The Chromium Project by Google to Let Outsiders Participate in the Web Development

If previously Google is very tight for its policy in establishing Chrome, currently, the giant technology company is getting softened. It even permits outsiders to build the foundation of the browser. This step is by considering helping other companies like Samsung, Microsoft, and Brave to create competitors as well as improve the web browser.

It sounds weird? Of course, it is not. The step is profitable for Google itself. At the same time, other companies who are involved in the project can also get their own benefits. The project enables Chrome to be modified and used by others. The more people who access Chrome, it is just more profitable for Google.

The Chromium Project

The open-source project by Google is known as the Chromium project. It has been developed for the last six months by welcoming new developers from the outside. Those outsiders also have more access to the development system of the software that has been patented by Google. Additionally, other features can be simply added and it is basically very good for the improvement of Chrome itself.

However, it doesn’t mean that those outsiders and developers are easily interested in the project. Based on the report, Google put much effort to attract them. It is seen in the BlinkOn conference that is conducted at the beginning of the month. At the conference, one of the Chrome engineers, Danyao Wang said that it is very interesting to see so many people with different priorities gather and find solutions for web improvement. It is despite the fact that they also have their own agenda.

Wang’s statement is in line with the strategy by Google related to the Chromium project. Chromium is expected to make people gather and ally in developing the web. It is also to realize Chromium as the first interactive project that has not been really available before. 

It is the opposite of Apple’s vision

While Google looks really ambitious with Chromium, the principle applied in the project is the opposite of one of the competitors, Apple. Apple tends to be more exclusive in developing its devices. It is seen from the products in the market whether the iPhone, MacBook, and others. The sharing principle that wants to be implemented by Google, in Apple’s perspective, will threaten the iOS ecosystem.

Apple is not alone in holding the principle, another technology company, Mozilla also thinks about the same thing. Both worry about many big risks that may happen by letting outsiders access the web or other programs they make. The risks are particularly in terms of safety. This way, the limitation of interactivity will be better particularly for the health of the program in the long term. 

However, although they have their own principles, Apple and Mozilla don’t make any comment at all regarding the Chromium project conducted by Google.

The Development of Chromium

Before the Chromium project has been started, Google spends many resources on Chrome and it is successful. Chrome currently is the biggest web browser in the world despite its pros and cons. Based on many surveys, almost all web users tend to use Chrome for many features it gives. Uniquely, other browsers are actually not really worse than that. It is just people find Chrome more popular to use and it is set in their mind to use Chrome every time they want to access something. 

The popularity of Chrome may be the primary thing that generates the idea of the Chromium project. Google bravely announces that the project will cause very significant differences to Chrome particularly in terms of governance. Before making some changes, most of the Google technicians must make decisions whether Chromium will accept or reject the new features.

For the Google technicians who will still be the decision-maker, the project seems to still look safe. This way, the outsiders can present their products first and then wait for the decisions whether their products will be accepted or not. If they are accepted, it is lucky for them. But if they are not, they can try it again next time.

Following the participation of outsiders in developing Chromium, Google also permits them to use internal software to develop the system, called Goma. Goma is used to utilize the power of Google data center. Previously, Goma is something like a secret that can only be accessed by internal people of Google limited. By opening more access, Goma enables more people to contribute to the development of Chromium. So, are you interested to participate in the Chromium project by Google?

The New Video Call Feature by Amazon to Verify Its Merchants

To avoid actions of fraud happening to the customers, Amazon is reported to test its new feature, the video call to verify the merchant’s identity who wants to sell products on the site. This plan is known as a new strategy to fight against unexpected actions like online fraud that is getting increased in the middle of Coronavirus pandemics.

According to Reuters, Amazon stated that the plan for having the new feature has been started at the beginning of the year. It is due to some customers’ complaints that merchandise they want is not likely what is in the picture. With the feature also, it is possible for both merchants and customers to schedule for meeting up. 

