Google Chrome, The Storage Hoarder

Background

Here is Wikipedia’s definition of a Hoarder :-

Compulsive hoarding, also known as hoarding disorder, is a behavioral pattern characterized by excessive acquisition of and an inability or unwillingness to discard large quantities of objects that cover the living areas of the home and cause significant distress or impairment.

Troubleshooting

SpaceSniffer

Ran SpaceSniffer and quite a bit of storage is accosted to Google Chrome.

spaceSniffer.20190425.0414PM.PNG

Command Shell

Launch Command Shell in Administrator mode.

Google’s cache is stored under %HOMEDRIVE%%HOMEPATH%\AppData\Local\Google\Chrome\User Data.

Please navigate to that folder and confirm the files and sizes.

Dir

Please issue something like

Command


dir "%HOMEDRIVE%%HOMEPATH%\AppData\Local\Google\Chrome\"User Data"\

Output

dir.20190425.0347PM

Interpretation

Took the ugly final size of 100,781,865,625 bytes to Goggle and converted it to a more human friendly number.

google.bytes.to.GB.20190425.0348PM

So here we are 100 GB.

Remediationdir.20190425.0347PM.PNG

Script

DOS Batch


@echo off
setlocal

set "_delApp=del"
set "_delOption=/F /S /Q"

set "_userData=%HOMEDRIVE%%HOMEPATH%\AppData\Local\Google\Chrome\User Data\"

echo %_userData%

%_delApp% "%_userData%" %_delOption% 

endlocal

Output

pruneFiles.20190425.0405PM.PNG

Summary

Once the script completes, you may have to close out running Chrome Sessions or reload them to adjust for loss of cache.

Google – Chrome – Notifications

Background

Quite a bit of web sites prompts visitors for their acquiescence to receiving notifications.

 

Sample Notifications

Here are some sample notifications

androidcentral.com

chrome.notifications.20190324.0931AM

 

Distracting

Receiving and deciding whether to say Yes or No can take one from what he or she wants to do.

Remediation

Outline

  1. Launch Google Chrome
  2. Access Settings
    • From the top menu bar, please click the notifications.desktop.settings.menu.20190324.1040AM button
    • From the drop down menu, please choose the Settings option
  3. Settings Window
    • Advance Setting
      • Please scroll to the bottom of the Settings window
      • Access Advanced Setting by clicking on the down arrow
    • Privacy & Security
      • Please click on the right arrow next to Site Settings
    • Site Settings
      • The Site Settings window appears
      • Please click on the arrow ( contentSettings.rightArrow.20190324.1050AM.png) to the right of the “Notifications”
    • Content Setting – Notifications
      • Asked Before Sending
        • The default choice is to “Ask Before Sending”
        • Opt Out
          • If you see that reading and decide to opt out of receiving all notifications, please move the dial to the left.
          • The text will now read Blocked
      • Block
        • The sites you have indicated you will like to “opt out of” are listed
        • To adjust a site setting, please click on the contentSettings.notifications.arrow.20190324.1106AMbutton
      • Allow
        • Allowed
          • Sites you have explicitly allowed are listed
        • Extensions
          • Also listed are sites that you have implicitly agreed to based on extensions you have installed and enabled

 

Images

Image – Settings

settings.advanced.20190324.1043AM

Image – Content Settings

Access

contentSettings.20190324.1049AM

Settings – Content

contentSettings.notifications.20190324.1052AM

 

Settings – Content – Notifications

contentSettings.notifications.20190324.1056AM.png

 

Summary

Now that you have a bit of knowledge about how to access Google’s Chrome Notifications settings, please feel free to take the shortcuts listed below :-

  1. Access Notifications
    • chrome://settings/content/notifications
      Link
    • To completely block future ask per notifications
      • Blocked
        • Ensure that the Blocked dial has been moved to the left

 

References

  1. Google – Chrome
    • Notifications
      • Turn Notifications On or Off
        Link

 

Lily Hay Newman :- How Google’s Safe Browsing Helped Build a More Secure Web

Background

Lily Hay Newman writing for the Wired has an Interesting Story on Google’s Safe Browsing.

