Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Latest News

Co-op Faces Heavy Financial Losses Following April Cyberattack

  The Co-operative Group in the United Kingdom has revealed the extent of the damage caused by the cyberattack it suffered earlier this year...

All the recent news you need to know

Gemini in Chrome: Google Can Now Track Your Phone

Gemini in Chrome: Google Can Now Track Your Phone

Is the Gemini browser collecting user data?

A new warning for 2 billion Chrome users, Google has announced that its browser will start collecting “sensitive data” on smartphones. “Starting today, we’re rolling out Gemini in Chrome,” Google said, which will be the “biggest upgrade to Chrome in its history.” The data that can be collected includes the device ID, username, location, search history, and browsing history. 

Agentic AI and browsers

Surfshark investigated the user privacy of AI browsers after Google’s announcement and found that if you use Chrome with Gemini on your smartphone, Google can collect 24 types of data. According to Surfshark, this is bigger than any other agentic AI browsers that have been analyzed. 

For instance, Microsoft’s Edge browser, which has Copilot, only collects half the data compared to Chrome and Gemini. Even Brave, Opera, and Perplexity collect less data. With the Gemini-in-Chrome extension, however, users should be more careful. 

Now that AI is everywhere, a lot of browsers like Firefox, Chrome, and Edge allow users to integrate agentic AI extensions. Although these tools are handy, relying on them can expose your privacy and personal data to third-party companies.

There have been incidents recently where data harvesting resulted from browser extensions, even those downloaded from official stores. 

The new data collection warning comes at the same time as the Gemini upgrade this month, called “Nano Banana.” This new update will also feed on user data. 

According to Android Authority, “Google may be working on bringing Nano Banana, Gemini’s popular image editing tool, to Google Photos. We’ve uncovered a GIF for a new ‘Create’ feature in the Google Photos app, suggesting it’ll use Nano Banana inside the app. It’s unclear when the feature will roll out.”

AI browser concerns

Experts have warned that every photo you upload has a biometric fingerprint which consists of your micro-expressions, unique facial geometry, body proportions, and micro-expressions. The biometric data included device fingerprinting, behavioural biometrics, social network mapping, and GPS coordinates.

Besides this, Apple’s Safari now has anti-fingerprinting technology as the default browsing for iOS 26. However, users should only use their own browser for it to work. For instance, if you use Chrome on an Apple device, it won’t work. Another reason why Apply is advising users to use the Safari browser and not Chrome. 

Decentralized AI Emerges as Counterweight to Big Tech Dominance

 

Artificial intelligence has undeniably transformed productivity and daily life, but its development has also concentrated power in the hands of a few corporations. Giants such as Google (Gemini), OpenAI (ChatGPT), X (Grok), and Anthropic (Claude) dominate the ecosystem, holding most of the computing resources, data, and top talent. 

This centralisation raises concerns about bias, privacy, and the unchecked influence of private firms over technologies that increasingly shape society. Critics argue that centralised AI models collect and monetise vast amounts of personal and corporate data with little transparency. 

A Stanford University study in 2025 found users perceive large language models to lean politically left, while controversies have emerged around Grok allegedly producing antisemitic rhetoric and Gemini misrepresenting historical figures. 

Beyond bias, scaling constraints are evident, data centres already strain global electricity use and are projected to consume 20% of global power by 2030. Centralised systems also create single points of failure, making them attractive targets for hackers. 

In response, interest in decentralised AI is accelerating. Valued at $550.7 million in 2024, the sector is expected to reach $4.33 billion by 2034. Unlike traditional models, decentralised systems keep raw data on local devices, sharing only trained insights across networks secured by blockchain. 

This distributes control among participants rather than concentrating it with a single company. The benefits are compelling. Individuals and organisations retain control over their data, deciding what to share. Training across a decentralised network introduces greater diversity of perspectives, reducing systemic bias. 

By distributing computation across devices, the model scales efficiently without relying on energy-hungry central servers. Security also improves without a central point of attack, blockchain adds resilience while much sensitive data never leaves the user’s device. 

Advocates link this shift back to early cypherpunk ideals. 

