恶心头晕是什么症状
|
感冒喉咙痛吃什么药好
|
耳朵发痒是什么原因
|
喉咙痛上火吃什么药效果最好
|
uspoloassn是什么牌子
|
2001是什么年
|
吃鹅蛋有什么好处
|
中午吃什么饭 家常菜
|
桂枝和肉桂有什么区别
|
智能眼镜有什么功能
|
喝冰糖水有什么好处和坏处
|
伏羲是什么意思
|
什么样的红点是白血病
|
翻白草长什么样
|
为什么会得麦粒肿
|
棱长是什么意思
|
11月生日是什么星座
|
大象的鼻子为什么那么长
|
人脉是什么意思
|
得道是什么意思
|
扁桃和芒果有什么区别
|
男大三后面一句是什么
|
梦见买馒头是什么意思
|
长痘是什么原因
|
蚊子怕什么气味
|
关节疼挂什么科
|
桂圆补什么
|
甲减是什么
|
鱼蛋是什么
|
先天是什么意思
|
abo是什么
|
伏天吃羊肉有什么好处
|
女生右手中指戴戒指什么意思
|
主动脉夹层a型是什么病
|
类风湿吃什么食物好
|
谷草转氨酶偏低是什么意思
|
藏蓝色是什么颜色
|
东北和山东有什么区别
|
鼻窦在什么位置图片
|
结婚九年是什么婚
|
手串断了是什么预兆
|
均字五行属什么
|
四次元是什么意思啊
|
加油什么意思
|
看灰指甲去医院挂什么科
|
排骨炖什么汤止咳润肺
|
色带是什么
|
睡觉吹气是什么原因
|
什么是超度
|
尿胆原是什么意思
|
无花果和什么煲汤好
|
卵巢囊性回声什么意思
|
喝醋有什么好处和坏处
|
蛋白质阳性什么意思
|
毒瘤是什么意思
|
格林是什么意思
|
女生阴道长什么样
|
劳损是什么意思
|
粉饼是干什么用的
|
躺枪是什么意思
|
什么药退烧快
|
住院需要带什么
|
徒刑是什么意思
|
尿的正常颜色是什么样
|
女人什么眉毛最有福气
|
抱大腿什么意思
|
算命先生是什么生肖
|
亚急性甲状腺炎吃什么药
|
什么是化合物
|
血压高吃什么药最好
|
鹌鹑蛋不能和什么一起吃
|
牡丹什么时候开花
|
什么是组织
|
angelababy英文什么意思
|
什么鱼最好养不容易死
|
市委副秘书长什么级别
|
teal是什么颜色
|
家里停电了打什么电话
|
怀孕第一个月最怕什么
|
真命题是什么意思
|
做什么生意好挣钱
|
大学休学1年有什么影响
|
生猴子是什么意思
|
点痣去医院挂什么科
|
12年是什么婚
|
山竹为什么叫山竹
|
神经性皮炎吃什么药
|
广东是什么气候
|
萘普生是什么药
|
1945年属什么
|
人工受孕和试管婴儿有什么区别
|
指手画脚是什么意思
|
nec投影仪是什么牌子
|
脚趾骨折是什么感觉
|
苍鹰是什么意思
|
u1是什么意思
|
子宫息肉有什么症状
|
传字五行属什么
|
下巴底下长痘痘是什么原因
|
什么的闪电
|
刚怀孕要吃些什么好
|
腱鞘炎有什么治疗方法
|
歧视什么意思
|
什么药治失眠最有效
|
什么鞋油好用
|
女人味是什么
|
光是什么结构
|
什么的秃鹫
|
牙髓炎是什么
|
8.11是什么星座
|
喉咙痛喝什么饮料
|
霜降出什么生肖
|
甘油三酯高吃什么食物
|
吃牛肉对身体有什么好处
|
抽烟为什么会上瘾
|
吃什么可以生发
|
遇上方知有什么意思
|
农历六月十九是什么星座
|
花雕酒是什么酒
|
介入是什么意思
|
血管炎症状表现是什么
|
全友床垫属于什么档次
|
喜欢吃酸的人是什么体质
|
什么粉一沾就痒还看不出来
|
g50是什么高速
|
召力念什么
|
草鱼吃什么
|
肚子不饿是什么原因
|
尿道炎是什么原因引起的
|
人怕出名猪怕壮是什么生肖
|
ca是什么病
|
尿胆素1十是什么意思
|
景象什么意思
|
怀孕排卵试纸显示什么
|
蒸鱼豉油什么时候放
|
水中毒是什么
|
甲状腺手术后有什么后遗症
|
胆囊切除后需要注意什么
|
泥鳅吃什么
|
秋葵吃多了有什么坏处
|
外痔是什么样子的
|
胎心不稳定是什么原因
|
女人喝白茶有什么好处
|
导语是什么意思
|
子宫内膜厚吃什么药
|
嗯是什么意思
|
为什么减肥不建议喝粥
|
crocodile是什么牌子
|
回奶吃什么快最有效的
|
乙基麦芽酚是什么东西
|
足字旁的字和什么有关
|
刚产下的蚕卵是什么颜色
|
fap什么意思
|
睡前一杯牛奶有什么好处
|
什么矿泉水比较好
|
隔阂是什么意思
|
hov是什么意思
