Samsung and Korean telecom firm KT announced today that the LTE-Railway (LTE-R) network for the new Wonju-Gangneung high-speed train line is now live. The
By Tessa Lyons, Product Manager Facebook is about connecting you to the people that matter most. And discussing the news can be one way to start a meaningful conversation with friends or family. It’s why helping to ensure that you get accurate information on Facebook is so important to us. Today, we’re announcing two changes […]
You can do a lot in 90 seconds—make a paper airplane, brush your teeth, or put on sunscreen. And with EDU in 90, you can also get Google for Education updates.
Earlier this year, we heard from countless educators, school leaders and administrators that they wanted to keep up with the latest from Google for Education. To keep our updates quick and concise, we created EDU in 90, a video series that highlights the best of our education products and programs—all in a succinct format. Throughout season one, we’ve focused on everything from quizzes in Google Forms to online safety to using Google Keep in the classroom.
In January, we’ll be back for season two of EDU in 90. And based on feedback from hundreds of educators, we’re increasing our episode frequency and will kick things off with episodes on engaging guardians of students with G Suite and using Google Classroom for differentiated instruction.
Editor’s note: Earlier this year, Made with Code teamed up with Snap Inc. to host #MyFutureMe, a competition for teens to code their own Snapchat geofilters and write their vision for the future. 22,000 teens submitted designs and shared their visions, and Zoe Lynch—a ninth-grader from South Orange, NJ—was recently named the winner by a panel of judges, including Malala Yousafzai, Lilly Singh, Snap CEO Evan Spiegel and our own CFO Ruth Porat. We chatted with Zoe about her experience, how she made her filter, and why it’s important for more girls to get into coding.
What was the inspiration behind your filter?
The brain has fascinated me since I was younger—it’s where creativity and ideas come from so I wanted to use that. The coding project had peace signs, so I had the idea to manipulate the peace signs to look like a brain. The idea for my filter was what can happen when everyone puts their brain power together. When we do that, we are unstoppable.
After you became a finalist, you attended TEDWomen. What was that like?
It was crazy inspiring. It showed me how many powerful and cool women are out there opening paths for girls like me. I got to meet the other finalists, and we created a group chat on Snap, so that we can follow each other and stay connected. We’ve been each other’s biggest cheerleaders. All these girls are going to do awesome things. Tech mogul alert!
How did you feel when you found out that you were selected as the final winner?
I couldn’t believe it! Everyone was so talented and worked hard, but I was so happy that my ideas and creativity were recognized. To win a trip to visit Google and Snapchat was like a dream!
What advice do you have for other girls who want to learn how to code?
I know a lot of girls who think they’re not good at this kind of stuff, but most of them haven’t even tried it. So you have to try it because otherwise you won’t know if you’ll like it. I loved #MyFutureMe because teens are really into Snapchat and the different filters you can use. When you have an opportunity to make a filter, you realize that coding is behind it all.
My vision for the future is one where innovation is accessible to all. As a multiracial girl, I believe it’s important for everyone to be included.
Excerpt from Zoe’s vision for the future
You care a lot about inclusion—have you faced situations when inclusion has been a challenge?
When I go to camps or explore things in the engineering field, I’m often the only girl and the only person of color. Usually all the guys go together and it’s kind of discouraging, but I want to try to change that for other girls, so we don’t have to feel this way anymore.
What do you like to do outside of school?
I love to play video games—my favorite is “Uncharted”—but many of them are not really targeted to women. For women, the game is fun but you know deep down that it’s not really made for you. If I was going to make a video game, it would be an engineering game but you’re helping people. Say you want to build a bridge in the game, you’d need to use mathematics and engineering to make it work.
Who are your role models?
My mom. Hands down. She’s a Hispanic woman and and there are only white males at her level at her company, which is where my passion for inclusion started. She’s also pushed me and has always supported me.
You recently visited Snapchat and Google. What was the coolest part of the tour?
Beside the amazing offices (free food!), the coolest part was meeting the engineers. I was so inspired by their journeys and how different they all were. One was an actress, the other a gamer and the other wasn’t even sure of her major until she took her first CS class in college. It showed me that there are many paths to getting into tech.
If you could have any job at Google, what would it be?
I’d want to be an engineer in artificial intelligence—I think that technology and machine learning could change the world. I’d like to see more women and people of color in the field, too.