Video call is not the only safety feature provided by this big e-commerce platform. It has applied a monitoring system for so long to make sure all products offered are safe and original. Undeniably, fraud is not only frustrating customers but also big brands like Apple and Nike. The situation also makes people want to go back to the past; doing transactions offline or directly since it is considered safer for all of them.

The plan of the platform to launch the new feature is also “supported” by the spread of Coronavirus in many countries. The pandemic has forced many governments to issue new regulations; mostly about social or physical distancing which means offline transaction activities should be limited. With the availability of the video call feature, it is expected that people can do transactions more safely even if they don’t need to meet up with each other directly.

Amazon itself changes the release date of the Video Call feature to make it one of the solutions of transactions in the pandemic. Currently, the feature can be enjoyed starting in February. The platform uses this feature also to conduct interviews with more than 1,000 prospective traders from the US, the UK, China, and Japan.

Unfortunately, the tight monitoring system seems to make many Chinese merchants find it more difficult. Despite the fact that Coronavirus was started from China, many traders from this country are also found to use many fake accounts. Meanwhile, many Chinese traders are registered in Amazon. Their number is even around 40% of the total merchants in the platform mainly for the European market.

It is not really surprising since Chinese merchants have been well known in other countries for so many years even before the era of online shopping. Additionally, many products from the country have similar names and look with many famous brands. For some reasons, those products are called only imitations.

Slightly, the video call feature from Amazon is just the same as the same video call from other platforms. However, Amazon claims that their feature is more focused on business purposes. It is reasonable by remembering that Amazon itself is a platform for selling and buying. 

In this one new feature, some other features are offered to make it work better. First of all, it lets you meet, chat, and place business calls in a single and more secure application. There is no need to switch the app if the users want to make or receive a call. Different from conventional video call apps that are mainly intended for personal communication, the feature from Amazon is recommended for teleconference also. Presenting products to customers is also getting easier with it.

Second, although it still needs upgrades, the quality of the service is relatively good. The picture is clear and it supports multiple calls at once. In these social-distancing days, people still have a problem in video calling and conferencing for the unclear video and audio provided by the platform. From the perspective of business, it is quite disturbing. Therefore, based on the statement of Amazon’s representative, they make sure that the quality is good to avoid problems in business dealing.

Third, it also lets all merchants be extra careful before deciding to join the platform. Only trusted merchants are currently allowed to join with some requirements; their merchandise must be original and they must pass through a set of interviews.

But once the merchant has fulfilled the requirement, it is very good for them as well as a chance to improve their business. Amazon itself is known as the biggest shopping platforms in the world currently. It is accessed by people in many countries around the world. Some countries indeed have not yet accessed the platform well for some conditions. However, it seems that the app founded by Jeff Bezos tries its best to enlarge its influence on them. 

Microsoft Teams Successfully Neutralized Malicious GIF Attack

What if a seemingly harmless animated GIF image suddenly snatches your Microsoft Teams account and other sensitive information stored within? What if using the same image that you inadvertently open, the attacker can take over your business and even attack other accounts to which your account is connected? This apparently unbelievable case of internet hacking has actually occurred and—fortunately—successfully intercepted and neutralized by Microsoft in collaboration with CyberArk, the team of researchers that discovered it.

The Vulnerable Data

Full disclosure of the attack is revealed by CyberArk security researchers on March 23, 2020. The attack comes out in the form of a subdomain takeover whereby Microsoft Teams users who can be forced to send a token (cookies) to the compromised subdomains may render their confidential data vulnerable to stealing and hacking. These data may include passwords, private information, calendar reminders and scheduled meetings, business plans, business competition information, and other confidential data.

Subdomain Takeover Attack

This attack stems from Microsoft’s method in managing the sharing of data across different Microsoft Teams platforms and servers. Whenever users access their Microsoft Teams account and open an application, the platform will create a temporary access token and authenticate it. Supported services, such as Microsoft Outlook and SharePoint, will also create similar tokens.