|
高级别上皮内瘤变是什么意思
|
肠易激综合征中医叫什么
|
鼻子痒用什么药好
|
孕妇喝可乐对胎儿有什么影响
|
甜菜什么意思
|
小鱼缸适合养什么鱼
|
甲胎蛋白是检查什么
|
宝宝胀气是什么原因引起的
|
埋线有什么好处和坏处
|
心脏逆钟向转位是什么意思
|
云为什么不会掉下来
|
免疫组化是什么
|
rush什么意思
|
包皮炎用什么药最有效
|
肝火胃火旺吃什么药
|
桢字五行属什么
|
凯字五行属什么
|
大肠杆菌属于什么菌
|
后脑袋疼是什么原因
|
青椒炒什么
|
什么的衣裳
|
月经期间吃西瓜有什么影响
|
伟五行属什么
|
孕妇不能吃什么水果
|
印刷厂主要做什么
|
什么是蝴蝶宝宝
|
办港澳通行证需要带什么
|
手淫过度会导致什么
|
来姨妈能吃什么水果
|
健忘症是什么意思
|
湿疹涂什么
|
骨质增生是什么原因引起的
|
上市公司什么意思
|
脚板痛是什么原因
|
社会很单纯复杂的是人是什么歌
|
凤凰花什么时候开
|
92年出生属什么
|
人死后为什么要守夜
|
1991年属羊是什么命
|
经常干咳嗽是什么原因
|
一级医院是什么意思
|
天使综合征是什么病
|
凌晨4点是什么时辰
|
爱打哈欠是什么原因
|
女人40不惑什么意思
|
纳帕皮是什么皮
|
司马光和司马迁是什么关系
|
山药什么季节成熟
|
什么是脊柱侧弯
|
什么时间吃水果比较好
|
什么叫宫腔粘连
|
鸭子喜欢吃什么
|
2043年是什么年
|
葱白是什么
|
纯情什么意思
|
渗湿是什么意思
|
湿热体质吃什么中成药
|
男人为什么
|
为什么会高血压
|
comma是什么意思
|
为什么经常长口腔溃疡
|
什么东西能戒酒
|
疑问是什么意思
|
做梦梦见大火是什么意思
|
防风通圣颗粒治什么病
|
胰岛素是什么器官分泌的
|
pku什么意思
|
暗财是什么意思
|
男人做什么运动能提高性功能
|
功德是什么意思
|
办什么厂比较好
|
康复治疗学学什么
|
脸上不停的长痘痘是什么原因
|
柴鱼是什么鱼
|
骨折恢复期吃什么好
|
菠菜什么季节吃
|
下雨天穿什么衣服
|
脚底抽筋是什么原因引起的
|
舌吻是什么感觉
|
西瓜什么时候种
|
风花雪月是什么意思
|
大便羊屎粒是什么原因
|
消肿吃什么食物好
|
植入是什么意思
|
11月12日是什么星座
|
大熊猫属于什么科
|
牛肉和什么相克
|
子字属于五行属什么
|
皮肤白斑是什么原因
|
2008年属什么
|
胃窦黄斑瘤是什么病
|
怀孕吃核桃对宝宝有什么好处
|
乐不思蜀是什么意思
|
上大学需要准备什么
|
什么男什么女的成语
|
淋巴结肿大是什么引起的
|
什么都不怕
|
岔气是什么症状
|
王晶为什么不娶邱淑贞
|
批捕意味着什么
|
隐忍是什么意思
|
秋季养胃吃什么好
|
梦见买车是什么意思
|
丝瓜有什么功效
|
股骨头坏死有什么好办法治疗吗
|
科目一和科目四有什么区别
|
仿生是什么意思
|
百度
Security Blog
The latest news and insights from Google on security and safety on the Internet
Introducing the Tink cryptographic software library
August 30, 2018
Posted by Thai Duong, Information Security Engineer, on behalf of Tink team
At Google, many product teams use cryptographic techniques to protect user data. In cryptography, subtle mistakes can have serious consequences, and understanding how to implement cryptography correctly requires digesting decades' worth of academic literature. Needless to say, many developers don’t have time for that.