What do you think the future will look like when you’re 30?
I’m hoping that in the future, everyone works together. And it’ll be cool to live through new technology breakthroughs!
Posted by Gian G Spicuzza, Android Security team
Android Oreo is stuffed full of security enhancements. Over the past few months,
we’ve covered how we’ve improved the security of the Android platform and its
applications: from making
it safer to get apps, dropping insecure
network protocols, providing more user
control over identifiers, hardening
the kernel, making
Android easier to update, all the way to doubling
the Android Security Rewards payouts. Now that Oreo is out the door, let’s
take a look at all the goodness inside.
Expanding support for hardware security
Android already supports Verified Boot,
which is designed to prevent devices from booting up with software that has been
tampered with. In Android Oreo, we added a reference implementation for Verified
Boot running with Project
Treble, called Android Verified Boot 2.0 (AVB). AVB has a couple of cool
features to make updates easier and more secure, such as a common footer format
and rollback protection. Rollback protection is designed to prevent a device to
boot if downgraded to an older OS version, which could be vulnerable to an
exploit. To do this, the devices save the OS version using either special
hardware or by having the Trusted Execution Environment (TEE) sign the data.
Pixel 2 and Pixel 2 XL come with this protection and we recommend all device
manufacturers add this feature to their new devices.
Oreo also includes the new OEM
Lock Hardware Abstraction Layer (HAL) that gives device manufacturers more
flexibility for how they protect whether a device is locked, unlocked, or
unlockable. For example, the new Pixel phones use this HAL to pass commands to
the bootloader. The bootloader analyzes these commands the next time the device
boots and determines if changes to the locks, which are securely stored in
Replay Protected Memory Block (RPMB), should happen. If your device is stolen,
these safeguards are designed to prevent your device from being reset and to
keep your data secure. This new HAL even supports moving the lock state to
Speaking of hardware, we’ve invested support in tamper-resistant hardware, such
as the security
module found in every Pixel 2 and Pixel 2 XL. This physical chip prevents
many software and hardware attacks and is also resistant to physical penetration
attacks. The security module prevents deriving the encryption key without the
device’s passcode and limits the rate of unlock attempts, which makes many
attacks infeasible due to time restrictions.
While the new Pixel devices have the special security module, all new GMS devices shipping with Android Oreo
are required to implement key
attestation. This provides a mechanism for strongly attesting
IDs such as hardware identifiers.
We added new features for enterprise-managed devices as well. In work profiles,
encryption keys are now ejected from RAM when the profile is off or when your
company’s admin remotely locks the profile. This helps secure enterprise data at
Platform hardening and process isolation
As part of Project
Treble, the Android framework was re-architected to make updates easier and
less costly for device manufacturers. This separation of platform and
vendor-code was also designed to improve security. Following the principle of
least privilege, these HALs run in their own
sandbox and only have access to the drivers and permissions that are
Continuing with the media
stack hardening in Android Nougat, most direct hardware access has been
removed from the media frameworks in Oreo resulting in better isolation.
Furthermore, we’ve enabled Control Flow Integrity (CFI) across all media
components. Most vulnerabilities today are exploited by subverting the normal
control flow of an application, instead changing them to perform arbitrary
malicious activities with all the privileges of the exploited application. CFI
is a robust security mechanism that disallows arbitrary changes to the original
control flow graph of a compiled binary, making it significantly harder to
perform such attacks.
In addition to these architecture changes and CFI, Android Oreo comes with a
feast of other tasty platform security enhancements:
filtering: makes some unused syscalls unavailable to apps so that
they can’t be exploited by potentially harmful apps.
usercopy: A recent survey
of security bugs on Android
revealed that invalid or missing bounds checking was seen in approximately 45%
of kernel vulnerabilities. We’ve backported a bounds checking feature to Android
kernels 3.18 and above, which makes exploitation harder while also helping
developers spot issues and fix bugs in their code.
- Privileged Access Never (PAN) emulation: Also backported to
3.18 kernels and above, this feature prohibits the kernel from accessing user
space directly and ensures developers utilize the hardened functions to access
- Kernel Address Space Layout Randomization (KASLR):
Although Android has supported userspace Address Space Layout Randomization
(ASLR) for years, we’ve backported KASLR to help mitigate vulnerabilities on
Android kernels 4.4 and newer. KASLR works by randomizing the location where
kernel code is loaded on each boot, making code reuse attacks probabilistic and
therefore more difficult to carry out, especially remotely.