The story is here.

Casey Chin

In the beginning there was phone phreaking and worms. Then came spam and pop ups. And none of it was good. But in the nascent decades of the internet, digital networks were detached and isolated enough that the average user could mostly avoid the nastiest stuff. By the early 2000s, though, those walls started coming down, and digital crime boomed.

Google, which will turn 20 in September, grew up during this transition. And as its search platform spawned interconnected products like ad distribution and email hosting, the company realized its users and everyone on the web faced an escalation of online scams and abuse. So in 2005, a small team within Google started a project aimed at flagging possible social engineering attacks—warning users when a webpage might be trying to trick them into doing something detrimental.

A year later, the group expanded its scope, working to flag links and sites that might be distributing malware. Google began incorporating these anti-abuse tools into its own products, but also made them available to outside developers. By 2007, the service had a name: Safe Browsing. And what began as a shot in the dark would go on to fundamentally change security on the internet.

You’ve been protected by Safe Browsing even if you haven’t realized it. When you load a page in most popular browsers or choose an app from the Google Play Store, Safe Browsing is working behind the scenes to check for malicious behavior and notify you of anything that might be amiss. But setting up such a massive vetting system at the scale of the web isn’t easy. And Safe Browsing has always grappled with a core security challenge—how to flag and block bad things without mislabeling legitimate activity or letting anything malicious slip through. While that problem isn’t completely solved, Safe Browsing has become a stalwart of the web. It underlies user security in all of Google’s major platforms—including Chrome, Android, AdSense, and Gmail—and runs on more than 3 billion devices worldwide.

In the words of nine Google engineers who have worked on Safe Browsing, from original team members to recent additions, here’s the story of how the product was built, and how it became such a ubiquitous protective force online.

Niels Provos, a distinguished engineer at Google and one of the founding members of Safe Browsing: I first started working on denial of service defense for Google in 2003, and then late in 2005 there was this other engineer at Google called Fritz Schneider who was actually one of the very first people on the security team. He was saying, ‘Hey Niels, this phishing is really becoming a problem, we should be doing something about it.’ He had started to get one or two engineers interested part time, and we figured out that the first problem that we should be solving was not actually trying to figure out what is a phishing page, but rather how do we present this to the user in a way that makes sense to them? So that started the very early phishing team.

One of the trends that we had observed was the bad guys figured out that just compromising other web servers actually doesn’t really give you all that much. What they were getting was essentially bandwidth, but not a lot of interesting data. So then they turned to their compromised web servers that got lots and lots of visitors, and it was like, ‘How about we compromise those people with downloads?’ So there was a change in malicious behavior.

We were already working on phishing, and I thought, you know, the malware thing may be even a larger problem. And we’re sort of uniquely positioned, because with the Google search crawler we have all this visibility into the web. So then we started with phishing and malware, and Safe Browsing came together that way.

Panos Mavrommatis, Engineering Director of Safe Browsing: Safe Browsing started as an anti-phishing plugin for Mozilla Firefox, since this was 2005 and Google didn’t have its own browser then. When I joined in 2006, the team lead at the time was Niels, and he wanted us to expand and protect users not just from phishing but also from malware. So that was my initial project—which I haven’t finished yet.

‘But we did not really conceive that 10 years later we would be on 3 billion devices. That’s actually a little bit scary.’

Niels Provos, Google

The goal was to crawl the web and protect users of Google’s main product, which was Search, from links that could point them to sites that could harm their computer. So that was the second product of Safe Browsing after the anti-phishing plugin, and the user would see labels on malicious search results. Then if you did click on it you would get an additional warning from the search experience that would tell you that this site might harm your computer.

One interesting thing that happened was related to how we communicated with web masters who were affected by Safe Browsing alerts. Because very quickly when we started looking into the problem of how users might be exposed to malware on the web, we realized that a lot of it came from websites that were actually benign, but were compromised and started delivering malware via exploits. The site owners or administrators typically did not realize that this was happening.