As Eric Hughes wrote in A Cypherpunk’s Manifesto, cryptography was meant to safeguard privacy and liberty in the digital age. While cryptocurrencies drifted toward profit-seeking, decentralised AI could represent a return to those original principles including rebalancing power, protecting privacy, and building a more sustainable digital future.

The Digital Economy’s Hidden Crisis: How Cyberattacks, AI Risks, and Tech Monopolies Threaten Global Stability

 

People’s dependence on digital systems is deeper than ever, leaving individuals and businesses more exposed to cyber risks and data breaches. From the infamous 2017 Equifax incident to the recent cyberattack on Marks & Spencer, online operations remain highly vulnerable. Experts warn that meaningful action may only come after a large-scale digital crisis.

Research indicates that current strategies for managing risk and fostering innovation are flawed. Digital technologies—ranging from social platforms to artificial intelligence—are reshaping society. While these tools are powerful, they also carry risks of malfunction, manipulation, and exploitation. Yet governments struggle to differentiate between innovations that genuinely benefit society and those that create long-term harm.

The digital economy—defined as “businesses that increasingly rely on information technology, data and the internet”—is effectively running a global social experiment. Tech giants often capture most of the benefits while shifting risks onto society. The potential fallout could include cyberattacks crippling essential services like power grids or communications, or even tampering with infrastructure to create dangerous conditions.

Parallels can be drawn with the 2008 financial crisis. American sociologist Charles Perrow described “tight coupling,” where highly interconnected systems lacking redundancy can spiral into catastrophic failures. Today’s digital economy mirrors that model: rapid expansion, interconnected datasets, and platforms increasing interdependency while eliminating safeguards.

The “move fast and break things” culture intensifies risk, with companies absorbing competitors and erasing analog alternatives. This reduces redundancy and accelerates monopolistic control, making the system more fragile and complex.

Unlike the 2008 financial meltdown, today’s warning signs are visible to all. Attacks like WannaCry and NotPetya caused billions in damages, while the 2024 CrowdStrike outage grounded flights and disrupted TV broadcasts. Ransomware, hacks, and data leaks are constant reminders of the fragility of digital infrastructure.

Artificial intelligence compounds these threats. AI-driven hallucinations, misinformation at scale, and increased vulnerabilities to confidentiality and integrity make digital risks more severe. As AI evolves, it amplifies the speed and impact of these dangers.

The central concern is that despite obvious risks, political and regulatory systems remain reactive rather than preventative. As technology continues to accelerate, the likelihood of a systemic digital crisis grows.

Karnataka Tops Cybercrime Cases in India with Bengaluru Emerging as the Epicenter

 

Karnataka has earned the unfortunate distinction of being the cybercrime capital of India, accounting for more than a quarter of all reported cases in the country. According to the latest data released by the National Crime Records Bureau (NCRB), the State registered 21,889 cybercrime incidents in 2023, representing 25.57% of the national tally. This figure placed Karnataka well ahead of Telangana, which reported 18,236 cases and ranked second. 

At the core of this rise is Bengaluru, the State’s technology hub and India’s leading IT city. The city alone recorded 17,631 cybercrime cases in 2023, making it the highest in the country. Among metropolitan cities, Bengaluru accounted for more than half—51.92%—of all cases across the 19 metros. Hyderabad followed at a distant second with 4,855 cases. The scale of the issue in Bengaluru is striking, with its cybercrime rate standing at 207.4 cases per lakh population, a figure more than seven times higher than the national average. 

The upward trend is evident in recent years. From 6,423 cases in 2021 to 9,940 in 2022, Bengaluru witnessed a sharp escalation, crossing 17,600 cases in 2023. Data indicates that fraud and sexual exploitation remain the primary motives behind the crimes. Although Karnataka logged a marginal increase to 22,468 cybercrime cases in 2024, the trajectory in 2025 has shown a slight decline, with 7,293 cases reported halfway through the year. Police officials, however, caution that while case numbers may be lower, the sophistication of scams and the financial impact on victims continue to intensify. 

Despite the surge in reporting, conviction rates remain alarmingly low. In 2023, Karnataka recorded only 44 convictions, including cases from previous years, alongside 60 acquittals. In Bengaluru, less than 0.3% of cases resulted in conviction, raising concerns about deterrence and enforcement effectiveness. Experts argue that the shortage of skilled cybercrime investigators is one of the key reasons behind the poor conviction rates.  

