How Google Secures Gmail Against Spam and Ransomware

[labbe5]

http://www.eweek.com/security/how-googl ... mware.html

Gmail is a transformative force towards better security for email users, advocating best practices.

"For phishing attacks, no defense is perfect," he said. "We advocate for the use of Security Keys as helping to provide the best defense."

The Security Key effort is a physical USB key that adheres to the FIDO Alliance U2F (Universal Second Factor) standard, providing an additional layer of security to prevent phishing attacks. Google has widely deployed Security Keys among its own employees and over a two-year period found that it had a dramatic impact on improving security.

[april]

Google are one of the hardest email providers to keep running continuously. They are forever buggering it up and being broken into seemingly repeatedly requiring you to change your password and confirm emails and phone numbers .

They oftewn lock you out of your account trying to get a phone number from you and when you don't give them one the email goes back to normal access the next day

A complete pain in the arse

Yahoo however I have had no trouble with for nigh on 4 years now.!

[Lobster]

Glad Yahoo is working for you. Not everyone is so happy . . .
http://money.cnn.com/2016/12/15/technol ... ion-users/

There seems to be two ways to use this method. Via a U2F Key
or via your phone ...
https://www.howtogeek.com/260369/how-to ... ntication/

Who can be bothered?
Some people run a fresh Puppy from USB booting. Any more secure?

[mcewanw]

They oftewn lock you out of your account trying to get a phone number from you and when you don't give them one the email goes back to normal access the next day

I've had a gmail account since at least 2009 and a Google Apps Business account for several years and thank goodness I've been lucky and never had these lock-out (or any spam) issues! Yes, they have asked for phone number, but I always avoid giving it (I agree, I'm not happy with privacy intrusion).

William

[8Geee]

The only people that I know of that don't like Y-Mail are the ones that also don't like to delta passwords. Thrice a year is usually sufficient... grc(dot)com can help.

But there are aspects of Y-Mail that are not liked by many people I know... one, IMHO is the "Opt-Out" cookie that must be permanent in order to function. Rather similar to DDG's we don't collect data... but there's that pesky twitter link on page that DOES.

Notwithstanding Verizon's immenent buy-out of Yahoo. Start Mail anyone?

@Lobster... that link to the unhappy Y-Mail users made me giggle. You need FLash-9 or better to view the content. LMAOROTF. Now there's a security breach just waiting to happen. Carry On!!!

regards
8Geee

[april]

This is the sort of crap I get all the time and only I have signed in and had some trouble because it does not recognise the computer . Its the same three computers but they cannot get that right . Morons

Hi April,
Your Google Account april........@gmail.com was just used to sign in on Linux.

April...........
april.........@gmail.com

Linux
Tuesday, March 21, 2017 3:53 AM (Brisbane Time)
Brisbane QLD, Australia**Don't recognize this activity?*
Review your recently used devices
<https://accounts.google.com/AccountChoo ... 26asae%3D2>
now.

Why are we sending this? We take security very seriously and we want to
keep you in the loop on important actions in your account.
We were unable to determine whether you have used this browser or device
with your account before. This can happen when you sign in for the first
time on a new computer, phone or browser, when you use your browser's
incognito or private browsing mode or clear your cookies, or when somebody
else is accessing your account.

Best,
The Google Accounts team



*The location is approximate and determined by the IP address it was coming
from.

This email can't receive replies. To give us feedback on this alert, click
here
<https://support.google.com/accounts/con ... back?hl=en>.
For more information, visit the Google Accounts Help Center
<https://support.google.com/accounts/answer/2733203>.



You received this mandatory email service announcement to update you about
important changes to your Google product or account.
© 2017 Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

[8Geee]

Its that MAC address stuff. You might have to spoof all to one MAC.

Regards
8Geee

[belham2]

This is the sort of crap I get all the time and only I have signed in and had some trouble because it does not recognise the computer . Its the same three computers but they cannot get that right . Morons

Hi April,
Your Google Account april........@gmail.com was just used to sign in on Linux.

April...........
april.........@gmail.com

Linux
Tuesday, March 21, 2017 3:53 AM (Brisbane Time)
Brisbane QLD, Australia**Don't recognize this activity?*
Review your recently used devices
<https://accounts.google.com/AccountChoo ... 26asae%3D2>
now.