In our first interactions with web masters they would often be surprised. So we started building tools dedicated to web masters, now called Search Console. The basic feature was that we would try to guide the web master to the reason that their website was infected, or if we didn’t know the exact reason we would at least tell them which pages on their server were distributing malware, or we would show them a snippet of code that was injected into their site.

Provos: We got a lot of skepticism, like ‘Niels, you can’t tell me that you’re just doing this for the benefit of web users, right? There must be an angle for Google as well.’ Then we articulated this narrative that if the web is safer for our users, then that will benefit Google, because people will use our products more often.

But we did not really conceive that 10 years later we would be on 3 billion devices. That’s actually a little bit scary. There’s a sense of huge responsibility that billions of people rely on the service we provide, and if we don’t do a good job at detection then they get exposed to malicious content.

Mavrommatis: Around 2008 we started building an engine that ran every page Google already fetched, to evaluate how the page behaved. This was only possible because of Google’s internal cloud infrastructure. That was part of why Google was able to do a lot of innovation at the time, we had this extremely open infrastructure internally where you could use any unused resources, and do things like run a malicious detection engine on the full web.

Moheeb Abu Rajab, Principal Engineer at Safe Browsing: Coming from graduate school, I had been trying to build this type of system on a couple of machines, so I was spending lots of time trying to set that up. And it’s just minimum effort at Google to run on a huge scale.

Mavrommatis: The other thing we developed at the same time was a slower but deeper scanner that loaded web pages in a real browser, which is more resource-intensive than the other work we had been doing that just tested each component of a site. And having those two systems allowed us to build our first machine learning classifier. The deeper crawling service would provide training data for the lightweight engine, so it could learn to identify which sites are the most likely to be malicious and need a deep scan. Because even at Google-scale we could not crawl the whole search index with a real browser.

Noé Lutz, Google AI engineer, formerly Safe Browsing: Around the same time, in 2009, we worked on machine learning for phishing as well. And this was a pretty scary moment for the team because up until then we used machine learning as a filtering function, to figure out where to focus this heavy weight computing resource, but this was the first time we actually decided something was phishing or malicious or harmful or not harmful in a fully automated way.

I remember the day we flipped the switch it was like, now the machine is responsible. That was a big day. And nothing bad happened. But what I do remember is it took extremely long for us to turn that tool on. I think we all expected that it would take a couple of weeks, but it took actually several months to make sure that we were very confident in what we were doing. We were very conscious from the get go how disruptive it can be if we make a mistake.

Provos: The moments that stand out do tend to be the more traumatic ones. There was a large production issue we had in 2009, it was a Saturday morning. We had a number of bugs that came together and we ended up doing a bad configuration push. We labeled every single Google search result as malicious.

Even in 2009 Google was already a prevalent search engine, so this had a fairly major impact on the world. Fortunately our site reliability engineering teams are super on top of these things and the problem got resolved within 15 minutes. But that caused a lot of soul searching and a lot of extra guards and defenses to be put in place, so nothing like that would happen again. But luckily by then we were already at a point where people within Google had realized that Safe Browsing was actually a really important service, which is why we had integrated it into Search in the first place.

Nav Jagpal, Google Software Engineer: In 2008 we integrated Safe Browsing into Chrome, and Chrome represented a big shift, because before with browsers like Internet Explorer, you could easily be on an old version. And there were drive-by downloads exploiting that, where you could go to a website, not click on anything, and walk away with an infection on your computer. But then over time everyone got better at building software. The weakest link was the browser; now it’s the user. Now to get code running on people’s machines, you just ask them. So that’s why Safe Browsing is so crucial.

Mavrommatis: Around 2011 and 2012 we started building even deeper integrations for Google’s platforms, particularly Android and Chrome Extensions and Google Play. And we created unique, distinct teams to go focus on each product integration and work together with the main teams that provided the platforms.

Allison Miller, former Safe Browsing product manager, now at Bank of America (interviewed by WIRED in 2017): Safe Browsing is really behind the scenes. We build infrastructure. We take that information and we push it out to all the products across Google that have any place where there is the potential for the user to stumble across something malicious. People don’t necessarily see that that goes on. We’re a little too quiet about it sometimes.