Senior police officers attribute the State’s high numbers to multiple factors: poor cyber hygiene, inadequate awareness, and a constantly evolving modus operandi by fraudsters. Bengaluru’s status as an IT hub also contributes, with a mixed population engaging heavily in investment platforms, e-commerce, and online trading. This has led to an increase in scams such as investment fraud and courier-related cons, often targeting educated individuals seeking higher returns. 

Cybersecurity experts warn that insufficient awareness programs and the lack of inter-State collaboration in investigations allow fraudsters to escape accountability. They emphasize that Karnataka’s newly developed Cyber Command Unit (CCU) could become a game-changer in strengthening the State’s response, particularly following the High Court’s directive to enhance its capabilities.  

Karnataka’s experience underscores a larger national challenge—while cybercrime continues to escalate, enforcement, awareness, and conviction efforts must evolve to keep pace with increasingly sophisticated digital frauds.

Project Zero Exposes Apple ASLR Bypass via NSDictionary Serialization Flaw

 

Google Project Zero has uncovered a sophisticated technique for bypassing Address Space Layout Randomization (ASLR) protections on Apple devices, targeting a fundamental issue in Apple’s serialization framework. Security researcher Jann Horn described how deterministic behaviors in NSKeyedArchiver and NSKeyedUnarchiver could enable attackers to leak memory pointer values without exploiting conventional bugs or timing-based side channels.

The vulnerability centers on the interaction between singleton objects, pointer-based hash values, and serialization routines. Specifically, Horn identified that NSNull—a singleton object within Apple’s Core Foundation (CFNull)—exposes its memory address through its hash value. Because this object resides in a fixed location in the shared cache, it creates a reliable oracle for leaking memory addresses, defeating standard ASLR defenses.

Attackers can exploit this by crafting malicious serialized input which, when de-serialized and then re-serialized by a victim application, can allow inference of key memory locations. By leveraging the predictable hashing of NSNumber keys and understanding how NSDictionary structures its internal hash table based on prime-numbered bucket counts, an attacker controls where keys are placed during serialization. The relative position of the NSNull key reveals the outcome of hash_code % num_buckets, letting attackers deduce the memory address used by NSNull.

Scaling this approach involves using dictionaries with different prime-sized bucket counts, repeatedly measuring key placements, and applying the Extended Euclidean Algorithm. This enables precise reconstruction of the NSNull pointer address. Horn’s proof-of-concept demonstrated the feasibility, though no real-world application was found with this pattern in production services. The attacker’s tooling involved generating specialized serialized input and computing memory addresses after receiving the victim’s output.

Apple addressed the issue in its March 31, 2025 security updates. Horn cautioned against frameworks using raw memory addresses as hash values, especially when those addresses are static, and recommended strict allowlisting during deserialization, not returning re-serialized attacker input, and keeping outputs within trusted boundaries—aligning with broader best practices for deserialization risks.

Horn linked this exploit to earlier research on hash-based attacks, such as hashDoS, but highlighted that this method exploits hash order determinism for information leakage rather than denial-of-service. Ultimately, the finding broadens the understanding of how seemingly safe serialization behavior can be weaponized, and underscores the importance of robust serialization hygiene in software security.

The Spectrum of Google Product Alternatives


 

It is becoming increasingly evident that as digital technologies are woven deeper into our everyday lives, questions about how personal data is collected, used, and protected are increasingly at the forefront of public discussion. 

There is no greater symbol of this tension than the vast ecosystem of Google products, whose products have become nearly inseparable from the entire online world. It's important to understand that, despite the convenience of this service, the business model that lies behind it is fundamentally based on collecting user data and monetising attention with targeted advertising. 

In the past year alone, this model has generated over $230 billion in advertising revenue – a model that has driven extraordinary profits — but it has also heightened the debate over what is the right balance between privacy and utility.'

In recent years, Google users have begun to reconsider their dependence on Google and instead turn to platforms that pledge to prioritise user privacy and minimise data exploitation rather than relying solely on Google's services. Over the last few decades, Google has built a business empire based on data collection, using Google's search engine, Android operating system, Play Store, Chrome browser, Gmail, Google Maps, and YouTube, among others, to collect vast amounts of personal information. 

