5
Jul
2024
The world’s oldest known evidence of storytelling through art
For the first time, take a virtual journey to the world’s oldest known painted picture, recently discovered in a cave in Sulawesi, Indonesia.
4
Jul
2024
Location Auto-migration Complete
What changed?
On 24 July 2023, we announced the auto-migration of location extensions to assets. For the majority of accounts, location extensions were automatically migrated to assets. This change was made to expand the variety of ways in which your l...
On 24 July 2023, we announced the auto-migration of location extensions to assets. For the majority of accounts, location extensions were automatically migrated to assets. This change was made to expand the variety of ways in which your l...
3
Jul
2024
Important policy updates for Early Access apps starting July 30, 2024
What’s changing To ensure organizations’ continued access to services, we're changing the way Early Access apps transition to Additional Google Services:Currently, when an Early Access app becomes an Additional Google Service, it is turned on or o...
2
Jul
2024
Adding a ‘missing’ grade state to Gradebook in Google Classroom
What’s changing In the last year, we’ve added new features, such as disabling submissions after a due date in Google Classroom and excusing assignments in Google Classroom, in order to give teachers even more flexibility when it comes to grading f...
2
Jul
2024
Announcing the Merchant API Beta, the new version of the Content API for Shopping
Today we're announcing the release of the Merchant API Beta. This is the newest version of the Content API for Shopping which comes with exciting new features. The Merchant API is a redesign of the Content API for Shopping which can help you showcase y...
2
Jul
2024
6 ways AI makes your Pixel even more helpful
Try these AI features to get the most out of your Pixel.
2
Jul
2024
Our 2024 Environmental Report
Our 2024 Environmental Report looks at our use of technology to drive environmental change and operate our business sustainably.
2
Jul
2024
Meet the students that are changing the world through technology
Meet the winners of this year’s Google for Developers Solution Challenge.
1
Jul
2024
Our investment to accelerate clean energy in Asia Pacific
We’re partnering with BlackRock to support a pipeline of new solar projects in Taiwan.
1
Jul
2024
Google Workspace Updates Weekly Recap – June 28, 2024
3 New updatesUnless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both&nb...
28
Jun
2024
#WeArePlay | 4 stories of founders building apps for the LGBTQIA+ community
Posted by Robbie McLachlan, Developer Marketing
#WeArePlay celebrates the inspiring journeys of people behind apps and games on Google Play. In honor of Pride Month, we are highlighting founders who have built tools to empower the LGBTQIA+ commun...
28
Jun
2024
Sustaining Digital Certificate Security – Entrust Certificate Distrust
Posted by Chrome Root Program, Chrome Security Team
Update (09/10/2024): In support of more closely aligning Chrome’s planned compliance action with a major release milestone (i.e., M131), blocking action will now begin on November 12, 2024. This post has been updated to reflect the date change. Website operators who will be impacted by the upcoming change can explore continuity options offered by Entrust. Entrust has expressed its commitment to continuing to support customer needs, and is best positioned to describe the available options for website operators. Learn more at Entrust’s TLS Certificate Information Center.
The Chrome Security Team prioritizes the security and privacy of Chrome’s users, and we are unwilling to compromise on these values.
The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to Chrome end users that exceeds the risk of their continued inclusion. It also describes many of the factors we consider significant when CA Owners disclose and respond to incidents. When things don’t go right, we expect CA Owners to commit to meaningful and demonstrable change resulting in evidenced continuous improvement.
Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner.
In response to the above concerns and to preserve the integrity of the Web PKI ecosystem, Chrome will take the following actions.
Upcoming change in Chrome 131 and higher:
TLS server authentication certificates validating to the following Entrust roots whose earliest Signed Certificate Timestamp (SCT) is dated after November 11, 2024 (11:59:59 PM UTC), will no longer be trusted by default.
CN=Entrust Root Certification Authority - EC1,OU=See www.entrust.net/legal-terms+OU=(c) 2012 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net
CN=Entrust Root Certification Authority,OU=www.entrust.net/CPS is incorporated by reference+OU=(c) 2006 Entrust, Inc.,O=Entrust, Inc.,C=US
CN=Entrust Root Certification Authority - G4,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=AffirmTrust Commercial,O=AffirmTrust,C=US
CN=AffirmTrust Networking,O=AffirmTrust,C=US
CN=AffirmTrust Premium,O=AffirmTrust,C=US
CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
TLS server authentication certificates validating to the above set of roots whose earliest SCT is on or before November 11, 2024 (11:59:59 PM UTC), will be unaffected by this change.This approach attempts to minimize disruption to existing subscribers using a recently announced Chrome feature to remove default trust based on the SCTs in certificates.