Why are we sending this? We take security very seriously and we want to
keep you in the loop on important actions in your account.
We were unable to determine whether you have used this browser or device
with your account before. This can happen when you sign in for the first
time on a new computer, phone or browser, when you use your browser's
incognito or private browsing mode or clear your cookies, or when somebody
else is accessing your account.

Best,
The Google Accounts team



*The location is approximate and determined by the IP address it was coming
from.

This email can't receive replies. To give us feedback on this alert, click
here
<https://support.google.com/accounts/con ... back?hl=en>.
For more information, visit the Google Accounts Help Center
<https://support.google.com/accounts/answer/2733203>.



You received this mandatory email service announcement to update you about
important changes to your Google product or account.
© 2017 Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Get A Yubikey, set it up with your Google accounts, and never look back. Also, quit b!tching over something that is free (and by considerable length) safer, not to mention, more user friendly than any medium and/or large email service out there. Plus, it's integrated and portable in ways no other is. Go to Yahoo or Hotmail or Proton if you're not happy. Wait, oh, that's right.....you're just a b!tcher of monetarily free service who also complains of the overlord watching everything you do. Pass the tin-foil hat, folks, not to mention the hypocritical one.

[nic007]

You will get this if you sign in from different computers because google checks the IP addresses and if it differs will send a warning message. It's a security thing and done FOR YOUR SAFETY so unauthorised people don't use your account.

[Lobster]

You will get this if you sign in from different computers because google checks the IP addresses and if it differs will send a warning message. It's a security thing and done FOR YOUR SAFETY so unauthorised people don't use your account.

Indeed it is!
Bravo Googlies

Also well done on selling Boston Dynamics . . .
Just when they getting into their wikid cycle . . .

https://www.youtube.com/embed/-7xvqQeoA8c

Only Terminator Trump can save us now . . .
... wait ... isn't he a lizard?

[april]

Yes but nic007 you miss the point or see only the view you want to see.

I have been logging in with the same machines [/size]for 4 years and I have dynamic IP addresses so how come they can't get it right?
Of course they can they just don't want to.

FOR YOUR SAFETY

I am the best one to look after my safety . Let them look after yours if you wish . Its just an excuse to wheedle in ,try to collect your phone number for the government and tell you what you can and can't do , just the same as Microsoft has done since day 1.Selling their data collection information has made them all the money at the expense of our privacy .
Thats why we are here isn't it?

[Burn_IT]

The only time I have had that sort of thing is when Google themselves have. been hacked.
You need to check the mail very carefully and NOT use any links they provide in the mail.

I use three different devices but always connect through my router..

[april]

Get A Yubikey, set it up with your Google accounts, and never look back. Also, quit b!tching :evil: over something that is free (and by considerable length) safer, not to mention, more user friendly than any medium and/or large email service out there. Plus, it's integrated and portable in ways no other is. Go to Yahoo or Hotmail or Proton if you're not happy. Wait, oh, that's right.....you're just a b!tcher of monetarily free service who also complains of the overlord watching everything you do. Pass the tin-foil hat, folks, not to mention the hypocritical one. :roll:

I missed this one -piss off with your self serving criticism. How does that comment help in the thread. Shove your opinions up your a...e

[april]

I use three different devices but always connect through my router..

Yep 3 different locations for me though

[april]

Its that MAC address stuff. You might have to spoof all to one MAC.

Regards
8Geee

Hmm I have some reading up to do on that. Thanks . Didn't know they could get the mac address but you are right they obviously can. I'm wondering how I can stop them .

I keep finding my android phone is switching on internet connection itself with Android 5 and working on android apps lately I see that in order to turn bluetooth on the app must give access to internet services and to location data .

That is not needed for bluetooth of course but making it a requirement as they have done at MIT appinventor and in particular at Android , means that all future apps that enable bluetooth will also switch on internet access and geolocation even if you have them switched off.

[8Geee]

Here's an atticle on the general principle of spoofing at Wikipedia. basically make the different 'puters look like one 'puter.

There is obviously a problem when all machines are dedicated to different users. For example a husband and wife have two separate accounts at a particular store. In this case the store will read only one account at checkout time. So there ARE snags with this.

But if using three different devices to access one account, spoofing might be a good solution.

Regards
8Geee