Make your business stand out on Google with Posts

With 82% of people turning to search engines to find local information,1 your Google listing is the ideal place to showcase what is unique about your business. Even when customers know exactly what they're looking for, they still want to get to know the business and see what it has to offer. That’s why Google My Business is bringing Posts to local businesses — an easy way to help attract new customers and build relationships with the customers you already have.




Posts appear on your Google business listing. Customers can tap to read the full post, and they can also share your post with their friends directly from Google.




Posting on Google gives you new ways to engage with your customers:



  • Share daily specials or current promotions that encourage new and existing customers to take advantage of your offers.
  • Promote events and tell customers about upcoming happenings at your location.
  • Showcase your top products and highlight new arrivals.
  • Choose one of the available options to connect with your customers directly from your Google listing: give them a one-click path to make a reservation, sign up for a newsletter, learn more about latest offers, or even buy a specific product from your website.


Seventy percent of people look at multiple businesses before making a final choice.2 With Posts, you can share timely, relevant updates right on Google Search and Maps to help your business stand out to potential customers. And by including custom calls-to-action directly on your business listing, you can choose how to connect with your customers.





“Posts definitely helped our business because a lot of people look us up through Google. When they do, they want to see the vibe of the place. Being able to post directly to Google allows them to see the reviews and get a feel for the shop all in one spot.” - Cut & Grind, London, UK
“As a small business, we don’t have a ton of resources. We post with the intention of engaging new and existing customers, informing them of new therapists and services we offer as we expand our business. The posts help us stand out in a unique way and allow us to differentiate ourselves from our competition.” - Just Mind, Austin, TX
“Posts are worth my time because with limited effort you can get something fresh that is reaching people's eyes. 1,100 people saw my last post. Getting information out to the customers is big for this kind of business, letting them know we have bikes or different sporting goods they may not be aware of.”- Play It Again Sports, Saint Paul, MN


If you’re a Google My Business user, you can start posting right now. Posts can be created on-the-go using the Google My Business Android and iOS apps or website.



If you’re not yet using Google My Business, sign up and get started today managing your business listing on Google. Once you’ve verified your business, you’ll be ready to start posting. To learn more, visit the Google My Business Help Center.




Posted by Rosa Wu, Product Manager, Google My Business




1 Google. Google Consumer Barometer. 2014/2015.

2 Google. Google Consumer Barometer. 2014/2015.

What’s new in WebView security

Posted by Xiaowen Xin and Renu Chaudhary, Android Security Team

The processing of external and untrusted content is often one of the most important functions of an app. A newsreader shows the top news articles and a shopping app displays the catalog of items for sale. This comes with associated risks as the processing of untrusted content is also one of the main ways that an attacker can compromise your app, i.e. by passing you malformed content.

Many apps handle untrusted content using WebView, and we've made many improvements in Android over the years to protect it and your app against compromise. With Android Lollipop, we started delivering WebView as an independent APK, updated every six weeks from the Play store, so that we can get important fixes to users quickly. With the newest WebView, we've added a couple more important security enhancements.

Isolating the renderer process in Android O

Starting with Android O, WebView will have the renderer running in an isolated process separate from the host app, taking advantage of the isolation between processes provided by Android that has been available for other applications.

Similar to Chrome, WebView now provides two levels of isolation:

  1. The rendering engine has been split into a separate process. This insulates the host app from bugs or crashes in the renderer process and makes it harder for a malicious website that can exploit the renderer to then exploit the host app.
  2. To further contain it, the renderer process is run within an isolated process sandbox that restricts it to a limited set of resources. For example, the rendering engine cannot write to disk or talk to the network on its own.
    It is also bound to the same seccomp filter (blogpost on seccomp is coming soon) as used by Chrome on Android. The seccomp filter reduces the number of system calls the renderer process can access and also restricts the allowed arguments to the system calls.