To help our developers ship secure cryptographic code we’ve developed
Tink
—a multi-language, cross-platform cryptographic library. We believe in open source and want Tink to become a community project—thus Tink has been available on GitHub since the early days of the project, and it has already attracted several external contributors. At Google, Tink is already being used to secure data of many products such as AdMob, Google Pay, Google Assistant, Firebase, the Android Search App, etc. After nearly two years of development, today we’re excited to announce
Tink 1.2.0
, the first version that supports cloud, Android, iOS, and more!
Tink aims to provide cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Tink is built on top of existing libraries such as BoringSSL and Java Cryptography Architecture, but includes countermeasures to many weaknesses in these libraries, which were discovered by
Project Wycheproof
, another project from our team.
With Tink, many common cryptographic operations such as data encryption, digital signatures, etc. can be done with only a few lines of code. Here is an example of encrypting and decrypting with our
AEAD
interface in Java:
import
com
.
google
.
crypto
.
tink
.
Aead;
import
com
.
google
.
crypto
.
tink
.
KeysetHandle;
import
com
.
google
.
crypto
.
tink
.
aead
.
AeadFactory;
import
com
.
google
.
crypto
.
tink
.
aead
.
AeadKeyTemplates;
// 1. Generate the key material.
KeysetHandle
keysetHandle
=
KeysetHandle
.
generateNew(
AeadKeyTemplates
.
AES256_EAX
);
// 2. Get the primitive.
Aead
aead
=
AeadFactory
.
getPrimitive
(
keysetHandle
);
// 3. Use the primitive.
byte
[]
plaintext
=
...;
byte
[]
additionalData
=
...;
byte
[]
ciphertext
=
aead
.
encrypt
(
plaintext
,
additionalData
);
Tink aims to eliminate as many potential misuses as possible. For example, if the underlying encryption mode requires nonces and nonce reuse makes it insecure, then Tink does not allow the user to pass nonces. Interfaces have security guarantees that must be satisfied by each primitive implementing the interface. This may exclude some encryption modes. Rather than adding them to existing interfaces and weakening the guarantees of the interface, it is possible to add new interfaces and describe the security guarantees appropriately.
We’re cryptographers and security engineers working to improve Google’s product security, so we built Tink to make our job easier. Tink shows the claimed security properties (e.g., safe against chosen-ciphertext attacks) right in the interfaces, allowing security auditors and automated tools to quickly discover usages where the security guarantees don’t match the security requirements. Tink also isolates APIs for potentially dangerous operations (e.g., loading cleartext keys from disk), which allows discovering, restricting, monitoring and logging their usage.
Tink provides support for key management, including key rotation and phasing out deprecated ciphers. For example, if a cryptographic primitive is found to be broken, you can switch to a different primitive by rotating keys, without changing or recompiling code.
Tink is also extensible by design: it is easy to add a custom cryptographic scheme or an in-house key management system so that it works seamlessly with other parts of Tink. No part of Tink is hard to replace or remove. All components are composable, and can be selected and assembled in various combinations. For example, if you need only digital signatures, you can exclude symmetric key encryption components to minimize code size in your application.
To get started, please check out our HOW-TO for
Java
,
C++
and
Obj-C
. If you'd like to talk to the developers or get notified about project updates, you may want to subscribe to our
mailing list
. To join, simply send an empty email to
tink-users+subscribe@googlegroups.com
. You can also post your questions to StackOverflow, just remember to tag them with
tink
.