App security and device identifier changes
Instant Apps run in a restricted sandbox which limits permissions and
capabilities such as reading the on-device app list or transmitting cleartext
traffic. Although introduced during the Android Oreo release, Instant Apps
supports devices running Android Lollipop and
In order to handle untrusted content more safely, we’ve isolated
WebView by splitting the rendering engine into a separate process and
running it within an isolated sandbox that restricts its resources. WebView also
supports Safe Browsing to protect
against potentially dangerous sites.
Lastly, we’ve made significant
changes to device identifiers to give users more control, including:
- Moving the static Android ID and Widevine values to an
app-specific value, which helps limit the use of device-scoped non-resettable
- In accordance with IETF RFC 7844
net.hostnameis now empty and the DHCP client no
longer sends a hostname.
- For apps that require a device ID, we’ve built a
Build.getSerial()and protected it behind a permission.
- Alongside security researchers1, we designed a robust MAC address
randomization for Wi-Fi scan traffic in various chipsets firmware.
Android Oreo brings in all of these improvements, and many more. As always, we
appreciate feedback and welcome suggestions for how we can improve Android.
Contact us at firstname.lastname@example.org.
1: Glenn Wilkinson and team at Sensepost, UK, Célestin Matte, Mathieu Cunche:
University of Lyon, INSA-Lyon, CITI Lab, Inria Privatics, Mathy Vanhoef, KU
It’s usually pretty easy to flip a light switch. But when you’re out at night and realize your dog is sitting at home in the dark, or want to set mood lighting for movie night from the comfort of the couch, it’d be nice to have some help. The Assistant on your phone or smart speaker, like Google Home, can help you control your home—whether it’s turning on the lights or turning up the heat—with more than 1,000 compatible devices.
- Let’s start with the basics: Lights. C by GE bulbs are now compatible with Google Assistant. So you can light up, turn off or dim the lights in your home from any room. Setup is easy so you can set the right mood in every room of your home.
- Find the perfect temperature. Winter is just a day away and with the Google Assistant and ecobee or Nest, you can make sure your home is just the right toasty temperature. And, if you like to have a fan on year round, Bond can help you control your fan.
- Keep your kitchen under control. With Smarter, you can control your kettle, while Whirlpool takes care of your microwaves and ovens, so you can make sure your drinks and food are served a temperature that’s just right.
- Washers, dryers, refrigerators and more. LG can help you keep tabs on your home appliances, so you can see when the washer is done, or get an alert when your fridge door is left open. Plus you can connect with ranges, vacuums, air conditioners and more!
- Keep an eye on your home. It’s easy to get a full screen view of what’s happening around the home with Google Home, Chromecast and your connected cameras, like Logitech Circle. Just ask your Assistant “Ok Google, show the nursery on my TV.”
Pro-tip: Since it’s the holiday season, don’t forget that you can use your smart plugs like Insignia, Caséta by Lutron and TP-Link, to help bring holiday cheer to your home! Just connect these smart plugs to your holiday lights and you can easily turn them on and off, so no more crawling around a tree or accidentally leaving your lights on during the day.
And these are just a few of the new integrations. There are lots more ways to control your compatible lights, thermostats, cameras and more, right with your Google Assistant. Check out the ever-growing list.
During crises like Hurricane Irma or the Santa Rosa fires, local reporters are often the first on the scene and capture critical coverage. They have in-depth knowledge of the community and its landmarks, providing insights and context to these breaking news events.
When Hurricane Irma was approaching Miami, the reporting team at the Miami Herald was ready to cover the storm, with journalists posted up at the office, and others positioned in the field. Tim Grieve, Vice President of News at McClatchy, says that was only half the job. “We needed to make sure this life-saving information got in front of readers, too. So we worked to take advantage of all the Google tools available to maximize our reach. The results were incredible—huge bursts of traffic on Play Newsstand and double the usual readership to the Miami Herald site.”
We needed to make sure this life-saving information got in front of readers, too. So we worked to take advantage of all the Google tools available to maximize our reach.