Additionally, should a Chrome user or enterprise explicitly trust any of the above certificates on a platform and version of Chrome relying on the Chrome Root Store (e.g., explicit trust is conveyed through a Group Policy Object on Windows), the SCT-based constraints described above will be overridden and certificates will function as they do today.
To further minimize risk of disruption, website operators are encouraged to review the “Frequently Asked Questions" listed below.
Why is Chrome taking action?
Certification Authorities (CAs) serve a privileged and trusted role on the Internet that underpin encrypted connections between browsers and websites. With this tremendous responsibility comes an expectation of adhering to reasonable and consensus-driven security and compliance expectations, including those defined by the CA/Browser TLS Baseline Requirements.
Over the past six years, we have observed a pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports. When these factors are considered in aggregate and considered against the inherent risk each publicly-trusted CA poses to the Internet ecosystem, it is our opinion that Chrome’s continued trust in Entrust is no longer justified.
When will this action happen?
Blocking action will begin on approximately November 12, 2024, affecting certificates issued at that point or later.
Blocking action will occur in Versions of Chrome 131 and greater on Windows, macOS, ChromeOS, Android, and Linux. Apple policies prevent the Chrome Certificate Verifier and corresponding Chrome Root Store from being used on Chrome for iOS.
What is the user impact of this action?
By default, Chrome users in the above populations who navigate to a website serving a certificate issued by Entrust or AffirmTrust after November 11, 2024 (11:59:59 PM UTC) will see a full page interstitial similar to this one.
Certificates issued by other CAs are not impacted by this action.
How can a website operator tell if their website is affected?
Website operators can determine if they are affected by this issue by using the Chrome Certificate Viewer.
Use the Chrome Certificate Viewer
Navigate to a website (e.g., https://www.google.com)
Click the “Tune" icon
Click “Connection is Secure"
Click “Certificate is Valid" (the Chrome Certificate Viewer will open)
Website owner action is not required, if the “Organization (O)” field listed beneath the “Issued By" heading does not contain “Entrust" or “AffirmTrust”.
Website owner action is required, if the “Organization (O)” field listed beneath the “Issued By" heading contains “Entrust" or “AffirmTrust”.
What does an affected website operator do?
We recommend that affected website operators transition to a new publicly-trusted CA Owner as soon as reasonably possible. To avoid adverse website user impact, action must be completed before the existing certificate(s) expire if expiry is planned to take place after November 11, 2024 (11:59:59 PM UTC).
While website operators could delay the impact of blocking action by choosing to collect and install a new TLS certificate issued from Entrust before Chrome’s blocking action begins on November 12, 2024, website operators will inevitably need to collect and install a new TLS certificate from one of the many other CAs included in the Chrome Root Store.
Can I test these changes before they take effect?
Yes.
A command-line flag was added beginning in Chrome 128 (available in Canary/Dev at the time of this post’s publication) that allows administrators and power users to simulate the effect of an SCTNotAfter distrust constraint as described in this blog post FAQ.
How to: Simulate an SCTNotAfter distrust1. Close all open versions of Chrome2. Start Chrome using the following command-line flag, substituting variables described below with actual values
--test-crs-constraints=$[Comma Separated List of Trust Anchor Certificate SHA256 Hashes]:sctnotafter=$[epoch_timestamp]
3. Evaluate the effects of the flag with test websites Example: The following command will simulate an SCTNotAfter distrust with an effective date of April 30, 2024 11:59:59 PM GMT for all of the Entrust trust anchors included in the Chrome Root Store. The expected behavior is that any website whose certificate is issued before the enforcement date/timestamp will function in Chrome, and all issued after will display an interstitial.
--test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,
43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,
6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,
73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,
DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,
0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,
0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,
70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,
BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423
:sctnotafter=1714521599
Illustrative Command (on Windows):
"C:\Users\User123\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423:sctnotafter=1714521599
Illustrative Command (on macOS):
"/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary" --test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423:sctnotafter=1714521599
Note: If copy and pasting the above commands, ensure no line-breaks are introduced.
Learn more about command-line flags here.
I use Entrust certificates for my internal enterprise network, do I need to do anything?
Beginning in Chrome 127, enterprises can override Chrome Root Store constraints like those described for Entrust in this blog post by installing the corresponding root CA certificate as a locally-trusted root on the platform Chrome is running (e.g., installed in the Microsoft Certificate Store as a Trusted Root CA).