Fabrice Jaubert, software development manager of Safe Browsing: There were challenges in branching out outside of the web, but there were advantages, too, because we had a little bit more control over the ecosystem, so we could guide it toward safer practices. You can’t dictate what people do with their web pages, but we could say what we thought was acceptable or not in Chrome extensions or in Android apps.

Lutz: There were also some non-technical challenges. Google is a big company, and it can be challenging to collaborate effectively across teams. It’s sometimes hard to realize from the outside, but Chrome is written in a language that is different from a lot of other parts of Google, and they have release processes that are very different. And the same is true for Android, they have a different process of releasing software. So getting everybody aligned and understanding each other, I perceived it as a big hurdle to overcome.

Stephan Somogyi, Google AI product manager, formerly Safe Browsing: This is a very hackneyed cliché so please don’t use it against me, but the whole ‘rising tide lifts all boats’ thing actually really holds true for Safe Browsing. There wasn’t ever any debate that we wanted to expand its reach onto mobile, but we had a profound dilemma, because the amount of data that Safe Browsing used for desktop was an intractable amount for mobile. And we knew that everything that we push down to the mobile device costs the user money, because they’re paying for their data plans. So we wanted to use compression to take the data we already had and make it smaller. And we didn’t want the users to get hosed by five apps each having their own Safe Browsing implementation and all downloading the same data five times. So we said let’s bake it into Android and take the heavy lifting onto ourselves all in one place. It’s been a system service since fall of 2015.

So we built a dead simple API so developers can just say, ‘Hey Android Local System Service, is this URL good or bad?’ We also wanted to write this thing so it wouldn’t unnecessarily spin up the cell modem and eat battery life, because that’s just not nice. So if the network isn’t up anyway, don’t call it up. We just spent an awful lot of effort on implementation for Android. It turned out to be a lot more subtle and nuanced than we first anticipated.

Mavrommatis: The other big effort that our team was involved in around 2013 and 2014 was what we call “unwanted software.” It’s primarily for desktop users, and it’s sort of an adaptation from actors who may have in the past been using just malware techniques, but now they would find that it’s possible to hide malware within software that seems focused on a legitimate function. It was unclear how antivirus companies should label this, and how big companies and browsers should deal with this. But what we focused on was what is the impact on the user?

Around 2014, our data showed that over 40 percent of the complaints that Chrome users reported were related to some sort of software that was running on their device that would impact their browsing experience. It might inject more ads or come bundled with other software they didn’t need, but it was a potentially unwanted program. These practices were causing a lot of problems and we would see a lot of Chrome users downloading these kinds of apps. So we refined our download protection service and also found ways to start warning users about potentially unwanted downloads.

Jagpal: It’s a large responsibility, but it also feels very abstract. You get a warning or alert and you think, ‘Wait a minute, am I protecting myself here?’ But it’s so abstract that if we write code for something concrete, like turning on a light switch at home, it’s like, ‘Whoa, that is so cool. I can see that.’

Jaubert: My 14-year-old definitely takes Safe Browsing for granted. He got a phishing message as an SMS text, so it didn’t go through our systems, and he was shocked. He asked me, ‘Why aren’t you protecting me? I thought this couldn’t happen!’ So I think people are starting to take it for granted in a good way.

Emily Schechter, Chrome Security product manager (former Safe Browsing program manager): You can tell people that they’re secure when they’re on a secure site, but what really matters is that you tell them when they’re not secure, when they’re on a site that is actively doing something wrong.

People should expect that the web is safe and easy to use by default. You shouldn’t have to be a security expert to browse the web, you shouldn’t have to know what phishing is, you shouldn’t have to know what malware is. You should just expect that software is going to tell you when something has gone wrong. That’s what Safe Browsing is trying to do.

 

Phishing Paypal :- chartersports.com

Background

This morning received an obvious phishing email.

Chose to play along and see if it is one already known to Google’s Chrome.