We’re excited to share this with the community, and welcome your feedback!
Evolution of Android Security Updates
August 22, 2018
Posted by Dave Kleidermacher, VP, Head of Security - Android, Chrome OS, Play
[Cross-posted from the
Android Developers Blog
]
At
Google I/O 2018
, in our
What's New in Android Security
session, we shared a brief update on the Android security updates program. With the official release of Android 9 Pie, we wanted to share a more comprehensive update on the state of security updates, including best practice guidance for manufacturers, how we're making Android easier to update, and how we're ensuring compliance to Android security update releases.
Commercial Best Practices around Android Security Updates
As we noted in our
2017 Android Security Year-in-Review
, Android's
anti-exploitation
strength now leads the mobile industry and has made it exceedingly difficult and expensive to leverage operating system bugs into compromises. Nevertheless, an important defense-in-depth strategy is to ensure critical security updates are delivered in a timely manner.
Monthly
security updates are the recommended best practice for Android smartphones. We deliver monthly Android source code patches to smartphone manufacturers so they may incorporate those patches into firmware updates. We also deliver firmware updates over-the-air to Pixel devices on a reliable monthly cadence and offer the free use of Google's firmware over-the-air (FOTA) servers to manufacturers. Monthly security updates are also required for devices covered under the
Android One program
.
While monthly security updates are best, at minimum, Android manufacturers should deliver regular security updates in advance of coordinated disclosure of high severity vulnerabilities, published in our Android bulletins. Since the common vulnerability disclosure window is
90 days
, updates on a 90-day frequency represents a minimum security hygiene requirement.
Enterprise Best Practices
Product security factors into purchase decisions of enterprises, who often consider device security update cadence, flexibility of policy controls, and authentication features. Earlier this year, we introduced the
Android Enterprise Recommended program
to help businesses make these decisions. To be listed, Android devices must satisfy numerous requirements, including regular security updates: at least every 90 days, with monthly updates strongly recommended. In addition to businesses, consumers interested in understanding security update practices and commitment may also refer to the
Enterprise Recommended list
.
Making Android Easier to Update
We've also been working to make Android easier to update, overall. A key pillar of that strategy is to improve modularity and clarity of interfaces, enabling operating system subsystems to be updated without adversely impacting others.
Project Treble
is one example of this strategy in action and has enabled devices to
update to Android P more easily and efficiently
than was possible in previous releases. The modularity strategy applies equally well for security updates, as a framework security update can be performed independently of device specific components.
Another part of the strategy involves the extraction of operating system services into user-mode applications that can be updated independently, and sometimes more rapidly, than the base operating system. For example, Google Play services,
including secure networking components
, and the Chrome browser can be updated individually, just like other Google Play apps.
Partner programs are a third key pillar of the updateability strategy. One example is the
GMS Express program
, in which Google is working closely with system-on-chip (SoC) suppliers to provide monthly pre-integrated and pre-tested Android security updates for SoC reference designs, reducing cost and time to market for delivering them to users.
Security Patch Level Compliance
Recently, researchers reported a handful of missing security bug fixes across some Android devices. Initial reports had several inaccuracies, which have since been
corrected
. We have been developing security update testing systems that are now making compliance failures less likely to occur. In particular, we recently delivered a new testing infrastructure that enables manufacturers to develop and deploy automated tests across lower levels of the firmware stack that were previously relegated to manual testing. In addition, the Android build approval process now includes scanning of device images for specific patterns, reducing the risk of omission.
Looking Forward
In 2017
, about a billion Android devices received security updates, representing approximately 30% growth over the preceding year. We continue to work hard devising thoughtful strategies to make Android easier to update by introducing improved processes and programs for the ecosystem. In addition, we are also working to drive increased and more expedient partner adoption of our security update and compliance requirements. As a result, over coming quarters, we expect the largest ever growth in the number of Android devices receiving regular security updates.
Bugs are inevitable in all complex software systems, but exploitability of those bugs is not. We're working hard to ensure that the incidence of potentially harmful exploitation of bugs continues to decline, such that the frequency for security updates will
reduce
, not increase, over time. While monthly security updates represents today's best practice, we see a future in which security updates becomes easier and rarer, while maintaining the same goal to protect all users across all devices.