How do enterprises add a CA as locally-trusted?
Customer organizations should defer to platform provider guidance.
What about other Google products?
Other Google product team updates may be made available in the future.
Update (09/10/2024): In support of more closely aligning Chrome’s planned compliance action with a major release milestone (i.e., M131), blocking action will now begin on November 12, 2024. This post has been updated to reflect the date change. Website operators who will be impacted by the upcoming change can explore continuity options offered by Entrust. Entrust has expressed its commitment to continuing to support customer needs, and is best positioned to describe the available options for website operators. Learn more at Entrust’s TLS Certificate Information Center.
The Chrome Security Team prioritizes the security and privacy of Chrome’s users, and we are unwilling to compromise on these values.
The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to Chrome end users that exceeds the risk of their continued inclusion. It also describes many of the factors we consider significant when CA Owners disclose and respond to incidents. When things don’t go right, we expect CA Owners to commit to meaningful and demonstrable change resulting in evidenced continuous improvement.
Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner.
In response to the above concerns and to preserve the integrity of the Web PKI ecosystem, Chrome will take the following actions.
Upcoming change in Chrome 131 and higher:
TLS server authentication certificates validating to the following Entrust roots whose earliest Signed Certificate Timestamp (SCT) is dated after November 11, 2024 (11:59:59 PM UTC), will no longer be trusted by default.
CN=Entrust Root Certification Authority - EC1,OU=See www.entrust.net/legal-terms+OU=(c) 2012 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net
CN=Entrust Root Certification Authority,OU=www.entrust.net/CPS is incorporated by reference+OU=(c) 2006 Entrust, Inc.,O=Entrust, Inc.,C=US
CN=Entrust Root Certification Authority - G4,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US
CN=AffirmTrust Commercial,O=AffirmTrust,C=US
CN=AffirmTrust Networking,O=AffirmTrust,C=US
CN=AffirmTrust Premium,O=AffirmTrust,C=US
CN=AffirmTrust Premium ECC,O=AffirmTrust,C=US
TLS server authentication certificates validating to the above set of roots whose earliest SCT is on or before November 11, 2024 (11:59:59 PM UTC), will be unaffected by this change.This approach attempts to minimize disruption to existing subscribers using a recently announced Chrome feature to remove default trust based on the SCTs in certificates.
Additionally, should a Chrome user or enterprise explicitly trust any of the above certificates on a platform and version of Chrome relying on the Chrome Root Store (e.g., explicit trust is conveyed through a Group Policy Object on Windows), the SCT-based constraints described above will be overridden and certificates will function as they do today.
To further minimize risk of disruption, website operators are encouraged to review the “Frequently Asked Questions" listed below.
Why is Chrome taking action?
Certification Authorities (CAs) serve a privileged and trusted role on the Internet that underpin encrypted connections between browsers and websites. With this tremendous responsibility comes an expectation of adhering to reasonable and consensus-driven security and compliance expectations, including those defined by the CA/Browser TLS Baseline Requirements.
Over the past six years, we have observed a pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports. When these factors are considered in aggregate and considered against the inherent risk each publicly-trusted CA poses to the Internet ecosystem, it is our opinion that Chrome’s continued trust in Entrust is no longer justified.
When will this action happen?
Blocking action will begin on approximately November 12, 2024, affecting certificates issued at that point or later.
Blocking action will occur in Versions of Chrome 131 and greater on Windows, macOS, ChromeOS, Android, and Linux. Apple policies prevent the Chrome Certificate Verifier and corresponding Chrome Root Store from being used on Chrome for iOS.
What is the user impact of this action?
By default, Chrome users in the above populations who navigate to a website serving a certificate issued by Entrust or AffirmTrust after November 11, 2024 (11:59:59 PM UTC) will see a full page interstitial similar to this one.
Certificates issued by other CAs are not impacted by this action.
How can a website operator tell if their website is affected?
Website operators can determine if they are affected by this issue by using the Chrome Certificate Viewer.
Use the Chrome Certificate Viewer
Navigate to a website (e.g., https://www.google.com)
Click the “Tune" icon
Click “Connection is Secure"
Click “Certificate is Valid" (the Chrome Certificate Viewer will open)
Website owner action is not required, if the “Organization (O)” field listed beneath the “Issued By" heading does not contain “Entrust" or “AffirmTrust”.
Website owner action is required, if the “Organization (O)” field listed beneath the “Issued By" heading contains “Entrust" or “AffirmTrust”.
What does an affected website operator do?