Incorporating Safe Browsing

The newest version of WebView incorporates Google's Safe Browsing protections to detect and warn users about potentially dangerous sites.. When correctly configured, WebView checks URLs against Safe Browsing's malware and phishing database and displays a warning message before users visit a dangerous site. On Chrome, this helpful information is displayed more than 250 million times a month, and now it's available in WebView on Android.

Enabling Safe Browsing

To enable Safe Browsing for all WebViews in your app, add in a manifest tag: 

<manifest>
     <meta-data android:name="android.webkit.WebView.EnableSafeBrowsing"
                android:value="true" />
      . . .
     <application> . . . </application>
</manifest>

Because WebView is distributed as a separate APK, Safe Browsing for WebView is available today for devices running Android 5.0 and above. With just one added line in your manifest, you can update your app and improve security for most of your users immediately.

The world as you see it with VR180

Virtual reality helps creators bring their audiences to new, amazing, and even impossible-to-visit places. As a viewer, you get a whole new angle on shows, sports, and concerts you care about. You can walk around the Eiffel Tower, dive to the bottom of the Great Barrier Reef, or get a new perspective by meeting people face-to-face in a way that isn’t possible with a flat view of the world.

We know that virtual reality videos can be really powerful, which is why we have invested in supporting 360 and VR formats for over two years. And today, VR video is the most popular way to experience VR. But, we’ve heard from creators and viewers who want to make and see even more immersive videos on YouTube. So, we’ve been working with Google’s Daydream team on a brand new video format, called VR180, that we believe will make VR content even easier to create.

VR180 videos focus on what’s in front of you, are high resolution, and look great on desktop and on mobile. They transition seamlessly to a VR experience when viewed with Cardboard, Daydream, and PSVR, which allow you to view the images stereoscopically in 3-D, where near things look near, and far things appear far. VR180 also supports livestreaming videos so creators and fans can be together in real time.

Introducing VR180 GIF

For creators, you’ll be able to set up and film your videos the way you normally would with any other camera. And, soon, you’ll be able to edit using familiar tools like Adobe Premiere Pro. From vlogs, to makeup tutorials to music videos - your videos will work great in VR.

But supporting the format is just the beginning. We want to make cameras that are easy to work with too. The Daydream team is working with several manufacturers to build cameras from the ground up for VR180. These cameras are not only great for creators looking to easily make VR content, but also anyone who wants to capture life’s highlights in VR. They will be as easy to use as point-and-shoot cameras, for around the same price. Videos and livestreams will be easy to upload to YouTube. Cameras from YI, Lenovo, and LG are on the way, and the first ones will hit shelves this winter. For other manufacturers, we’re opening up a VR180 certification program and Z CAM will be one of our first partners. Learn more and sign up for updates at vr.google.com/vr180. If you can’t wait to try these out, eligible creators can apply to loan a VR180-enabled camera from one of our YouTube Spaces around the globe.

VR180 will unlock opportunities for anyone looking to easily make VR memories. We're just starting to scratch the surface of what is possible and look forward to seeing your new videos!

Start off your summer with #teampixel

Need a fresh perspective? It’s all yours, courtesy of #teampixel. From a Buddhist monastery in Russia to a picturesque lighthouse in North Carolina, to the best swing set … ever, here’s your weekly look at some of the “Pixel perfect” images shared by Pixel users on Instagram.

Pixel_622_1.jpg
Left: @ahwagner - Lines on lines in Bodie Island, NC. Right: @alasdairwillson - Ivolginsk Datsan monastery, Russia
Pixel_622_2.jpg
Left: @glitchlov3 - A patch of blue in St. Petersburg, Russia. Right: @heydavina - Stopping for lunch in Manhattan, NY
Pixel_622_3.jpg
@canvasoul - Silhouettes against the sky
Pixel_622_4.jpg
Left: @mrtroiano - Puffins in the Faroe Islands. Right: @monp54 - Making friends in Fairy Glen, Scotland
Pixel_622_5.jpg
Left: @michilyons - Summer = sparklers, in Maplewood, NJ. Right: @randomitguylv - Montana Redonda, Dominican Republic
Pixel_622_6.jpg
Left: @oliverbock - Liverpool, meet reflecting pool. Right: @willfungus - A dizzying staircase at Nagoya Castle, Japan

If you’ve got a Pixel, share your photos with #teampixel—we might feature them on Keyword and Instagram.