Vice President of News, McClatchy
When news is breaking, every minute of your newsroom’s time matters. So we want to make sure you’re set up and ready to go across Google products in the case of a crisis hitting your local community. We’ve created a checklist to help ensure your stories reach the biggest possible audience from Google’s platforms like Search, Google News and Google Play Newsstand—and that you’re aware of the array of tools that can help you report on breaking news.
These suggestions include best practices to implement in advance of a breaking news event, as well as steps to take the moment an event happens—helping your reporters tell the important stories, while making it easy for local and national audiences to find them.
In preparation for a breaking local news event:
- Create an edition in Google Play Newsstand: Google Play Newsstand is a news and magazine reading app with more than 100 million monthly active users. Readers get a customized stream of news that gets better as they use it, and can subscribe to specific publishers and topics of interest. Set up and publish your local editions on Google Play Newsstand to distribute your content to additional readers.
- Check your presence in Google News: Google drives more than 10 billion clicks a month to news sites, and Google News is a key piece of this process. Google News data feeds into many of our other tools, such as Google Search and Google Finance. Check that your local sites are included in Google News, and if not, start the application process. Once you’ve done so, learn more about additional Google News features like Editors’ Picks. With Editors’ Picks, your editors can choose what stories they’d like to highlight, and these stories could potentially appear right on the Google News homepage.
- Leverage the speed of AMP: More than 50% of people abandon a page that takes more than three seconds to load, and mobile pagespeed is even more critical for users during times of crisis. With AMP, your mobile articles are consistently fast, easy-to-read and high-performing across devices and distribution platforms. AMP pages load four times faster—in less than one second when referred from Google Search. Learn the basics of AMP and how to implement AMP on your site.
- Create a presence on YouTube: Each day more than 5 million hours of news content is consumed on YouTube. Establish your presence by creating YouTube channels for your sites. It’s important to upload your top video content right away, and to always include location and descriptive information so your videos can be found easily.
When a breaking local news event occurs:
- Maximize your potential audience: If you have a paywall, consider removing it during the breaking news event so those in the community can access the stories and information you’re writing. It’s in these crucial times of need that local media can really show their value to the community they report on, giving publishers the opportunity to turn that casual reader into a loyal subscriber after the event.
- Build a monetization strategy with an influx of traffic in mind: As you see your traffic increase during the breaking news event, you need a strategy in place to monetize the additional impressions. For example, if you use Doubleclick AdExchange, consider lowering your CPM thresholds to sell more impressions and drive revenue.
- Add Fact Check markup to your debunking articles: During breaking news, there’s a thirst for cold hard facts, yet as events unfold, these facts can take time to emerge. If your team debunks any misinformation being circulated about a breaking news event, we recommend adding the Fact Check markup. Implementing the Fact Check markup will label and highlight your article on Google properties as “fact check,” meaning that particular article is fact checking another article or statement.
- Implement the Google News standout tag: Adding the standout tag to your articles gives our algorithm a signal that you’ve published a critical local story, and increases the likelihood the article will appear with the “Featured” label in Google News. We recommend using the standout tag to flag your top local content (up to seven articles per week) for breaking news events.
- Building on your YouTube audience: Upload content quickly on your YouTube channel, provide strong metadata, and create new videos to provide updates on the story. We also recommend that you create a playlist for the event, so people can more easily discover and browse your event-specific videos.
- Use Google Trends Local to understand what your community is looking for: Search trends data can be really useful to give you a view into what your local community is concerned about or focused on—whether readers are looking for sandbag stations or evacuation sites. Check out the Google Trends site for recent search trends data.
- Incorporate Google Maps and Earth imagery into your stories to help readers: Create your own emergency maps (like this Google My Map from CAL FIRE), and sign up to receive fresh satellite imagery to show before and after views of an affected area.
As your team uses these tips, we’d love to hear firsthand feedback and examples, which you can send to email@example.com.
Do you hear what I hear? It’s the sound of wrapping last minute-gifts and packing suitcases for those who are heading home for the holidays. There’s no place quite like home during this joyous, hectic time of year, and our friends at Refinery29 are recording daily podcasts—available exclusively via the Assistant on Google Home—until Christmas to help you through the holiday festivities at home.