We recommend that affected website operators transition to a new publicly-trusted CA Owner as soon as reasonably possible. To avoid adverse website user impact, action must be completed before the existing certificate(s) expire if expiry is planned to take place after November 11, 2024 (11:59:59 PM UTC).
While website operators could delay the impact of blocking action by choosing to collect and install a new TLS certificate issued from Entrust before Chrome’s blocking action begins on November 12, 2024, website operators will inevitably need to collect and install a new TLS certificate from one of the many other CAs included in the Chrome Root Store.
Can I test these changes before they take effect?
Yes.
A command-line flag was added beginning in Chrome 128 (available in Canary/Dev at the time of this post’s publication) that allows administrators and power users to simulate the effect of an SCTNotAfter distrust constraint as described in this blog post FAQ.
How to: Simulate an SCTNotAfter distrust1. Close all open versions of Chrome2. Start Chrome using the following command-line flag, substituting variables described below with actual values
--test-crs-constraints=$[Comma Separated List of Trust Anchor Certificate SHA256 Hashes]:sctnotafter=$[epoch_timestamp]
3. Evaluate the effects of the flag with test websites Example: The following command will simulate an SCTNotAfter distrust with an effective date of April 30, 2024 11:59:59 PM GMT for all of the Entrust trust anchors included in the Chrome Root Store. The expected behavior is that any website whose certificate is issued before the enforcement date/timestamp will function in Chrome, and all issued after will display an interstitial.
--test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,
43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,
6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,
73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,
DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,
0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,
0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,
70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,
BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423
:sctnotafter=1714521599
Illustrative Command (on Windows):
"C:\Users\User123\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423:sctnotafter=1714521599
Illustrative Command (on macOS):
"/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary" --test-crs-constraints=02ED0EB28C14DA45165C566791700D6451D7FB56F0B2AB1D3B8EB070E56EDFF5,43DF5774B03E7FEF5FE40D931A7BEDF1BB2E6B42738C4E6D3841103D3AA7F339,6DC47172E01CBCB0BF62580D895FE2B8AC9AD4F873801E0C10B9C837D21EB177,73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C,DB3517D1F6732A2D5AB97C533EC70779EE3270A62FB4AC4238372460E6F01E88,0376AB1D54C5F9803CE4B2E201A0EE7EEF7B57B636E8A93C9B8D4860C96F5FA7,0A81EC5A929777F145904AF38D5D509F66B5E2C58FCDB531058B0E17F3F0B41B,70A73F7F376B60074248904534B11482D5BF0E698ECC498DF52577EBF2E93B9A,BD71FDF6DA97E4CF62D1647ADD2581B07D79ADF8397EB4ECBA9C5E8488821423:sctnotafter=1714521599
Note: If copy and pasting the above commands, ensure no line-breaks are introduced.
Learn more about command-line flags here.
I use Entrust certificates for my internal enterprise network, do I need to do anything?
Beginning in Chrome 127, enterprises can override Chrome Root Store constraints like those described for Entrust in this blog post by installing the corresponding root CA certificate as a locally-trusted root on the platform Chrome is running (e.g., installed in the Microsoft Certificate Store as a Trusted Root CA).
How do enterprises add a CA as locally-trusted?
Customer organizations should defer to platform provider guidance.
What about other Google products?
Other Google product team updates may be made available in the future.
27
Jun
2024
Virtual Escape; Real Reward: Introducing Google’s kvmCTF
Marios Pomonis, Software EngineerGoogle is committed to enhancing the security of open-source technologies, especially those that make up the foundation for many of our products, like Linux and KVM. To this end we are excited to announce the launch of ...
27
Jun
2024
How device tokens keep your payment cards safe in Google Wallet
We’re breaking down device tokens: what they are, how they work and why they make digital payments safer.
27
Jun
2024
Gemma 2 is now available to researchers and developers
Gemma 2, our next generation of open models, is now available globally for researchers and developers.
27
Jun
2024
110 new languages are coming to Google Translate
Google Translate adds 110 new languages using AI, breaking down communication barriers for millions around the world.
27
Jun
2024
Add up to 500,000 members to spaces in Google Chat
What’s changingShortly after introducing announcements in Google Chat last year, we increased the number of users you can add to a space from 8,000 to 50,000. To provide greater flexibility and inclusiveness for larger organizations, we’re excited to a...
26
Jun
2024
5 new Chrome features to help you search on mobile
We’re making it easier to search in Chrome on iOS and Android with shortcut suggestions, live sports cards and more.
26
Jun
2024
Play the I/O Crossword, an AI twist on the classic word game
How Googlers used Gemini to build the Crossword puzzle, showing developers what’s possible with generative AI.