Google Compute Engine ranked #1 in price-performance by Cloud Spectator

By Paul Nash, Group Product Manager, Compute Engine

Cloud Spectator, an independent benchmarking and consulting agency, has released a new comparative benchmarking study that ranks Google Cloud #1 for price-performance and block storage performance against AWS, Microsoft Azure and IBM SoftLayer.

In January 2017, Cloud Spectator tested the overall price-performance, VM performance and block storage performance of four major cloud service providers: Google Compute Engine, Amazon Web Services, Microsoft Azure, and IBM SoftLayer. The result is a rare apples-to-apples comparison among major Cloud Service Providers (CSPs), whose distinct pricing models can make them difficult to compare.

According to Cloud Spectator, “A lack of transparency in the public cloud IaaS marketplace for performance often leads to misinformation or false assumptions.” Indeed, RightScale estimates that up to 45% of cloud spending is wasted on resources that never end up being used — a serious hit to any company’s IT budget.

The report can be distilled into three key insights, which upend common misconceptions about cloud pricing and performance:
  • Insight #1: VM performance varies across cloud providers. In testing, Cloud Spectator observed differences of up to 1.4X in VM performance and 6.1X in block storage performance.
  • Insight #2: You don’t always get what you pay for. Cloud Spectator’s study found no correlation between price and performance.
  • Insight #3: Resource contention (the “Noisy Neighbor Effect”) can affect performance — but CSPs can limit those effects. Cloud Spectator points out that noisy neighbors are a real problem with some cloud vendors. To try and handle the problem, some vendors throttle down their customers access to resources (like disks) in an attempt to compensate for other VMs (so called Noisy Neighbors) on the same host machine.

You can download the full report here, or keep reading for key findings.

Key finding: Google leads for overall price-performance

Value, defined as the ratio of price and performance, varies by 2.4x across the compared IaaS providers, with Google achieving the highest CloudSpecs Score (see Methodology, below) among the four cloud IaaS providers. This is due to strong disk performance and the most inexpensive packaged pricing found in the study.


To learn more, download “2017 Best Hyperscale Cloud Providers: AWS vs. Azure vs. Google vs. SoftLayer,” a report by Cloud Spectator.


Methodology

Cloud Spectator’s price-performance calculation, the CloudSpecs Score™, provides information on how much performance the user receives for each unit of cost. The CloudSpecs Score™ is an indexed, comparable score ranging from 0-100 indicative of value based on a combination of cost and performance. The calculation of the CloudSpecs Score™ is: price-performance_value = [VM performance score] / [VM cost] best_VM_value = max{price-performance_values} CloudSpecs Score™ = 100*price-performance_value / best_VM_value
Overall storage CloudSpecs Score™ was calculated by averaging block storage and vCPU-memory price-performance scores together so that they have equal weight for each VM size. Then, all resulting VM size scores were averaged together.


In addition to other apps, G Suite administrators can now automatically provision users to Asana, Dialpad, Freshdesk, Lucidchart, RingCentral, and Smartsheet

When auto-provisioning is enabled for a supported third-party application, any users created, modified, or deleted in G Suite are automatically added, edited, or deleted in the third-party application as well. This feature is highly popular with admins, as it removes the overhead of managing users across multiple third-party SaaS applications.

Today we’re adding auto-provisioning support for six new applications: Asana, Dialpad, Freshdesk, Lucidchart, RingCentral, and Smartsheet. We previously launched auto-provisioning support for Box Enterprise, Salesforce Sandbox, Salesforce, Slack, and Workplace by Facebook, bringing the total number of supporting applications to 11.