Every content that is shared on the platform is protected by permission restriction so that only eligible parties can access it. Microsoft restricts its permission by using two cookies, “authtoken” and “skypetoken_asm.” The Skype token is then sent to Microsoft Teams’ website and its subdomains. Two subdomains, i.e. addsync-test.teams.microsoft.com and data-dev.teams.microsoft.com, are proven to be vulnerable to subdomain takeover attack.

The domino effect commences when the subdomains are taken over by an attacker. The automatically generated authtoken will be sent to the compromised subdomains. The attacker, who has received the authtoken, can generate a skype token that they can use to sneak into the victim’s Microsoft Teams account and to steal every piece of vulnerable information. With the acquired authtoken, the attacker can also perform various administrative tasks within the victim’s Microsoft Teams account, including reading and sending messages, create new groups, add new users and remove users from groups, and alter groups’ permissions.

In short, with the automatically generated authtoken, the attacker can practically take over the victim’s Microsoft Teams account and all the functions and data within.

How Does the Attack Occur?

The attack starts with the attacker sending a malicious GIF image to a victim through the latter’s Microsoft Teams platform. This is done after the attacker successfully takes over the vulnerable Microsoft Teams’ subdomains. The victim will less likely be suspicious about the received image because it is sent from within the platform after the subdomain takeover completes. The authtoken is generated and sent to the compromised subdomains when the victim opens the image and right before the image loads on the browser.

The victim only needs to open the attached image for the attack to succeed!

What If There Is Nothing to Steal?

Even if the attacker finds nothing of value when successfully sneaking into the victim’s Microsoft Teams account, the attack can still be dangerous for other accounts that happen to be connected to the victim’s account. The attack will navigate across different accounts like a worm and do more serious damages that can be beyond repair.

If the victim’s account is connected to a company account, the attacker can exploit this vulnerability to spread false information, to give fake instruction from the company’s authorities to the employees, and to do malicious actions that may lead to financial problems, data stealing, and business collapse.

Why Does the Attack Matter, Especially Today?

Microsoft Teams has long become a collaborative platform for both individuals and companies. Any undetected vulnerabilities on this platform will certainly become dangerous risks for all users. These risks are serious now and ever, so why it becomes even more serious today?

Companies are forcing their staff to work from home as Covid 19 strikes. When virtually everyone works at home, online collaborative platforms like Microsoft Teams become the primary hubs for various business interactions, transactions, and competitions. Attacks that occur there can lead to truly grave situations when the world’s economy practically runs on such platforms.

CyberArk security researchers reported their findings to Microsoft after discovering it on March 23. They subsequently worked with Microsoft Security Research Center to take the necessary measures to mitigate the potential attack. Microsoft immediately removed the misconfigured DNS as a part of the mitigation effort and released a patch to deal with the newly discovered vulnerability.

Microsoft xCloud Project New Challenge

The preview of the new xCloud project where Microsoft finally adds Sony’s DualShock 4 wireless pad as one of the supported devices in this project generates many questions. Moreover, Microsoft also did it almost at the same time when Google Stadia was previewed as well. According to Kareem Choudhry, corporate vice president of the gaming cloud of Microsoft, this new project can be expanded into various features. So, if you say that in the future, you can play Xbox games on Android devices using the PlayStation controller that is not an impossible thing.

That’s not all. Microsoft also adds 50 games for their xCloud service. Famous titles, such as Devil May Cry 5, Tekken 7, Madden NFL 20, and Rainbow Six Siege are some of them. Next year, the support for Windows 10 PC will be also released.

Microsoft also expands the preview to a wider area, such as India, Japan, and Canada in the future. According to Catherine Gluckstein, product leader on xCloud, they have the vision to let people from all places to use Project xCloud on their device. When she was asked if Microsoft will develop a device similar to Google Chromecast, she said that there is a possibility for that.

There is also a rumor about the end of the console era. However, Microsoft doesn’t seem to follow that rule, even though they launch the Project xCloud, the game streaming service. Choudhry said that their Project Scarlett, which will be the project to create a new Xbox version that will be released at the end of 2020, is still ongoing. This console will compete with the Sony PlayStation 5.