26
Jun
2024
Improving calculation speed in Google Sheets
What’s changingWe recently announced the latest advancements in Sheets, including that we’ve doubled the speed of calculation in Google Sheets on Google Chrome and Microsoft Edge browsers. This update can improve the speed of actions like formulas, piv...
26
Jun
2024
Our testimony to the California Senate Judiciary Committee on the California Journalism Preservation Act
Testimony to the California Senate Judiciary Committee on June 25, 2024 by Jaffer Zaidi, Google VP of Global News Partnerships.
26
Jun
2024
Four ways Google Analytics delivers actionable insights for your business
New features in Google Analytics allow you to make better business decisions despite a continuously changing measurement landscape.
26
Jun
2024
Maisie from Washington, D.C. is our 2024 Doodle for Google winner
Today we’re announcing the 2024 Doodle for Google national winner.
26
Jun
2024
Go Bananas with Illumination’s Despicable Me 4 on Waze
Check out Waze’s latest driving experience with Despicable Me 4.
26
Jun
2024
Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024
Today we are sharing updated insights about DRAGONBRIDGE, the most prolific IO actor Google’s Threat Analysis Group (TAG) tracks.
26
Jun
2024
7 principles for getting AI regulation right
Today we're sharing 7 principles for responsible AI regulation, and endorsing 5 bills in Congress.
26
Jun
2024
Additional admin space management capabilities in Google Chat API are now available in Developer Preview Program
What’s changing We recently announced several new features for the Google Chat API that enable admins to manage spaces at scale. These features include the ability to audit spaces, delete inactive spaces in bulk, and more. Today, we’re please...
25
Jun
2024
Grading periods API for Google Classroom is now available in Developer Preview
What’s changingLast year, we introduced grading periods, an option that allows administrators and teachers to define and apply grading periods segmented from the entire school year to their Google Classroom assignments. Today, we’re excited to ann...
25
Jun
2024
Introducing Colab Pro and Colab Pro+ for Google Workspace
What’s changingCurrently, Google Workspace admins can turn Colab on for their users, allowing them to access the free version of Colab. Beginning today, we’re pleased to announce the Colab Pro and Colab Pro+ standalone subscriptions for Google Wo...
25
Jun
2024
Introducing the 2024 Google for Startups Founders Funds recipients
AI can enable startups to build transformative products and solve complex challenges, but founders need access to capital to realize this potential. Through the Google f…
25
Jun
2024
Hacking for Defenders: approaches to DARPA’s AI Cyber Challenge
Oliver Chang, Jonathan Metzman, OSS-Fuzz and Alex Rebert, Security EngineeringThe US Defense Advanced Research Projects Agency, DARPA, recently kicked off a two-year AI Cyber Challenge (AIxCC), inviting top AI and cybersecurity experts to design new AI...
25
Jun
2024
Celebrating 15 Years of the Acropolis Museum
Today the Acropolis Museum marks its 15th anniversary in collaboration with Google Arts & Culture.
25
Jun
2024
Bringing our Learning Interoperability Tools under one umbrella: Google Workspace LTI™
What’s changing Going forward, all Learning Interoperability Tools, including Assignments LTI™, and Google Drive LTI™, will be consolidated into a single category: Google Workspace LTI™. There are no functionality changes with this update, but you...
24
Jun
2024
Gemini in the side panel of Google Docs, Google Sheets, Google Slides, and Google Drive is rolling out now
What’s changingWe’re pleased to announce the general availability of Gemini in the side panel of Docs, Sheets, Slides, and Drive. Through the side panel, Gemini can assist you with summarizing, analyzing, and generating content by utilizing insights ga...
24
Jun
2024
Gemini in the side panel of Gmail is rolling out now
What’s changingIn addition to the recent announcement of Gemini in the side panel of Google Docs, Google Sheets, Google Slides, and Drive, we’re excited to introduce the general availability of Gemini in the Gmail side panel. Built to leverage Google’s...
24
Jun
2024
How we created our Google AI Essentials course
Learn more about how (and why) we created our Google AI Essentials course.
24
Jun
2024
4 ways to find great prices on Google during summer sales
Get ready to shop summer sales on Google with an updated deals destination, a new feature that compares membership pricing and more.
24
Jun
2024
#WeArePlay celebrates app and game founders from Australia
#WeArePlay celebrates Australian app and game founders of all sizes
24
Jun
2024
#WeArePlay | Meet the people creating apps and games in Australia
Posted by Robbie McLachlan – Developer Marketing
Last year #WeArePlay went on a virtual tour of India, Europe and Japan to spotlight the stories of app and game founders. Today, we’re continuing our tour across the world with our next stop: Austr...