Even though tools such as virtual private networks (VPNs) can offer some protection by encrypting online activity, they do not address the root cause of the problem: these platforms require accounts to be accessible, so they ultimately feed more information into Google's ecosystem for use there. 

As users become increasingly concerned about protecting their privacy, choosing alternatives developed by companies that are committed to minimising surveillance and respecting personal information is a more sustainable approach to protecting their privacy. In the past few years, it has been the case that an ever-growing market of privacy-focused competitors has emerged, offering users comparable functionality while not compromising their trust in these companies. 

 As an example, let's take the example of Google Chrome, which is a browser that is extremely popular worldwide, but often criticised for its aggressive data collection practices, which are highly controversial. According to a 2019 investigation published by The Washington Post, Chrome has been characterised as "spy software," as it has been able to install thousands of tracking cookies each week on devices. This has only fueled the demand for alternatives, and privacy-centric browsers are now positioning themselves as viable alternatives that combine performance with stronger privacy protection.

In the past decade, Google has become an integral part of the digital world for many internet users, providing tools such as search, email, video streaming, cloud storage, mobile operating systems, and web browsing that have become indispensable to them as the default gateways to the Internet. 

It has been a strategy that has seen the company dominate multiple sectors at the same time - a strategy that has been described as building a protective moat of services around their core business of search, data, and advertising. However, this dominance has included a cost. 

The company has created a system that monetises virtually every aspect of online behaviour by collecting and interfacing massive amounts of personal usage data across all its platforms, generating billions of dollars in advertising revenue while causing growing concern about the abuse of user privacy in the process. 

There is a growing awareness that, despite the convenience of Google's ecosystem, there are risks associated with it that are encouraging individuals and organisations to seek alternatives that better respect digital rights. For instance, Purism, a privacy-focused company that offers services designed to help users take control of their own information, tries to challenge this imbalance. However, experts warn that protecting the data requires a more proactive approach as a whole. 

The maintenance of secure offline backups is a crucial step that organisations should take, especially in the event of cyberattacks. Offline backups provide a reliable safeguard, unlike online backups, which are compromised by ransomware, allowing organisations to restore systems from clean data with minimal disruption and providing a reliable safeguard against malicious software and attacks. 

There is a growing tendency for users to shift away from default reliance on Google and other Big Tech companies, in favour of more secure, transparent, and user-centric solutions based on these strategies. Users are becoming increasingly concerned about privacy concerns, and they prefer platforms that prioritise security and transparency over Google's core services. 

As an alternative to Gmail, DuckDuckGo provides privacy-focused search results without tracking or profiling, whereas ProtonMail is a secure alternative to Gmail with end-to-end encrypted email. When it comes to encrypted event management, Proton Calendar replaces Google Calendar, and browsers such as Brave and LibreWolf minimise tracking and telemetry when compared to Chrome. 

It has been widely reported that the majority of apps are distributed by F-Droid, which offers free and open-source apps that do not rely on tracking, while note-taking and file storage are mainly handled by Simple Notes and Proton Drive, which protect the user's data. There are functional alternatives such as Todoist and HERE WeGo, which provide functionality without sacrificing privacy. 

There has even been a shift in video consumption, in which users use YouTube anonymously or subscribe to streaming platforms such as Netflix and Prime Video. Overall, these shifts highlight a trend toward digital tools that emphasise user control, data protection, and trust over convenience. As digital privacy and data security issues gain more and more attention, people and organisations are reevaluating their reliance on Google's extensive productivity and collaboration tools, as well as their dependency on the service. 

In spite of the immense convenience that these platforms offer, their pervasive data collection practices have raised serious questions about privacy and user autonomy. Consequently, alternatives to these platforms have evolved and were developed to maintain comparable functionality—including messaging, file sharing, project management, and task management—while emphasizing enhanced privacy, security, and operational control while maintaining comparable functionality. 

Continuing with the above theme, it is worthwhile to briefly examine some of the leading platforms that provide robust, privacy-conscious alternatives to Google's dominant ecosystem, as described in this analysis. Microsoft Teams.  In addition to Google's collaboration suite, Microsoft Teams is also a well-established alternative. 