 

Evidence Gathering

Email

Email Folder – Junk Email

Here is what the email looks like:

Email Screen

Email Text

PауРаl PауРаl   Hello,Аs раrt оf оur sесuritу mеаsurеs , wе rеgulаrlу sсrееn асtivitу in thе РауРаl Sуstеm.Wе rесеntlу соntасtеd yоu аftеr nоtiсing аn issuе оn yоur РауРаl . Wе rеquеstеd infоrmаtiоn frоm yоu fоr thе fоllоwing rеаsоn:

Оur systеm dеtесtеd аn аbnormаl issuе in your ассount, wе bеliеvе thеrе might bе а brеасh . in this саsе we nееd to vеrify your ассount. plеаse сliсk on thе link bеlow аnd follow thе stеps for more sесurity еnsurаnсе.
This is thе lаst rеmindеr tо lоg in tо yоur аcсоunt аs sооn аs роssiblе.Oncе yоu lоg in , yоu will bе рrоvidеd with stерs tо rеstоre yоur ассоunt ассеss.

Remove Limitation NowCopyright ©2017 РаyРаl. All rights reserved.Company Limited by Shares. Registered office:Boulevard Royal, M-Luxembourg

 

Website

Followed the trail ( Link ), so you don’t have to …

The URL reads chartersports.com

 

Remediation

  1. Report
    • Report through web site
      • Google
        • Report Phishing Page
      • Symantec
        • Report Phishing Page
    • Report through email
      • Anti-Phishing Working Group
        • Web Site :- Link
        • Email :- reportphishing@apwg.org
      • US – Department of Homeland Security
        • US-Cert
          • Report Phishing Sites
            Web Site :- Link
            Email :- phishing-report@us-cert.gov
      • US – Federal Trade Commision
        • Email :- spam@uce.gov
        • Read more here
      • Apple
        • iCloud
          • Email :- abuse@icloud.com
          • Read more here
      • Amazon
        • Email :- stop-spoofing@amazon.com
        • Read more here

Addendum

Addendum – 2017-10-24

Email Envelope

Email Contents

URLS

  1. http://flyt.it/3nak2kuylcjh?ID=
  2. https://www.settingsmanagement-acc-privacyuser.com/webapps/bdb9a/websrc

 

Summary

Some of these guys are actually smart.

Prayerfully, they will take off the blinders.

Like Jacob Prasch would say “Let the guy go out, learn a trade, and start to make a honest living…become a carpenter” for Christ’s sake.

Randy Treit (MSFT) on 10 seconds

Background

What is 10 seconds to you?

In a blog posting MSFT’s Randy Treit talks about the constraints Microsoft’s places on itself to quickly identify, classify, and get in the way of targeted virus penetration.

 

Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware

Link

For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage. In a recent report, the Federal Trade Commission (FTC) said that cybercriminals will use hacked or stolen information within nine minutes of posting in underground forums. Stopping new malware in real-time is more critical than ever.

Approximately 96% of all malware files detected and blocked by Windows Defender Antivirus (Windows Defender AV) are observed only once on a single computer, demonstrating the polymorphic and targeted nature of modern attacks, and the fragmented state of the threat landscape. Hence, blocking malware at first sight is a critical protection capability.

To fight the speed, scale, and complexity of threats, we work to continually enhance Windows Defender AV and other security features built into Windows 10. In our white paper “The evolution of malware prevention” we discussed our advanced, predictive approach to protecting customers from threats that they face today, as well as those that will emerge in the future.

This blog continues that discussion and provides the first detailed account of one way we improve our capability to stop never-before-seen malware with new enhancements to the Windows Defender Antivirus cloud protection service.

In Windows 10 Creators Update, the Windows Defender AV client uploads suspicious files to the cloud protection service for rapid analysis. Our ability to make a swift assessment of new and unknown files allows us to protect customers from malware the first time we see it.