A reminder about government-backed phishing
August 20, 2018
Posted by Shane Huntley, Threat Analysis Group
TLDR: Government-backed phishing has been in the news lately. If you receive a warning in Gmail, be sure to take prompt action. Get two-factor authentication on your account. And consider enrolling in the
Advanced Protection Program
.
One of the main threats to all email users (whatever service you use) is phishing, attempts to trick you into providing a password that an attacker can use to sign into your account. Our improving technology has enabled us to
significantly decrease the volume of phishing emails that get through
to our users. Automated protections, account security (like security keys), and specialized warnings give Gmail users industry-leading security.
Beyond phishing for the purposes of fraud, a small minority of users in all corners of the world are still targeted by sophisticated government-backed attackers. These attempts come from dozens of countries.
Since 2012
, we've shown prominent warnings within Gmail notifying users that they may be targets of these types of phishing attempts; we show thousands of these warnings every month, even if we have blocked the specific attempt.
We also send
alerts to G Suite administrators
if someone in their corporate network may have been the target of government-backed phishing. And we regularly
post public advisories
to make sure that people are aware of this risk.
This is what an account warning looks like; an extremely small fraction of users will ever see one of these, but if you receive this warning from us, it's important to
take immediate action on it
.
We intentionally send these notices in batches to all users who may be at risk, rather than at the moment we detect the threat itself, so that attackers cannot track some of our defense strategies. We have an expert team in our Threat Analysis Group, and we use a variety of technologies to detect these attempts. We also notify law enforcement about what we’re seeing; they have additional tools to investigate these attacks.
We hope you never receive this type of warning, but if you do, please take action right away to enhance the security of your accounts.
Even if you don’t receive such a warning, you should
enable 2-step verification in Gmail
. And if you think you’re at particular risk of government-backed phishing, consider enrolling in the
Advanced Protection Program
, which provides even stronger levels of security.
Expanding our Vulnerability Reward Program to combat platform abuse
August 15, 2018
Posted by Eric Brown and Marc Henson, Trust & Safety
Since 2010, Google’s Vulnerability Reward Programs have
awarded more than $12 million dollars
to researchers and created a
thriving Google-focused security community
. For the past two years, some of these rewards were for bug reports that were not strictly security vulnerabilities, but techniques that allow third parties to successfully bypass our abuse, fraud, and spam systems.
Today, we are expanding our Vulnerability Reward Program to formally invite researchers to submit these reports.
This expansion is intended to reward research that helps us mitigate potential abuse methods. A few examples of potentially valid reports for this program could include bypassing our account recovery systems at scale, identifying services vulnerable to brute force attacks, circumventing restrictions on content use and sharing, or purchasing items from Google without paying. Valid reports tend to result in changes to the product’s code, as opposed to removal of individual pieces of content.
This program does not cover individual instances of abuse, such as the posting of content that violates our guidelines or policies, sending spam emails, or providing links to malware. These should continue to be reported through existing product-specific channels, such as for
Google+
,
YouTube
,
Gmail
, and
Blogger
.
Reports submitted to our Vulnerability Reward Program that outline abuse methods are reviewed by experts on our Trust & Safety team, which specializes in the prevention and mitigation of abuse, fraud, and spam activity on our products.
We greatly value our relationship with the research community, and we’re excited to expand on it to help make the internet a safer place for everyone. To learn more, see our
updated rules
.
Happy hunting!
Google Public DNS turns 8.8.8.8 years old
August 10, 2018
Posted by Alexander Dupuy, Software Engineer
Once upon a time, we
launched Google Public DNS
, which you might know by its iconic IP address, 8.8.8.8. (Sunday, August 12th, 2018, at 00:30 UTC marks eight years, eight months, eight days and eight hours since the announcement.) Though not as well-known as Google Search or Gmail, the four eights have had quite a journey—and some pretty amazing growth! Whether it’s
travelers in India’s train stations
or
researchers on the remote Antarctic island Bouvet?ya
, hundreds of millions of people the world over rely on our free DNS service to turn domain names like wikipedia.org into IP addresses like 208.80.154.224.