Choudhry explained even though the online games and downloadable content are on the rise today, he can’t leave the game console. The reason is the physical disc sales for games are still high. Therefore, it keeps going as an important part of Microsoft’s gaming business.

The other reasons could be seen from the preview of the xCloud project at the X019 event in London. In this demo, it was clearly showing how the disc and game console is important for the game industry. At that event, the demo used a tablet to use the streaming game service using the 4G internet connection. The result is pretty much not satisfying. the performance wasn’t as good as what it said. There is a buffering and pixelating problem that occurs in a specific interval. Therefore, the online game streaming project like this needs a stable, fast and good internet connection. And, this is a problem Microsoft try to solve.

Choudhry explained that xCloud was designed for a 4G connection with the speed of at least 10 Mbps. People with a good 4G internet connection or Wi-Fi connection can experience the best performance for this service. However, Microsoft also wants to provide the best experience with a low requirement. Choudhry said that currently, his team tries to find the balance for video quality, latency, and bandwidth element for the xCloud project.

xCloud still struggles to give the best experience with a slower internet connection than 10 Mbps. And, they still try to push on how lower the internet connection this service needs so it can work well. With a lack of home broadband connection that provides the requirement for xCloud to perform at its best, the game console will take that role for providing the best gaming experience.

Google is indeed starting the race faster than Microsoft and Sony. However, Microsoft has confidence in persuading people to take their subscription because the gamer can get the best from this service. Choudhry added that this system (xCloud) uses the already-developed gaming ecosystem these days. Moreover, they offer the most important key that can satisfy the games, which are the games itself.

From the preview, the 50 games you can find on xCloud is already outnumbered the games available in Google Stadia, which is only 12 titles. Moreover, these 12 titles are also included the old games. However, what Gluckstein said about the game streaming as the way to change how to play the game and improve its performance or make it more interesting as the key for Microsoft to compete in this field. As we all know, when a game title was brought to other platforms, including a game streaming platform, there are always many changes that the development studios need to be done to make it playable.

Gluckstein also added that Microsoft has already started the development of the cloud version titles. This will be the challenge to see the problem, understand it, and find the solution and opportunity o that market. Many developers also did the same to compete in this specific market.

Google Release A Patch for the Problem in AMP4Email Feature

Gmail is one of the most popular email services. Its free version provides one of the best free email services you can find. Google also offers many unique and useful features you can find on other email services. One of them is the dynamic email feature. It’s also known as AMP4Email.

AMP4Email can be considered the newest feature from Google for its Gmail service. This feature allows you to add dynamic HTML content in your email. With this capability, you can do many things. For example, the message you send will activate a command that the recipient can use. So, if you use this feature to create a message to spread a specific event, like a questionnaire, or let the recipient access a catalog, you can do it beautifully with its dynamic feature.

However, the Google Vulnerability Reward Program found something worrying about this new feature. They expose the serious problem and bug that occur in this feature back in August this year. This feature is prone to a hacking attack that utilizes the dynamic ability and its ability to include HTML content in the email. The hacker and phisher can easily use the XSS or cross-site scripting method to inject a link that will start the attack through the AMP4Email feature.

According to Michał Bentkowski, Chief Security Researcher, via the blog post at Securitum, by allowing the access to include dynamic content in email, anyone can easily attach the JavaScript code in it. And, that could be dangerous. This condition doesn’t only work for the dangerous link. People also can add tags and attributes that are safe and even whitelisted by AMP4Email. Yet, it still posts some threat.

This feature doesn’t allow adding id attribute in the tags. This is another problem you must face. People can use this user-controlled id attribute to create HTML elements that they can use for the DOM Clobbering attack.

Why it can be used for DOM Clobbering? He explained that when you want to create an element in HTML, which that element will be referenced to specific JavaScript, you can use two function lines. They are the “document.getElementById(‘username’)” and “document.querySelector(‘#username’)” command lines. This is the standard method to create the HTML element that referenced to JavaScript. However, you also can use other methods.