24
Jun
2024
Manage access to eSignature in Google Workspace
What’s changingStarting today, the admin control for Google Workspace’s eSignature feature is live for select Google Workspace editions. Admins can control users’ ability to request signatures before eSignature rolls out to end users in the coming week...
24
Jun
2024
Google Classroom add-ons now generally available to Google Workspace developers
What’s changingIn 2022, we made it easy to seamlessly access popular Education Technology tools directly in Google Classroom. We partnered with 20+ EdTech companies, including Kahoot!, Pear Deck, IXL, ReadWorks, and Nearpod, to build Google Classroom a...
24
Jun
2024
New AI tools for Google Workspace for Education
Google is responsibly bringing Gemini to teen students using their school accounts to help them learn confidently and empowering educators to enhance their impact with A…
24
Jun
2024
Updates on how we’re using AI to support students and educators
New features from Google for Education, including Gemini for teens and Chromebook Plus.
24
Jun
2024
Google Workspace Updates Weekly Recap – June 21, 2024
3 New updatesUnless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both&nb...
21
Jun
2024
Improved syncing experience between Google Calendar and third-party calendars
What’s changingWe’re pleased to introduce an improved email notification experience for those who are using third-party calendar services—like Outlook—to collaborate with Google Calendar users. Specifically, this update improves the accuracy of Google ...
21
Jun
2024
How to use Gemini to pack for your next trip
Does packing for holiday stress you out? Learn how to use Gemini to help you with your holiday preparation.
21
Jun
2024
How governments can help deploy digital solutions for climate action
Our new report looks at how policymakers can leverage technology to accelerate climate solutions — particularly in developing markets.
21
Jun
2024
Google Meet adds 52 new languages to translated captions and 11 more languages for closed captions
What’s changingFor all Google Workspace customers and users with personal accounts, we’ve expanded support for closed captioning to include the following languages in beta*, bringing the total language count to 87: Azerbaijani Czech Gree...
20
Jun
2024
Our latest efforts to help California’s monarch butterflies
Google has helped restore and enhance more than 750 acres of monarch butterfly and pollinator habitat across California.
20
Jun
2024
Create interactive YouTube assignments in Google Classroom more quickly and efficiently, with the help of AI
What’s changingLast year, we introduced interactive questions for YouTube videos in Google Classroom. Since then, educators have been able to turn a passive watching experience into an engaging one, while improving students’ understanding of a subject....
20
Jun
2024
Staying Safe with Chrome Extensions
Posted by Benjamin Ackerman, Anunoy Ghosh and David Warren, Chrome Security Team
Chrome extensions can boost your browsing, empowering you to do anything from customizing the look of sites to providing personalized advice when you’re planning a vacation. But as with any software, extensions can also introduce risk.
That’s why we have a team whose only job is to focus on keeping you safe as you install and take advantage of Chrome extensions. Our team:
Provides you with a personalized summary of the extensions you’ve installed
Reviews extensions before they’re published on the Chrome Web Store
Continuously monitors extensions after they’re published
A summary of your extensions
The top of the extensions page (chrome://extensions) warns you of any extensions you have installed that might pose a security risk. (If you don’t see a warning panel, you probably don’t have any extensions you need to worry about.) The panel includes:
Extensions suspected of including malware
Extensions that violate Chrome Web Store policies
Extensions that have been unpublished by a developer, which might indicate that an extension is no longer supported
Extensions that aren’t from the Chrome Web Store
Extensions that haven’t published what they do with data they collect and other privacy practices
You’ll get notified when Chrome’s Safety Check has recommendations for you or you can check on your own by running Safety Check. Just type “run safety check” in Chrome’s address bar and select the corresponding shortcut: “Go to Chrome safety check.”
User flow of removing extensions highlighted by Safety Check.
Besides the Safety Check, you can visit the extensions page directly in a number of ways:
Navigate to chrome://extensions
Click the puzzle icon and choose “Manage extensions”
Click the More choices menu and choose menu > Extensions > Manage Extensions
Reviewing extensions before they’re published
Before an extension is even accessible to install from the Chrome Web Store, we have two levels of verification to ensure an extension is safe:
An automated review: Each extension gets examined by our machine-learning systems to spot possible violations or suspicious behavior.
A human review: Next, a team member examines the images, descriptions, and public policies of each extension. Depending on the results of both the automated and manual review, we may perform an even deeper and more thorough review of the code.
