank you to all of our reporters!) but we'd like to know more about the...

OpenTitan at One Year: the Open Source Journey to Secure Silicon

Posted by Dominic Rizzo, OpenTitan Lead, Google During the past year, OpenTitan has grown tremendously as an open source project and is on track to provide transparent, trustworthy, and cost-free security to the broader silicon ecosystem. OpenTitan, the industry’s first open source silicon root of trust, has rapidly increased engineering contributions,...

Improving open source security during the Google summer internship program

Posted by the Information Security Engineering team at Google Every summer, Google’s Information Security Engineering (ISE) team hosts a number of interns who work on impactful projects to help improve security at Google. This year was no different—well, actually it was a little bit different because internships went virtual. But our dedication to...

Fostering research on new web security threats

Posted by Artur Janc and terjanq, Information Security Engineers The web is an ecosystem built on openness and composability. It is an excellent platform for building capable applications, and it powers thousands of services created and maintained by engineers at Google that are depended on by billions of users. However, the web's open design also...

Announcing our open source security key test suite

Posted by Fabian Kaczmarczyck, Software Engineer, Jean-Michel Picod, Software Engineer and Elie Bursztein, Security and Anti-abuse Research LeadSecurity keys and your phone’s built-in security keys are reshaping the way users authenticate online. These technologies are trusted by a growing number of websites to provide phishing-resistant two-factor...

Privacy-preserving features in the Mobile Driving License

Posted by David Zeuthen, Shawn Willden and René Mayrhofer, Android Security and Privacy team In the United States and other countries a Driver's License is not only used to convey driving privileges, it is also commonly used to prove identity or personal details. Presenting a Driving License is simple, right? You hand over the card to the individual...

Fuzzing internships for Open Source Software

Posted by Abhishek Arya, Chrome Security teamOpen source software is the foundation of many modern software products. Over the years, developers increasingly have relied on reusable open source components for their applications. It is paramount that these open source components are secure and reliable, as weaknesses impact those that build upon it....

Privacy-Preserving Smart Input with Gboard

Posted by Yang Lu, Software Engineer, Angana Ghosh, Group Product Manager, and Xu Liu, Director of Engineering, Gboard team Google Keyboard (a.k.a Gboard) has a critical mission to provide frictionless input on Android to empower users to communicate accurately and express themselves effortlessly. In order to accomplish this mission, Gboard must also...

New Password Protections (and more!) in Chrome

Posted by AbdelKarim Mardini, Senior Product Manager, Chrome Passwords are often the first line of defense for our digital lives. Today, we’re improving password security on both Android and iOS devices by telling you if the passwords you’ve asked Chrome to remember have been compromised, and if so, how to fix them. To check whether you have any compromised...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!