The other methods you can use are the global window object property. You can use this part to create the access that you want. The attacker uses the “window.username” command line to create similar effect like when you use “document.getElementById(‘username’)”. In short, AMP4Email provides a much easier method to create the elements that the attacker can use to inject the code in the email.

With that easier method to inject the code, this feature can become many problems in the future. And, it increases the risk of DOM Clobbering. DOM Clobbering itself is a legacy feature you can find on many web browsers. Moreover, this is also the source of many problems that can happen on many applications you use to access that web browser or integrated with it.

The researchers also found out how AMP4Email can cause a problem. They test it by using their id attributes to the HTML elements. Then, when you open the email that loads the JavaScript file the sender send to you using this new feature, it adds the specific URL in it. This URL is then described as the “undefined” link. When it happens, it is proved that DOM Clobbering occurs.

This condition is common in the DOM Clobbering. It happens because the expected property that was originally added to the loaded JavaScript is missing. Therefore, the URL turns into an undefined URL link. When this condition occurs, it can affect the performance of the web browser you use to open the message. Furthermore, it also can affect the application and other parts of your device software.

It doesn’t seem dangerous when you see it at glance. The problem also can be solved by repairing the HTML elements in it. However, this condition also is proved that the script code in the email can be activated through the AMP4Email feature. So, if you want, you can tweak the code and attributes for this kind of email. With this wide-opened path to enter others’ systems, the attacker can easily inject malicious code that can damage and cause a bigger problem.

Regarding this problem, Google has finally released the patch to repair the problem caused by their new feature. This new patch will solve the DOM Clobbering problem and risk of the injection of unwanted script code using the AMP4Email feature

Google Buys Software Company CloudSimple

On July 2019, Google announced their partnership with CloudSimple to help more company teams move their on-site operations to the cloud but now, Google is straight buying them based on Vice President Engineering at Google, Rich Sanzi statement on Monday, “This agreement making our last collaboration with CloudSimple that we inform on July, it make us must advance a perfect Vmware migration solution with upgrade service for our users”

 CloudSimple announced at their Linkedin, “We’re excited to announce that CloudSimple is now a part of Google Cloud! We’ll continue to focus on accelerating our ability to help customers easily move their VMware workloads to the cloud” on Monday and “We got the improbable things to convert the firm workloads to the cloud by collaborating more critical with a cloud provider who can help CloudSimple with bigger investments and faster assimilation with the cloud to get the big impact of what we ask to them,” said Pangal in a written blog post. It is interesting because previously SimpleCloud was a company once central to Microsoft’s cloud ambitions.

So what is CloudSimple? CloudSimple is a firm that offers a service to the world’s leading cloud vendors to spread and manage workloads in a dedicated, private cloud in public clouds. With the full support of Microsoft and VMware, the first offering is a service for VMware. Pangal was established the CloudSimple in 2016, StorSimple is the previously found by him too. StorSimple is a cloud storage system builder that was bought by Microsoft. CloudSimple helps the company looking to move VMware workloads to the cloud without any transformation and continue to use the familiar VMware and cloud management tools they know. IT benefits from the aptitude and on-demand, the elastic infrastructure of the cloud, as well as lowering costs. The VMware project and plans for the designing, developing and optimizing the product which makes the computing more superfluous, available, accessible as well as easily scalable. There are three VMware products such as VMware server, workstation, and vSphere.

Vmware that show up on Google Cloud Platform, the users will get all of the intimacy form the cloud stuff, learning and keep their investment, as they behead on their cloud method and immediately give the latest  benefit to customers, run them flawlessly and safer from hybrid cloud area. Through Google’s existing partnership with CloudSimple, customers can drift their Vmare workloads from on-premise data centers directly into Google Cloud VMware Solution by CloudSimple, while also creating new Vmware workload as desired. The partnership with Google Cloud enables the mutual customers to run VMware workloads on VMware Cloud Foundation in Google Cloud Platform. The innovation prowess, modern infrastructure, and leadership in areas such as smart analytics convinced SimpleCloud that joining together with Google would further their joint vision. The acquisition came into real after GCP’s $2.6 billion deal in June to acquire Looker, the Business Intelligence (BI) specialist. As with Looker, CloudSimple is already a major GCP partner.