It is a cloud-based platform that integrates seamlessly with Microsoft 365 applications such as Microsoft Word, Excel, PowerPoint, and SharePoint, among others. As a central hub for enterprise collaboration, it offers instant messaging, video conferencing, file sharing, and workflow management, which makes it an ideal alternative to Google's suite of tools. 

Several advanced features, such as APIs, assistant bots, conversation search, multi-factor authentication, and open APIs, further enhance its utility. There are, however, some downsides to Teams as well, such as the steep learning curve and the absence of a pre-call audio test option, which can cause interruptions during meetings, unlike some competitors. 

Zoho Workplace

A new tool from Zoho called Workplace is being positioned as a cost-effective and comprehensive digital workspace offering tools such as Zoho Mail, Cliq, WorkDrive, Writer, Sheet, and Meeting, which are integrated into one dashboard. 

The AI-assisted assistant, Zia, provides users with the ability to easily find files and information, while the mobile app ensures connectivity at all times. However, it has a relatively low price point, making it attractive for smaller businesses, although the customer support may be slow, and Zoho Meeting offers limited customisation options that may not satisfy users who need more advanced features. 

Bitrix24 

Among the many services provided by Bitrix24, there are project management, CRM, telephony, analytics, and video calls that are combined in an online unified workspace that simplifies collaboration. Designed to integrate multiple workflows seamlessly, the platform is accessible from a desktop, laptop, or mobile device. 

While it is used by businesses to simplify accountability and task assignment, users have reported some glitches and delays with customer support, which can hinder the smooth running of operations, causing organisations to look for other solutions. 

 Slack 

With its ability to offer flexible communication tools such as public channels, private groups, and direct messaging, Slack has become one of the most popular collaboration tools across industries because of its easy integration with social media and the ability to share files efficiently. 

Slack has all of the benefits associated with real-time communication, with notifications being sent in real-time, and thematic channels providing participants with the ability to have focused discussions. However, due to its limited storage capacity and complex interface, Slack can be challenging for new users, especially those who are managing large amounts of data. 

ClickUp 

This software helps simplify the management of projects and tasks with its drag-and-drop capabilities, collaborative document creation, and visual workflows. With ClickUp, you'll be able to customise the workflow using drag-and-drop functionality.

Incorporating tools like Zapier or Make into the processes enhances automation, while their flexibility makes it possible for people's business to tailor their processes precisely to their requirements. Even so, ClickUp's extensive feature set involves a steep learning curve. The software may slow down their productivity occasionally due to performance lags, but that does not affect its appeal. 

Zoom 

With Zoom, a global leader in video conferencing, remote communication becomes easier than ever before. It enables large-scale meetings, webinars, and breakout sessions, while providing features such as call recording, screen sharing, and attendance tracking, making it ideal for remote work. 

It is a popular choice because of its reliability and ease of use for both businesses and educational institutions, but also because its free version limits meetings to around 40 minutes, and its extensive capabilities can be a bit confusing for those who have never used it before. As digital tools with a strong focus on privacy are becoming increasingly popular, they are also part of a wider reevaluation of how data is managed in a modern digital ecosystem, both personally and professionally. 

By switching from default reliance on Google's services, not only are people reducing their exposure to extensive data collection, but they are also encouraging people to adopt platforms that emphasise security, transparency, and user autonomy. Individuals can greatly reduce the risks associated with online tracking, targeted advertising, and potential data breaches by implementing alternatives such as encrypted e-mail, secure calendars, and privacy-oriented browsers. 

Among the collaboration and productivity solutions that organisations can incorporate are Microsoft Teams, Zoho Workplace, ClickUp, and Slack. These products can enhance workflow efficiency and allow them to maintain a greater level of control over sensitive information while reducing the risk of security breaches.

In addition to offline backups and encrypted cloud storage, complementary measures, such as ensuring app permissions are audited carefully, strengthen data resilience and continuity in the face of cyber threats. In addition to providing greater levels of security, these alternative software solutions are typically more flexible, interoperable, and user-centred, making them more effective for teams to streamline communication and project management. 

With digital dependence continuing to grow, deciding to choose privacy-first solutions is more than simply a precaution; rather, it is a strategic choice that safeguards both an individual's digital assets as well as an organisation's in order to cultivate a more secure, responsible, and informed online presence as a whole.

Featured