We have built these enhancements on the next-gen security technologies enabling Windows Defender AV to automatically block most new, never-before-seen threats at first sight using the following methods:

  • Lightweight client-based machine learning models, blocking new and unknown malware
  • Local behavioral analysis, stopping file-based and file-less attacks
  • High-precision antivirus, detecting common malware through generic and heuristic techniques

In relatively rare cases, when Windows Defender AV needs additional intelligence to verify the intent of a suspicious file, it sends metadata to the cloud protection service, which can determine whether the file is safe or malicious within milliseconds using the following techniques:

  • Precise cloud-based machine learning models that can make an accurate assessment based on signals from the client
  • Microsoft Intelligent Security Graph that monitors threat data from a vast network of sensors

In rarer cases still, when Windows Defender AV cloud protection service is unable to reach a conclusive verdict based on metadata, it can request the potential malware sample for further inspection.

In Windows 10 Creators Update, the Windows Defender AV client uploads suspicious files to the cloud protection service for rapid analysis. While waiting for a verdict, the Windows Defender AV client maintains a lock on the dubious files, preventing possible malicious behavior. The Windows Defender AV client then takes action based on the verdict. For example, if the cloud protection service determines the file as malicious, it blocks the file from running, providing instant protection.

Windows Defender Antivirus instant protection from the cloud

Instant protection at work: A few seconds can make a lot of difference in protection

In a recent real-life example, a Windows 10 Home customer was tricked into downloading a new variant of the Ransom:Win32/Spora family of ransomware.

The malware was disguised as a font file with the name “Chrome font.exe”. It was hosted on an online learning website that had been compromised by an attacker, who attempted to trick people into downloading the malware using a social engineering tactic described by Proofpoint in this blog. In this scheme targeting Chrome users, legitimate websites were compromised to open a pop-up window indicating “The ‘HoeflerText’ font wasn’t found”, requiring a supposed update to fix. The customer clicked the “Update” button in the pop-up window, which downloaded the Spora ransomware variant.

The customer’s Windows Defender AV client routinely scanned the file using on-box rules and definitions. Since it had not encountered the file before, Windows Defender AV did not detect it as malicious; however, it recognized the file’s suspicious characteristics, so it temporarily prevented the file from running. The client sent a query to the Windows Defender AV cloud protection service, which used machine-learning-powered cloud rules to confirm that the file was likely malware needing further investigation.

Within 312 milliseconds, the cloud protection service returned an initial assessment. It then instructed the client to send a sample and to continue locking the file until a more definite verdict was given.

In about two seconds, the client finished uploading the sample. By default, it’s set to wait for up to 10 seconds to hear back from the cloud protection service before letting such suspicious files run.

As soon as the sample was uploaded, a backend file-processing system analyzed the sample. A multi-class machine learning classifier determined there was more than a 95% chance that the file was malicious. The cloud protection service created a signature, which it sent back to client. All of this happened in just five seconds.

One second later, the Windows Defender AV client applied the cloud signature and quarantined the malware. It reported the results back to the cloud service; from that point on, this file was automatically blocked, protecting all Windows PC customers.

From the time Windows Defender AV uploaded the sample, the cloud protection service returned the malware signature in just five seconds, as shown by these actual timestamps:

2017-04-20 03:53:21 – Cloud protection service received query from Windows Defender AV client

2017-04-20 03:53:21 – Cloud protection service assessed it hadn’t seen the file and that is was suspicious, so it requested a sample and to keep locking the file

2017-04-20 03:53:23 – Sample finished uploading

2017-04-20 03:53:28 – Cloud protection service determined file as malware, generated signature, and sent that back to client

2017-04-20 03:53:29 – Windows Defender AV client notified that it successfully detected and removed the malware

Stay protected with Windows 10 Creators Update

Our many years of in-depth research into malware, cyberattacks, and cybercriminal operations give us insight into how threats continue to evolve and attempt to slip past security solutions. Guided by expert threat researchers, we use data science, machine learning, automation, and behavioral analysis to improve our detection solutions continuously.

In Windows 10 Creators Update, we rolled out important updates to Windows Defender Antivirus, which uses cloud protection service that delivers real-time protection against threats. With these enhancements, we show our commitment to providing unparalleled real-time defense against modern attacks.

Our ability to make a swift assessment of new and unknown files allows us to protect even would-be patient zero against attacks. More importantly, we use this intelligence to protect the rest of our customers, who may encounter these malware in subsequent attacks or similar threats in other cybercriminal campaigns.