By acquiring SimpleCloud, this makes cloud competition increasing. Enterprise customer base is crucial to cloud service providers as their allocating to modernize IT infrastructure is increasing. The enterprises are fastly shifting from traditional application software to software as a service (SaaS), which is expected to contribute to the public cloud spending globally. However, Google’s acquisition of CloudSimple is likely to help it in delivering boost experience to enterprise customers. Moreover, customers will apply VMware tools and protect their investments with VMware on Google Cloud. Google acquires SimpleCloud is one of the Biggest Tech Breakthrough in a Generation. Became one of the earliest investors in a new type of device that experts say could have as much impact on society as electricity was discovered. Current technology will soon be out-of-date and replaced by this new device. In the process, it is expected to create many jobs and afford many benefits.

Things like this are actually not so surprising because as happened before, Google, which is a large company that has a combined company from aplhabet, the A-Z company. The names of the big and well-known companies owned by Google such as Google Maps, AdSense, DoubleClick and YouTube generate huge amounts of profits. In 2017, Google bought 11 company which are Limes Audio (Sweden), Fabric                   (United States), Kaggle (United States), AppBridge (United States), Owlchemy Labs (United States), Halli Labs (India), AIMatter (Belarus), HTC (portions) (Taiwan), Bitium               (United States), Relay Media (United States), and 60db (United States). In 2019, Google bought 7 companies, Superpod (United States), Alooma (Israel), Nightcorn (German), Looker (United States), Elastifile (United States), Socratic (United States), and the latest is CloudSimple (Unites States).

Why You Should Stop Using Internet Explorer Now

How many are you still using Internet Explorer as the default browser? For Windows users, it must always be a struggle in using Internet explorer securely. The most recent issue about Internet explorer is addressed by Microsoft. This Monday Microsoft gave warning to the Internet Explorer users of two major flaws which affect version 9 to 11 of Internet Explorer. One of the flaws is known to be zero-day and it is facing a real attack being exploited by the hijackers. This means that Internet Explorer now is having a critical vulnerability that allows malicious actors to hijack the users running the program, especially the outdated one. When you hear this, if you are using Internet Explorer, you probably should stop right now.

What is zero-day vulnerability?

In cybersecurity, vulnerabilities mean unintentional flaws in a software program or an operating system. These flaws could be a result of errors in programming or configuring security. If nothing has been done to fix them, these vulnerabilities can allow cyber hijackers to exploit the program.

what is zero-day vulnerability? Zero-day means that the vulnerability in the software has just been found or it means that the software developer has just known the existence of the flaw. This causes the patch to fix the vulnerability that has not been made or released yet. To simplify, zero-day means that the developers have zero days in fixing the issue and the problem has a probability to be exploited by malicious actors. Now, what about the zero-day attack? This may happen if the software developer has not fixed the flaw or make the patch but hackers have abled to exploit the vulnerability.

The security risks of software vulnerabilities

This is how it works, hackers will create code with the target is a security flaw and they will make a malware named zero-day exploit. The malware will use the vulnerability and disturb the system resulting in unintentional behavior. When the system in your computer is affected by malware, it will steal your data and take control of your computer.

In their Warning, Microsoft explained that the vulnerability is corrupting memory to some extent that enable a hacker to perform arbitrary code in the context of the computer user. This means that if a hacker can exploit the existing vulnerability, the actor is possessing the same rights as the current computer user.

Microsoft then explains further that if the current system user is logged on as an administrative user, then the hacker who succeeds in exploiting the vulnerability will be able to take control of the systems that are affected by the malware. This will result in the ability of the attacker to install programs, view or change or even delete data, and create a new account with user rights.

It is stated in Microsoft’s warning that in the web-based attack, a hacker can host a website that has been specially crafted to exploit the vulnerability through Internet Explorer. The malware will try to persuade users to view the web. This can also be done by sending an email to the users.