Google Public DNS query growth and major feature launches
Today, it’s estimated that about
10% of internet users
rely on 8.8.8.8, and it serves well over a trillion queries per day. But while we’re really proud of that growth, what really matters is whether it’s a valuable service for our users. Namely, has Google Public DNS made the internet faster for users? Does it safeguard their privacy? And does it help them get to internet sites more reliably and securely?
In other words, has 8.8.8.8 made DNS and the internet better as a whole? Here at Google, we think it has. On this numerological anniversary, let’s take a look at how Google Public DNS has realized those goals and what lies ahead.
Making the internet faster
From the start, a key goal of Google Public DNS was to
make the internet faster
. When we began the project in 2007, Google had already made it faster to search the web, but it could take a while to get to your destination. Back then, most DNS lookups used your ISP’s resolvers, and with small caches, they often had to make multiple DNS queries before they could return an address.
Google Public DNS resolvers’ DNS caches hold tens of billions of entries worldwide. And because hundreds of millions of clients use them every day, they usually return the address for your domain queries without extra lookups, connecting you to the internet that much faster.
DNS resolution process for example.org
Speeding up DNS responses is just one part of making the web faster—getting web content from servers closer to you can have an even bigger impact. Content Delivery Networks (CDNs) distribute large, delay-sensitive content like streaming videos to users around the world. CDNs use DNS to direct users to the nearest servers, and rely on
GeoIP maps
to determine the best location.
Everything’s good if your DNS query comes from an ISP resolver that is close to you, but what happens if the resolver is far away, as it is for researchers on Bouvet?ya? In that case, the CDN directs you to a server near the DNS resolver—but not the one closest to you. In 2010, along with other DNS and CDN services, we
proposed a solution
that lets DNS resolvers send part of your IP address in their DNS queries, so CDN name servers can get your best possible GeoIP location (short of sending your entire IP address). By sending only the first three parts of users’ IP addresses (e.g. 192.0.2.x) in the EDNS Client Subnet (ECS) extension, CDNs can return the closest content while maintaining user privacy.
We continue to enhance ECS, (now published as
RFC 7871
), for example, by adding
automatic detection of name server ECS support
. And today, we’re happy to report, support for ECS is widespread among CDNs.
Safeguarding user privacy
From day one of our service, we’ve always been serious about user privacy. Like all Google services, we honor the general Google
Privacy Policy
, and are guided by Google’s
Privacy Principles
. In addition, Google Public DNS published a
privacy practice statement
about the information we collect and how it is used—and how it’s not used. These protect the privacy of your DNS queries once they arrive at Google, but they can still be seen (and potentially modified) en route to 8.8.8.8.
To address this weakness, we
launched a public beta
of
DNS-over-HTTPS
on April 1, 2016, embedding your DNS queries in the secure and private HTTPS protocol. Despite the launch date, this was not an April Fool’s joke, and in the following two years, it has grown dramatically, with millions of users and support by another major public DNS service. Today, we are working in the IETF and with other DNS operators and clients on the
Internet Draft for DNS Queries over HTTPS
specification, which we also support.
Securing the Domain Name System
We’ve always been very concerned with the integrity and security of the responses that Google Public DNS provides. From the start, we
rejected
the practice of
hijacking nonexistent domain (NXDOMAIN) responses
, working to provide users with accurate and honest DNS responses, even when attackers tried to corrupt them.
In 2008, Dan Kaminsky publicized a major security weakness in the DNS protocol that left most DNS resolvers vulnerable to spoofing that poisoned their DNS caches. When we launched 8.8.8.8 the following year, we not only used industry best practices to mitigate this vulnerability, but also developed an
extensive set of additional protections
.
While those protected our DNS service from most attackers, they can’t help in cases where an attacker can see our queries. Starting in 2010, the internet started to use
DNSSEC security
in earnest, making it possible to protect cryptographically signed domains against such
man-in-the-middle
and
man-on-the-side
attacks. In 2013, Google Public DNS became the first major public DNS resolver to
implement DNSSEC validation
for all its DNS queries,
doubling the percentage of end users protected by DNSSEC from 3.3% to 8.1%
.
In addition to protecting the integrity of DNS responses, Google Public DNS also works to block DNS denial of service attacks by
rate limiting
both our queries to name servers and
reflection or amplification attacks
that try to flood victims’ network connections.