G Suite Business, Education, and Enterprise customers can enable auto-provisioning for all eight supported applications. G Suite Basic, Government, and Nonprofit customers can configure auto-provisioning for up to three applications from the supported list. For specific details on how to set up auto-provisioning, check out the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:

  • G Suite Basic, Government, and Nonprofit customers can enable auto-provisioning for up to three applications
  • G Suite Education, Business, and Enterprise customers can enable auto-provisioning for all supported applications


Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Automated user provisioning (instructions for Smartsheet, Dialpad, and RIngcentral to be added soon)
Help Center: Using SAML to set up federated SSO


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Attention Graduates! Take Your Content With You When You Graduate

Graduation is an exciting time: You’re packing everything up and starting your next chapter in life. Still, it can be stressful if you’re trying to download and save all of your digital files before you leave school.

We’ve got your back with a new tool that makes it easy to copy and transfer the emails and content you created with G Suite for Education to a personal Google Account. From term papers you spent months writing to email threads with classmates, you can move it all to your personal account before you graduate, in less time that it takes to pack the car. Just a heads up that his tool is only available if your school administrator has allowed it and you can learn more about that here.

GraduationGIF (3).gif

All you need to transfer your content is a personal Google Account. Don’t have one? Visit accounts.google.com/SignUp to create one for free now.

Move your digital life in a few clicks
After you log into your school account, go to the transfer tool. There, you’ll be asked for your personal Gmail address so that the tool can transfer everything over to your own Google Account. Your Google Account’s free Gmail address will be your username followed by @gmail.com.

After you’ve provided your personal Gmail account address, copying and transferring your email and content is a snap -- just follow these four easy steps:
  1. Select “Get code.”
  2. Check your personal Gmail inbox for a confirmation email from Google. In the email, select “Get confirmation code.” A new tab will open with your code.
  3. Return to the Transfer tool page (make sure you’re still logged into your school account) and enter the code from your Gmail account, then choose “Verify.”
  4. Choose the content you'd like to transfer, then select “Start transfer.”
If you want to transfer files that were shared with you (but that you don’t own), add those files to Drive on your school account so they can be transferred with the rest of your files. We suggest you do this before beginning your transfer.  
After you’ve started the transfer process, your files may start appearing in your personal Google Account within a few hours, but may take up to a week. When everything’s been moved over, you’ll get an email at your personal Gmail address telling you it’s all done. Got questions? Check out this handy Help Center article.

We hope this helps you take your schoolwork and digital memories with you as you head into the wide world that awaits after graduation. Congrats — we look forward to hearing about all the amazing things you'll do next!

Digital security and due process: A new legal framework for the cloud era

Editor’s note: This is an abbreviated version of a speech Kent delivered today at The Heritage Foundation in Washington, D.C.

For as long as we’ve had legal systems, prosecutors and police have needed to gather evidence. And for each new advance in communications, law enforcement has adapted. With the advent of the post office, police got warrants to search letters and packages. With the arrival of telephones, police served subpoenas for the call logs of suspects. Digital communications have now gone well beyond the Postal Service and Ma Bell. But the laws that govern evidence-gathering on the internet were written before the Information Revolution, and are now both hindering the flow of information to law enforcement and jeopardizing user privacy as a result.

These rules are due for a fundamental realignment in light of the rapid growth of technology that relies on the cloud, the very real security threats that face people and communities, and the expectations of privacy that internet users have in their communications.

Today, we’re proposing a new framework that allows countries that commit to baseline privacy, human rights, and due process principles to gather evidence more quickly and efficiently. We believe these reforms would not only help law enforcement conduct more effective investigations but also encourage countries to improve and align on privacy and due process standards. Further, reducing the amount of time countries have to wait to gather evidence means would reduce the pressure to pursue more problematic ways of trying to gather data.