Stop using Internet explorer

Discontinuity of Internet Explorer as a web browser is not only this time being stated by people from Microsoft. Early this year, in February, a cybersecurity expert from Microsoft wrote a post on the official Windows IT pro Blog that it is now time to stop the use of this old web browser. This product itself was discontinued in 2015. He stated that Internet Explorer is a compatibility solution, better not using it as a default browser. In his opinion, the use of Internet Explorer only when necessary such for searching certain enterprise solutions but he wants us as web users to not using it to avoid missing out on the larger portion of the web.

Next in April this year the warning came from one of the security researchers from Microsoft, who warned us that it is not enough to stop using it, you should also delete it from your computer. You do not have to use it, even simply by having it on your computer opens the possibility of having your data stolen by hackers.

The most recent warning reminds us that there is no need to keep Internet Explorer with you as all you have to do is open a crafted website containing, malware and it is over for you and your computer. Thanks to Clément Lecigne from Google’s Threat Analysis Group for the achievement in finding the vulnerability. The fix for the vulnerability is available, but it is manually done, so it is time now to move on and use Firefox as your browser instead.

Top 5 WordPress Hosting Sites

It is important to choose the right best hosting if you own or run WordPress websites. The hosting site determines how healthy and reliable your website is. Since there are so many hosting sites out there, which one is the best?

No matter which one you will choose, you should keep these points in mind when it comes to choosing the best hosting for WordPress. The server requirements should meet the latest requirements for WordPress. Speed is also important and if your website loads slower than one second then you need to consider changing your hosting.

Uptime is another important thing you should take a look. If you the uptime of your hosting is below 99.95 percent, you better switch it to another hosting.

#1. Bluehost Hosting

At a glance, Bluehost provides excellent main keys for your WordPress website. The average uptime is more than 99.98 percent with 375 ms average loading speed. It has a 24/7 live chat that will help you. The hosting is friendly even for beginners with reliable performance that includes SSL.

This hosting site very popular especially for bloggers and small business owners. The pricing is cheap which less than USD 3 per month. It is easy to use and no performance issue has ever been reported.

According to the tests we have run, Bluehost provides the best value ratio. With 99.98 percent uptime and 375 ms loading speed, you will never get the best yet most value for money hosting service on the market.

The pricing starts from USD 2.75 per month and you can purchase it for 36 months. However, the renewal price is USD 7.95 per month. Still, it is very common in the hosting industry yet this one is considered cheap after all. To save money, you should purchase the plan for the longest period.

#2. HostGator Hosting Service

This hosting service provider offers 99.99 percent average uptime with 425 ms loading speed. With a fast response live chat that will help you 24/7, HostGator is another best hosting service you should take into account. The intro price is cheap and it provides very reliable service and unlimited email.

HostGator is another popular hosting service provider with more than 10 million domains. It will be your ultimate choice when you run a WP website. Various high traffic sites use this hosting service its fast loading times just makes the hosting service more desirable. According to our test for one-year long, the average speed is 425 ms with 99.99 percent uptime.

Its initial purchase is USD 5.95 per month while the renewal might charge you USD 9.95 per month.

#3. SiteGround

This is another option you can take a look when you need a reliable hosting service for your WP websites. This hosting allows you to change the data center locations from the USA to Europe and vice versa. Some features provided will allow you to get a faster WP seed. The uptime is 99.99 percent and the load time is 671 ms. This number might not be as fast as HostGator and Bluehost. However, speed can be faster in some regions of Europe.

It has 24/7 customer service which will give helpful solutions for all your issues with the hosting service. However, the sign-up price is a bit higher than other hosting sites with USD 9.90 per month for the renewal. If you register your domain, it will charge you another dollar.

#4. Hostinger

If you need another name of the best hosting site for WP website, you should consider Hostinger as well. It offers the cheapest hosting plans with a data center in almost all continents across the world. You might not be able to choose your data center at first. But once you have signed up, you can ask the support service to change your server location.