Cloud-based protection is enabled in Windows Defender AV by default. To check that it’s running, launch the Windows Defender Security Center. Go to Settings > Virus & threat protection settings, and make sure that Cloud-based protection and Automatic sample submission are both turned On.

In enterprise environments, cloud protection service can be managed using Group Policy or via the Windows Defender Security Center app.

When enabled, Windows Defender AV locks a suspicious file for 10 seconds by default, while it queries the Windows Defender AV cloud protection service. Administrators can configure Windows Defender AV to extend the timeout period up to one minute to give the cloud service time to perform even more analysis and apply additional techniques to detect new malware.

As the threat landscape continues to move towards more sophisticated attacks and malware campaigns that can achieve their goals in hours instead of days, it is critical to be able to respond to new attacks in real-time. With Windows 10 Creators Update and the investments we’ve made in cloud protection service, we’re able to detect brand new threat families within seconds, protect “patient zero”, and disrupt new malware campaigns before they start.

Randy Treit

Senior Program Manager, Windows Defender Engineering

WordPress – Stats / Search Terms :- “Unknown Search Terms”

 

Background

Occasionally, I review the stats on our WordPress Blog.

It is good way to gauge readership aggregated by Country, Posts, and clicks.

 

Search Tags

Another coverage is the actual Search Tags that brought traffic to the site.

Stats

Stats for 2017-May-31st

Image

Here is the one for today…

Explanation

Just about all entries are marked “Unknown“.

 

Why “Unknown”

Why the opacity in “Search Terms“:

Outline

  1. Privacy
  2. Legal Protection

 

InDepth

Privacy

Search Engines encrypt the search tags entered by their users.  For the sake of privacy and to better protect web users activities, Search Engine providers are moving to encrypt the data entered by users.

They allow end users to enter the search tags, utilize those search tags to find matches, decline to pass them along when users click on links, and save the encrypted version.

Legal Protection

Force Governments & Law Enforcements to request Subpoena Order before handing over Users Search History.

This protects the providers themselves from lawsuits brought by grieved users and shareholders.

 

Vendors

Google, Microsoft, and Yahoo have all transitioned to encrypting search tags and not forwarding it.

Browsers can also be configured not to forward the referrer and search tags.

Search Engines

Bings

  1. Bing Moving to Encrypt Search Traffic by Default
    Duane Forrester, Senior Product Manager – Bing
    Published On :- 2015-Jun-15th
    Link

 

Follow-up

In follow-up posts, will talk about avenues available through Search Providers and WordPress to regain some of these insights.

Chrome on Older OSes ( MS Windows 2003 )

Background

One of the side-effects of auto-updated software such as Google’s Chrome is one no longer has access to the Install Binaries.

If you find yourself needing to download and install Google Chrome on an out of service OS, please take to the Internet and search out an offline installer.

Here are ones I have found for the last available version of Chrome for MS Windows 2003.

BTW, the version for MS Windows 2003 is 49.0.2623.112.

 

Download Links

Version = 49.0.2623.112

Installers

Web Site Write Up Targeted OS Media
offlineinstallerfilehippo.com Link
 x32 Link
 x64
Link
Software Mirrors Link  Link
Filepuma
 x32  Link

 

 

 

Application Files

The media listed here are not the actual installers, but the application files themselves.

 

The app files are bundled into a self ex-tractable exe.

Web Site Write Up
SlimJet  Link

 

 

SlimJet

Here is how SlimJet describes its delivery mechanism:

Link
The old versions of Chrome are packed as 7zip self-extracting executable. Just run the executable and extract the files under any folder on your hard drive. Then launch Google chrome with chrome.exe under the extraction folder.

SlimJet has files for the following OSes:

  • Microsoft ( 32 bit and 64 bit)
  • Linux ( Ubuntu & Debian )
  • Mac OS

Older Versions

Web Site Write Up Versions Available
Old Versions Link Google Chrome 0.2.149.27 Beta – 46.0.2490.80