Current laws hinder law enforcement and user privacy

The U.S. Electronic Communications Privacy Act (ECPA) governs requests for content from law enforcement. Under ECPA, foreign countries largely have to rely on diplomatic mechanisms such as Mutual Legal Assistance Treaties (MLAT) to obtain content that is held by a company in the United States. The last data we’ve seen suggests that the average wait to receive content through the MLAT process is 10 months, far too long for most criminal cases. While law enforcement waits for this data, crimes could remain unsolved or a trial might happen missing key evidence.

The current legal framework poses a threat to users’ privacy as well. Faced with the extended delays under the MLAT process, some countries are now asserting that their laws apply to companies and individuals outside of their borders. Countries asserting extraterritorial authority potentially put companies in an untenable situation where we risk violating either the law of the requesting country or the law of the country where we are headquartered.

We are also seeing various proposals to require companies to store data within local borders as a means to gain easier access. There are a host of problems with this: small, one-off data centers are easier targets for attackers and jeopardize data security and privacy. Further, requiring businesses to build these data-centers will raise the costs for cloud services, erecting significant barriers for smaller companies.

The legal ambiguity concerning cross-border law enforcement requests has also created complications for law enforcement in the United States. Last year, the Second Circuit Court of Appeals was asked to determine the reach of ECPA search warrants issued under the now out-of-date statute. The Court ruled that under existing law, an ECPA search warrant cannot be used to compel service providers to disclose user data that is stored outside of the U.S. But even those judges agreed that ECPA should be updated by Congress to reflect the new reality of today’s global networks.

Principles for reform

Our proposal to address these challenges for domestic and international law enforcement, for companies, and for users has two core principles:

First, countries that honor baseline principles of privacy, human rights, and due process should be able to make direct requests to service providers for user data that pertains to serious crimes that happen within their borders and users who are within their jurisdiction.  

While the U.S. cannot solve the problem on its own, and many countries have blocking regulations, policy reform in the US is a necessary first step. We’ve been pleased to see serious debate around ways to update digital evidence laws in Washington on this issue.

In May, the U.S. Department of Justice presented legislation that would amend ECPA and  authorize U.S. providers to disclose records and communications content to foreign governments that adhere to baseline due process, human rights, and privacy standards. This legislation would be the critical starting point for the new framework of direct requests.

ECPA should also be updated to address what data is available using an ECPA search warrant in a way that serves broader public policy objectives. Law enforcement requests for digital evidence should be based on the location and nationality of users, not the location of data. A key component of this reform is the International Communications Privacy Act (ICPA), which Google supports. ICPA provides a unique opportunity for Congress to update laws governing digital evidence both for investigations in the U.S. and abroad. While refinements to ICPA may be necessary, we believe the principles upon which ICPA is based are sound.

Second, provided that countries can meet baseline standards and the U.S. amends ECPA, the next step would be for the United States and foreign governments to sign new agreements that could provide an alternative to the MLAT process. The bilateral agreements that could be authorized by the legislation put forward by the Department of Justice provide a promising avenue to improve global privacy standards and create a pathway for foreign governments to obtain digital evidence for investigations.

We’re ready to do our part

We know that this will be an involved process. It’ll require action here in Washington and in capitals around the world. However, we can’t accept the complexity of action as a reason for inaction in addressing an important and growing problem.

Our proposal asks for a lot of movement from governments. But we recognize our role as well. Google is ready to work with legislators, regulators, civil society, academics, and other companies to progress these proposals and make sure that we get this right. And I look forward to conversations that we’ll have in Washington, D.C. and beyond in the months to come.

Beta Channel Update for Chrome OS

The Beta channel has been updated to 60.0.3112.41 (Platform version: 9592.29.0 ) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.


If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser). 

Josafat Garcia
Google Chrome

Beta Channel Update for Desktop


The beta channel has been updated to 60.0.3112.40 for Windows, Mac, and Linux.


A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Richard Bustamante
Google Chrome