You’ll need a Google Home, Google Home Mini or Google Home Max to listen to the podcast version, but you can also check out written posts on Refinery29.com. Here are a few of our favorite topics so far:
- Five pieces of advice for when a family dinner turns stressful
- Everything’s better with cookies—grab a family member and try out some of these cookie recipes.
- While the cookies are baking, gather everyone for a holiday movie (but we can’t help you with the inevitable fight over the best spot on the couch).
- If you’re on the hook for gifts for family members, here are a few tips to help you save some cash.
Just say, “Hey Google, play Home for the Holidays by Refinery29” to tune in.
Posted by Edward Cunningham, Product Manager, Android
[Edit: Updated post on Dec 21 to clarify that when the
64-bit requirement is introduced in August 2019, 32-bit support is not going
away. Apps that include a 32-bit library just need to have a 64-bit version
Google Play powers billions of app installs and updates annually. We
relentlessly focus on security and performance to ensure everyone has a positive
experience discovering and installing apps and games they love. Today we’re
giving Android developers a heads-up about three changes designed to support
these goals, as well as explaining the reasons for each change, and how they
will help make Android devices even more secure and performant for the long
- In the second half of 2018, Play will require that new apps and app updates
target a recent Android API level. This will be required for new apps in
August 2018, and for updates to existing apps in
November 2018. This is to ensure apps are built on the latest
APIs optimized for security and performance.
- In August 2019, Play will require that new apps and app
updates with native libraries provide 64-bit versions in addition to their
- Additionally, in early 2018, Play will start adding a small amount of
security metadata on top of each APK to further verify app authenticity. You do
not need to take any action for this change.
We deeply appreciate our developer ecosystem, and so hope this long advance
notice is helpful in planning your app releases. We will continue to provide
reminders and share developer resources as key dates approach to help you
Target API level requirement from late 2018
API behavior changes advance the security and privacy protections of Android –
helping developers secure their apps and protecting people from malware. Here
are a few such changes from recent platform versions:
- Implicit intents for bindService() no longer supported (Android
- Runtime permissions (Android
- User-added CAs not trusted by default for secure connections (Android
- Apps can’t access user accounts without explicit user approval (Android
Many of these changes only apply to apps that explicitly declare their support
for new API behaviors, through the
manifest attribute. For example, only apps with a
targetSdkVersion of 23
(the API level of Android 6.0) or higher give the user full control over what
private data – such as contacts or location – the app can access via runtime
permissions. Similarly, recent releases include user experience improvements
that prevent apps from accidentally overusing resources like battery and memory;
execution limits is a good example of this type of improvement.
In order to provide users with the best Android experience possible, the Google
Play Console will require that apps target a recent API level:
- August 2018: New apps required to target API level 26
(Android 8.0) or higher.
- November 2018: Updates to existing apps required to target
API level 26 or higher.
- 2019 onwards: Each year the
will advance. Within one year following each Android dessert release, new apps
and app updates will need to target the corresponding API level or
Existing apps that are not receiving updates are unaffected. Developers remain
free to use a
of their choice, so there is no change to your ability to build apps for older
Android versions. We encourage developers to provide backwards compatibility as
far as reasonably possible. Future Android versions will also restrict apps that
don’t target a recent API level and adversely impact performance or security. We
want to proactively reduce fragmentation in the app ecosystem and ensure apps
are secure and performant while providing developers with a long window and
plenty of notice in order to plan ahead.
This year we released Android Oreo, the most secure and best performing version
of Android yet, and we introduced Project
Treble to help the latest releases reach devices faster. Get started
building apps that target Android 8.1 Oreo
64-bit support requirement in 2019
Platform support for 64-bit architectures was introduced in Android 5.0. Today,
over 40% of Android devices coming online have 64-bit support, while still
maintaining 32-bit compatibility. For apps that use native libraries, 64-bit
code typically offers significantly better performance, with additional
registers and new instructions.
In anticipation of future Android devices that support 64-bit code only, the
Play Console will require that new apps and app updates with native libraries
provide 64-bit versions in addition to their 32-bit versions. This can be within
a single APK or as one of the multiple APKs published.
We are not removing 32-bit support. Google Play will continue to support 32-bit
apps and devices. Apps that do not include native code are unaffected.