This review process weeds out the overwhelming majority of bad extensions before they even get published. In 2024, less than 1% of all installs from the Chrome Web Store were found to include malware. We're proud of this record and yet some bad extensions still get through, which is why we also monitor published extensions.
Monitoring published extensions
The same Chrome team that reviews extensions before they get published also reviews extensions that are already on the Chrome Web Store. And just like the pre-check, this monitoring includes both human and machine reviews. We also work closely with trusted security researchers outside of Google, and even pay researchers who report possible threats to Chrome users through our Developer Data Protection Rewards Program.
What about extensions that get updated over time, or are programmed to execute malicious code at a later date? Our systems monitor for that as well, by periodically reviewing what extensions are actually doing and comparing that to the stated objectives defined by each extension in the Chrome Web Store.
If the team finds that an extension poses a severe risk to Chrome users, it’s immediately remove from the Chrome Web Store and the extension gets disabled on all browsers that have it installed.The extensions page highlights when you have a potentially unsafe extension downloaded
Others steps you can take to stay safe
Review new extensions before installing them
The Chrome Web Store provides useful information about each extension and its developer. The following information should help you decide whether it’s safe to install an extension:
Verified and featured badges are awarded by the Chrome team to extensions that follow our technical best practices and meet a high standard of user experience and design
Ratings and reviews from our users
Information about the developer
Privacy practices, including information about how an extension handles your data
Be careful of sites that try to quickly persuade you to install extensions, especially if the site has little in common with the extension.
Review extensions you’ve already installed
Even though Safety Check and your Extensions page (chrome://extensions) warn you of extensions that might pose a risk, it’s still a good idea to review your extensions from time to time.
Uninstall extensions that you no longer use.
Review the description of an extension in the Chrome Web Store, considering the extension’s ratings, reviews, and privacy practices — reviews can change over time.
Compare an extension’s stated goals with 1) the permissions requested by an extension and 2) the privacy practices published by the extension. If requested permissions don’t align with stated goals, consider uninstalling the extension.
Limit the sites an extension has permission to work on.
Enable Enhanced Protection
The Enhanced protection mode of Safe Browsing is Chrome’s highest level of protection that we offer. Not only does this mode provide you with the best protections against phishing and malware, but it also provides additional features targeted to keep you safe against potentially harmful extensions. Threats are constantly evolving and Safe Browsing’s Enhanced protection mode is the best way to ensure that you have the most advanced security features in Chrome. This can be enabled from the Safe Browsing settings page in Chrome (chrome://settings/security) and selecting “Enhanced”.
Chrome extensions can boost your browsing, empowering you to do anything from customizing the look of sites to providing personalized advice when you’re planning a vacation. But as with any software, extensions can also introduce risk.
That’s why we have a team whose only job is to focus on keeping you safe as you install and take advantage of Chrome extensions. Our team:
Provides you with a personalized summary of the extensions you’ve installed
Reviews extensions before they’re published on the Chrome Web Store
Continuously monitors extensions after they’re published
A summary of your extensions
The top of the extensions page (chrome://extensions) warns you of any extensions you have installed that might pose a security risk. (If you don’t see a warning panel, you probably don’t have any extensions you need to worry about.) The panel includes:
Extensions suspected of including malware
Extensions that violate Chrome Web Store policies
Extensions that have been unpublished by a developer, which might indicate that an extension is no longer supported
Extensions that aren’t from the Chrome Web Store
Extensions that haven’t published what they do with data they collect and other privacy practices
You’ll get notified when Chrome’s Safety Check has recommendations for you or you can check on your own by running Safety Check. Just type “run safety check” in Chrome’s address bar and select the corresponding shortcut: “Go to Chrome safety check.”
User flow of removing extensions highlighted by Safety Check.
Besides the Safety Check, you can visit the extensions page directly in a number of ways:
Navigate to chrome://extensions
Click the puzzle icon and choose “Manage extensions”
Click the More choices menu and choose menu > Extensions > Manage Extensions
Reviewing extensions before they’re published
Before an extension is even accessible to install from the Chrome Web Store, we have two levels of verification to ensure an extension is safe:
An automated review: Each extension gets examined by our machine-learning systems to spot possible violations or suspicious behavior.
A human review: Next, a team member examines the images, descriptions, and public policies of each extension. Depending on the results of both the automated and manual review, we may perform an even deeper and more thorough review of the code.