Even though this one is the cheapest hosting service for WP websites, it provides 340 ms loading speed and 99.96 percent of uptime, which is faster and more competitive on the market. The initial sign-up price is USD 0.99 per month that can be purchased up to 48 months. Once the plan has ended, you can renew it for USD 2.75 per month.

#5. Dreamhost

Even though this is another alternative you can choose, it might not be suitable if you want more than average service. The uptime is 99.93 percent with 656 ms loading speed. Users can make site transfers for USD 99 and the service support is only during working hours. You cannot even choose your data center location.

Still, anything you choose, it depends on your main goal of making a WordPress website.

Google’s Trouble in Managing Google Assistant’s Customers’ Privacy

Google Assistant is a product from Google that is highly demanded recently. Users can use it to help their daily activities by only tapping a special button on their Android Smartphone. The feature is introduced mainly in the series of Android One.

The product is really sophisticated for sure. It is even said that this giant technology company has been one step ahead with it. Unfortunately, Google has some issues also. One of them is the issue of privacy violence that comes out to the surface currently.

A media from Belgium reported that Google Assistant and the smart speaker Google Home can record the voice and their staff can listen to them. The media even stated that there were more than a thousand quotes in which 153 of them are conversations that should not be recorded. The users might not activate it with the command “OK Google”. Those private conversations are including parents-children conversations, intimate conversations done by couples, and professional calls that contain secret information.

The problem is, in terms and conditions given by those products, it is said that any voice messages that are asked to Google Home and Google Assistant will be recorded and saved. Many users may ignore those matters based on the facts that they don’t know anything about these matters. On the other hand, something that is not stated in terms and conditions is permissions for Google staff to listen to the recorded quotes.

The controversy is getting bigger after people know that Google’s competitors, Amazon and Facebook tend to look more professional. Those technology companies make sure to exclude themselves in any product they produce unless; it is the requests from their customers. This way, users’ privacy can be kept better.

One of the protests was stated by Jim Killock, the Executive Director of Open Rights Group. He said that companies should do the right thing and make sure people choose to be recorded. Additionally, based on his opinion, it is funny to force people or customers to check whether every company intrudes their home or not.

The statement comes out after Google defends them by saying that about one of 500 users is subject to the human checks.

Is it true that Amazon and Apple excluded in the practice?

The main accusation comes to Google as they have been confessed to the ability of staff to listen to private quotes. Meanwhile, other companies defend themselves to do the same practice. However, the different thing is said by the Bloomberg News Agency. The company reported some technology companies including Amazon, Google, and Apple were involved in the practice.

The company’s involvement can be analyzed through some products and features available in the market, In general, some smart products are indeed equipped by staff label words and phrases. Words and phrases are mainly functioned to help improve voice-recognition accuracy in products’ software. And that’s true, some companies have such products. For example, they are Microsoft with their Xbox, Amazon with their Alexa recordings, and Facebook with their Opt Out for Portal Voice Recording Check.

Sure, the practice is considered common and reasonable. Without the feature, it is impossible for the companies to develop their products well and enjoy by customers. But it doesn’t reduce the fact that the customers’ privacy has been violated.

How to Solve the Problem

Undeniably, big technology companies have put many efforts to develop the feature applied in Google Assistant and Google Home. It is all to help customers to ease daily activities for sure. But in the future, it is expected that alternatives can be invented particularly to make sure customers’ privacy is kept well.

To solve this problem, at least for now, one of Google Assistant’s managers apologized for the mistake. He claimed that the quotes and data recorded are mainly used to make the product works. Besides, the setting menu was actually obviously shown that humans are included in the process.

Since the new technology how to make Google Assistant work well without human involvement has not been invented well, one solution seems good to use, at least for nowadays. Google planned to provide a feature that enables users to set the sensitivity level of the products. This way, the customers can choose the Google Assistant’s sensitivity. The more sensitive it is, there will be more quotes to be recorded.

The data stored are also automatically deleted after a few months. Therefore, there will not be records in the past to be played in the future. They are all gone except the customers themselves who have the willingness to keep them all.