Information Technology

Kerry Wan/ZDNETA new security feature from Google means that Android devices might soon start rebooting automatically — and that’s not a bad thing. In a recent Google Play Services update, Google details how your Android phone will soon reboot if you haven’t used it for three consecutive days. How reboots helpThis is important for two reasons. The first is because, to open a phone after a reboot, you must enter a PIN — no biometrics or other method of unlocking. PIN-only access means the phone, and the data on it, is harder to access for anyone with bad intentions. If you’re one of the people using a phone without any sort of unlock protection, this is a significant layer of security.Also: Why rebooting your phone daily is your best defense against zero-click attacksThe second reason is a little more technical, but just as important. Mobile phones have two lock states: Before first lock (BFU) and after first lock (AFU). In BFU, information and files on a phone are securely encrypted and completely inaccessible, even with complex extraction programs. This also means that authorities who have seized a phone as evidence, such as local law enforcement or the FBI, will have a shorter window of time to access the device before it becomes much more difficult.Also: Biometrics vs. passcodes: What lawyers recommend if you’re worried about warrantless phone searchesA BFU phone remains connected to Wi-Fi or mobile data, meaning that if you lose your phone and it reboots, you’ll still be able to use location-finding services. Apple introduced a similar feature for iPhones last year. More

<!–> ZDNET’s key takeaways These are tough, water- and dirt-resistant AirTag holders that will last years They go a long way to preventing bad guys from removing your AirTags from secured items They work on everything from suitcases, camera bags, jackets, and even your cat or dog! –> I’ve mentioned more than once my undying […] More

hh5800/Getty Images Do you sometimes feel stuck in a Catch-22 regarding your long-term credential management strategy? You are. On the one hand, if the tech industry has its way — to abolish all passwords and replace them with passkeys — users will eventually have almost no choice but to rely on password managers for signing […] More

ZDNETScammers are always looking to exploit the tools and technologies we use to steal our personal information, money, or both. That’s why companies like Google must defend us from hackers, security threats, and other hazards. It is also why we must take responsibility for our own security. In a blog post published Thursday, Google explains how it thwarts online scams across key products and how we can protect ourselves. Google’s scam detection systemWith the largest share of the search engine market, Google uses AI to detect hundreds of millions of malicious and suspicious search results each day. With the help of AI, the company said its scam detection system has been able to catch 20 times more scammy pages than before. Specifically, the latest advancements in AI help Google analyze more text on the web, identify scam campaigns, and detect emerging threats to its search page.Also: Multimodal AI poses new safety risks, creates CSEM and weapons infoAs one example cited in the blog post, Google has seen a significant increase in attackers impersonating airline customer service providers. With this scam prevalent, travelers who search Google for airline customer service may be taken to a malicious phone number where the scammer tries to capture their personal information. Thanks to AI, the company has been able to reduce the number of such scams by more than 80%. Chrome is another Google product that offers enhanced security protection. Its Enhanced Protection mode in Safe Browsing is its highest level of defense, offering tighter security than Standard Protection mode. Now, AI makes that security even stronger.Gemini Nano, Google’s on-device large language model (LLM) on the desktop, serves up instant analysis on risky and scammy websites, protecting users against new scams not seen before. As one example, Gemini Nano is helping to thwart remote tech support scams, one of the largest online threats. As the next step, Google wants to extend this protection to Android devices.Also: Why Google seems to be losing its iron grip on search – and what I use now insteadAnother way scammers try to pull off an attack is by sending you a host of notifications from malicious websites. To address that threat, Google is kicking off new AI-powered warnings in Chrome for Android. If the AI detects a scammy notification, the content is blocked, and you’ll receive an alert with an option to unsubscribe, view the blocked content, or allow future notifications from that site if you think the warning was a false positive. More

Kerry Wan/ZDNETSince 2014, Google’s Chromecast has been an affordable means for helping viewers turn their older model TVs into smart TVs, allowing them to stream content from their phones, tablets, and computers to a bigger screen. Also: Your Google TV just got a useful feature upgrade for free, and smart home users will love itAlas, the era of the Chromecast has come to an end. Google is replacing it with the Google TV Streamer, promising a faster processor, Thread and Matter integration, and the ability to summarize TV episodes or whole seasons, among other new tricks.But that doesn’t mean the Chromecast is obsolete yet; in fact, Google has promised to continue providing software and security updates for now. I found a number of cool things anyone can do with their trusty Chromecast that most users are unaware of. More

Kerry Wan/ZDNETIf you’re a T-Mobile customer — or were back in 2021 — you might have a check showing up in your mailbox soon.In 2021, the mobile carrier suffered a massive data breach that affected around 76 million customers (this isn’t related to the 2023 breach that affected 37 million people). T-Mobile denied any wrongdoing but agreed to settle a lawsuit about the breach out of court. Four years later, affected customers are getting compensation. Payments were supposed to start in April, but T-Mobile recently updated its settlement site to read “Due to unexpected delays, we now expect the distribution of settlement payments to begin in May 2025.”Also: I clicked on four sneaky online scams on purpose – to show you how they workIf you suffered financial loss from the incident, you might receive up to $25,000. If you didn’t suffer any loss, even if you didn’t file a claim in the suit, you can receive up to $25 (except California residents, who will receive up to $100). While those are the maximum amounts, a quick crunch of the numbers — a $350 million settlement divided between 76 million people — works out to about $4.50 a person, and that’s before attorney fees.  More

Kerry Wan/ZDNETIf you’re a T-Mobile customer — or were back in 2021 — you might have a check showing up in your mailbox soon.In 2021, the mobile carrier suffered a massive data breach that affected around 76 million customers (this isn’t related to the 2023 breach that affected 37 million people). T-Mobile denied any wrongdoing but agreed to settle a lawsuit about the breach out of court. Four years later, affected customers are getting compensation. Payments were supposed to start in April, but T-Mobile recently updated its settlement site to read “Due to unexpected delays, we now expect the distribution of settlement payments to begin in May 2025.”Also: I clicked on four sneaky online scams on purpose – to show you how they workIf you suffered financial loss from the incident, you might receive up to $25,000. If you didn’t suffer any loss, even if you didn’t file a claim in the suit, you can receive up to $25 (except California residents, who will receive up to $100). While those are the maximum amounts, a quick crunch of the numbers — a $350 million settlement divided between 76 million people — works out to about $4.50 a person, and that’s before attorney fees.  More

Elyse Betters Picaro / ZDNETDo you ever use “123456,” “admin,” or “password” as the password for a personal or work account? If so, you’re unfortunately not alone and are placing yourself and your employer at risk. Also: 10 passkey survival tips: Prepare for your passwordless future nowPublished last Friday by security news and research outlet Cybernews, a new study of more than 19 billion leaked passwords shows that people still rely on patterns that leave them vulnerable to attack and compromise. For the study, Cybernews looked at credentials leaked from 200 different incidents over the past 12 months. Using various cyber intelligence tools, the outlet was able to determine such factors as password length, character composition, and the use of special characters and numbers.The most common (and lazy) passwords still in useBased on the analysis, lazy passwords such as “1234,” “123456,” “password,” and “admin” are still quite common. Cybernews found “1234” in almost 4% of passwords, more than 727 million. With two extra digits, “123456” appeared in 338 million passwords. Both “password” and “123456” have been among the most popular passwords since at least 2011. Also: Why multi-factor authentication is absolutely essential in 2025 More