Internet access for all
A big part of Google Public DNS’s tremendous growth comes from free public internet services. We make the internet faster for hundreds of these services, from free WiFi in San Francisco’s parks to LinkNYC internet kiosk hotspots and the
Railtel partnership in India‘s train stations
. In places like Africa and Southeast Asia, many ISPs also use 8.8.8.8 to resolve their users’ DNS queries. Providing free DNS resolution to anyone in the world, even to other companies, supports internet access worldwide as a part of Google’s
Next Billion Users initiative
.
APNIC Labs
map of worldwide usage (
Interactive Map
)
Looking ahead
Today, Google Public DNS is the largest public DNS resolver. There are now about a dozen such services providing value-added features like content and malware filtering, and recent entrants Quad9 and Cloudflare also provide privacy for DNS queries over TLS or HTTPS.
But recent incidents that used BGP hijacking to attack DNS are concerning. Increasing the adoption and use of DNSSEC is an effective way to protect against such attacks and as the largest DNSSEC validating resolver, we hope we can influence things in that direction. We are also exploring how to improve the security of the path from resolvers to authoritative name servers—issues not currently addressed by other DNS standards.
In short, we continue to improve Google Public DNS both behind the scenes and in ways visible to users, adding features that users want from their DNS service. Stay tuned for some exciting Google Public DNS announcements in the near future!
Labels
#sharethemicincyber
#supplychain #security #opensource
AI Security
android
android security
android tr
app security
big data
biometrics
blackhat
C++
chrome
chrome enterprise
chrome security
connected devices
CTF
diversity
encryption
federated learning
fuzzing
Gboard
google play
google play protect
hacking
interoperability
iot security
kubernetes
linux kernel
memory safety
Open Source
pha family highlights
pixel
privacy
private compute core
Rowhammer
rust
Security
security rewards program
sigstore
spyware
supply chain
targeted spyware
tensor
Titan M2
VDP
vulnerabilities
workshop
Archive
2025
Jul
Jun
May
Apr
Mar
Feb
Jan
2024
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Aug
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
2010
Nov
Oct
Sep
Aug
Jul
May
Apr
Mar
2009
Nov
Oct
Aug
Jul
Jun
Mar
2008
Dec
Nov
Oct
Aug
Jul
May
Feb
2007
Nov
Oct
Sep
Jul
Jun
May
Feed
Follow @google
Follow
Give us feedback in our
Product Forums
.
2001年属什么生肖
尿结晶是什么意思
保胎针是什么药
左卵巢内囊性结构什么意思
曝光是什么意思
偷袭是什么意思
祛湿是什么意思
贪嗔痴是什么意思
全身痒是什么原因
湿热便秘吃什么中成药
脑梗吃什么食物
治疗便秘吃什么
青霉素是什么药
发炎是什么意思
什么是三伏天
欲是什么意思
摇头晃脑是什么生肖
查电话号码打什么电话
烧心吃什么药
吃什么头发长得快
查尿常规挂什么科hcv8jop0ns1r.cn
真心是什么意思hcv8jop5ns1r.cn
痰湿阻滞吃什么中成药hcv8jop5ns3r.cn
emma什么意思hcv9jop4ns9r.cn
紫色加绿色是什么颜色hcv9jop4ns7r.cn
人流后吃什么补身体hcv9jop7ns5r.cn
女性睾酮低意味着什么hcv8jop0ns6r.cn
相向是什么意思wzqsfys.com
闷是什么意思hcv8jop8ns5r.cn
经常吃南瓜有什么好处和坏处hcv7jop7ns2r.cn
牡蛎和生蚝有什么区别wzqsfys.com
彩色多普勒超声常规检查是什么gangsutong.com
nd是什么意思hcv8jop1ns3r.cn
鹏字五行属什么hcv8jop3ns5r.cn
颈动脉斑块挂什么科hcv9jop8ns1r.cn
官官相护是什么意思hcv8jop6ns6r.cn
耳轮有痣代表什么hcv9jop0ns2r.cn
狗狗为什么会得细小hcv9jop1ns7r.cn
长期口臭挂什么科yanzhenzixun.com
不适是什么意思hcv9jop0ns3r.cn
百度
Follow