This review process weeds out the overwhelming majority of bad extensions before they even get published. In 2024, less than 1% of all installs from the Chrome Web Store were found to include malware. We're proud of this record and yet some bad extensions still get through, which is why we also monitor published extensions.
Monitoring published extensions
The same Chrome team that reviews extensions before they get published also reviews extensions that are already on the Chrome Web Store. And just like the pre-check, this monitoring includes both human and machine reviews. We also work closely with trusted security researchers outside of Google, and even pay researchers who report possible threats to Chrome users through our Developer Data Protection Rewards Program.
What about extensions that get updated over time, or are programmed to execute malicious code at a later date? Our systems monitor for that as well, by periodically reviewing what extensions are actually doing and comparing that to the stated objectives defined by each extension in the Chrome Web Store.
If the team finds that an extension poses a severe risk to Chrome users, it’s immediately remove from the Chrome Web Store and the extension gets disabled on all browsers that have it installed.The extensions page highlights when you have a potentially unsafe extension downloaded
Others steps you can take to stay safe
Review new extensions before installing them
The Chrome Web Store provides useful information about each extension and its developer. The following information should help you decide whether it’s safe to install an extension:
Verified and featured badges are awarded by the Chrome team to extensions that follow our technical best practices and meet a high standard of user experience and design
Ratings and reviews from our users
Information about the developer
Privacy practices, including information about how an extension handles your data
Be careful of sites that try to quickly persuade you to install extensions, especially if the site has little in common with the extension.
Review extensions you’ve already installed
Even though Safety Check and your Extensions page (chrome://extensions) warn you of extensions that might pose a risk, it’s still a good idea to review your extensions from time to time.
Uninstall extensions that you no longer use.
Review the description of an extension in the Chrome Web Store, considering the extension’s ratings, reviews, and privacy practices — reviews can change over time.
Compare an extension’s stated goals with 1) the permissions requested by an extension and 2) the privacy practices published by the extension. If requested permissions don’t align with stated goals, consider uninstalling the extension.
Limit the sites an extension has permission to work on.
Enable Enhanced Protection
The Enhanced protection mode of Safe Browsing is Chrome’s highest level of protection that we offer. Not only does this mode provide you with the best protections against phishing and malware, but it also provides additional features targeted to keep you safe against potentially harmful extensions. Threats are constantly evolving and Safe Browsing’s Enhanced protection mode is the best way to ensure that you have the most advanced security features in Chrome. This can be enabled from the Safe Browsing settings page in Chrome (chrome://settings/security) and selecting “Enhanced”.
20
Jun
2024
3 fun experiments to try for your next Android app, using Google AI Studio
Posted by Paris Hsu – Product Manager, Android Studio
We shared an exciting live demo from the Developer Keynote at Google I/O 2024 where Gemini transformed a wireframe sketch of an app's UI into Jetpack Compose code, directly within Android Stud...
20
Jun
2024
External users can now securely collaborate on client-side encrypted files
What’s changingWe’re expanding visitor sharing, a feature that provides secure, pincode-based collaboration over sensitive data with people, to include client-side encrypted files. This allows users to securely collaborate with external partners on sen...
20
Jun
2024
Help your students learn to read with Read Along in Classroom
What’s changingIn 2019, we launched Read Along as an Android reading app to help young readers have fun while learning to read. Read Along has an in-app reading buddy who guides readers along as they read aloud, offering assistance when they struggle, ...
20
Jun
2024
Search Central Live Bangkok 2024
We're coming back to Thailand with Search Central Live! As mentioned in our blog post about our APAC plans for SCL, we now have a date and a site where you can sign up for a chance to secure your spot at Search Central Live Bangkok 2024.
20
Jun
2024
The AI Era: Expanding marketing and creative potential
How generative AI will enhance creativity and performance for marketers to unlock an infinite universe of ideas.
19
Jun
2024
Insert images into practice sets in Google Classroom
What’s changingSince adding practice sets to Google Classroom in 2023, we’ve made numerous improvements such as giving teachers more control over the resources for students in practice sets and adding the option to convert Google Forms into practice se...
18
Jun
2024
The Third Beta of Android 15
Posted by Matthew McCullough – VP of Product Management, Android Developer
Today's Android 15 Beta 3 release takes Android 15 to Platform Stability, which means that the developer APIs and all app-facing behaviors are now final for you to revi...
18
Jun
2024
3 must-know updates from Google Play at I/O ’24
Posted by Nick Sharma – Product Manager, Google Play
At Google Play, we’re passionate about helping people discover experiences they’ll love while empowering developers like you to bring your ideas to life and build successful businesses. At this...
18
Jun
2024