This change will come into effect in August 2019. We’re providing advance notice
today to allow plenty of time for developers who don’t yet support 64-bit to
plan the transition. Stay tuned for a future post in which we’ll take an
in-depth look at the performance benefits of 64-bit native libraries on Android,
and check out the CPUs and
Architectures guide of the NDK for more info.
Security metadata in early 2018
Next year we’ll begin adding a small amount of security metadata on top of each
APK to verify that it was officially distributed by Google Play. Often when you
buy a physical product, you’ll find an official label or a badge which signifies
the product’s authenticity. The metadata we’re adding to APKs is like a Play
badge of authenticity for your Android app.
No action is needed by developers or users. We’ll adjust Play’s maximum APK size
to take into account the small metadata addition, which is inserted into the APK Signing Block
and does not alter the functionality of your app. In addition to enhancing the
integrity of Play’s mobile app ecosystem, this metadata will enable new
distribution opportunities for developers in the future and help more people
keep their apps up to date.
2017 has been a fantastic year for developers who have seen growth and success
on Google Play. We’ve been hard at work on features (including those announced
2017 and at Playtime)
to help you improve your app quality and business performance. With these
features and the upcoming updates, we hope to see the Android and Play ecosystem
continue to thrive in 2018 and beyond.
How useful did you find this blogpost?
Enterprise devices regularly access mission-critical data and are a key conduit for company communications. To ensure that organizations can power their mobility efforts with great features and security, Android offers managed device and work profile modes for mobile management.
Many organizations, however, are still using the Device Administration API, which was made available for developers in Android 2.2. When it was first released in 2010, device admin API provided enterprises with a reliable support system for enterprise applications. Since then, the needs of businesses have grown to require more vigorous management and security requirements.
Managing personal and company-owned devices
In Android 5.0, we created managed device (device owner) and work profile (profile owner) modes, which match the security needs of organizations that manage mobile devices. These are feature-rich and secure ways to manage devices. Most organizations are now using these modes to manage mobile devices, and we’re encouraging all organizations to make the switch.
We understand that for some organizations this switch may take time so we will have developed an extended timeline for the transition. Device admin API will be supported through Android Oreo and existing functionality will continue to be available in the next major Android release, though device admin APIs for password enforcement will no longer be supported. In the following Android release, expected in 2019, the APIs for password enforcement will no longer be available. We strongly recommend that businesses plan to move to work profile and managed device APIs. By sharing this update early, we aim to provide companies with sufficient time to migrate existing devices or start fresh as new ones are added to their fleet.
Non-enterprise device management
Some of the device admin APIs are used for non-enterprise device management, like Find My Device, which enables locking and wiping a lost phone. APIs commonly used by these applications will not be affected. Please see the developer migration guide for details on the specific changes.
Making the transition to work profiles or managed devices
For those currently using device admin, there are two strategies available to move to Android’s management APIs. Both options require companies to have an EMM provider that supports either Android’s work profile or managed device mode.
For personal devices used by employees for work, we recommend using the work profile. Migration from a legacy device admin to the work profile can be done with minimal disruption. This can be handled either by enabling personal devices to install a work profile, or by having new devices enroll with a work profile as existing devices phase out of the fleet.
We recommend that company-owned devices be set up as managed devices. Migrating a device from device admin to managed device requires a factory reset, so we recommend a phased adoption, where new devices are enrolled as managed devices while existing devices are left on device admin. New users and new devices should be configured with the new management modes as they are enrolled. Then, older device admin devices can be aged out of the fleet through natural attrition. We recommend that you begin to enroll all new company-owned devices running the major Android release after Oreo as managed devices, in preparation for the removal in the release after that.
Major mobility transitions are typically a large and important undertaking but we know that the needs of companies will be better served with the modern capabilities of Android’s managed device and work profile modes. For specific implementation details, see our developer migration guide.
By Antigone Davis, Global Head of Safety Today we are announcing new tools to prevent harassment on Facebook and in Messenger – part of our ongoing efforts to build a safe community. Based on feedback from people who use Facebook, as well as organizations representing groups who disproportionately experience harassment like women and journalists, we […]
By Joaquin Quiñonero Candela, Director, Applied Machine Learning Today we’re announcing new, optional tools to help people better manage their identity on Facebook using face recognition. Powered by the same technology we’ve used to suggest friends you may want to tag in photos or videos, these new features help you find photos that you’re not […]