Continuing to grow and invest across America in 2020

Today I’m pleased to announce that Google will invest more than $10 billion in offices and data centers across the United States in 2020. 

Google has a presence in 26 states across the country and our new investments will be focused in 11 of them: Colorado, Georgia, Massachusetts, Nebraska, New York, Oklahoma, Ohio, Pennsylvania, Texas, Washington and California. 

Everywhere we invest, we strive to create meaningful opportunities for local communities. A powerful example is our data center in Pryor, a town in Mayes County, Oklahoma. Last year, I visited Pryor to announce a $600 million investment, our fourth expansion there since 2007. It felt like the whole community came out to welcome us, from small business owners to teachers to Google employees. Pryor Mayor Larry Lees told the crowd that Google’s investments have helped provide local schools with the resources they need—including the latest textbooks and STEM courses—to offer a world-class education. He talked about the small businesses we have helped train and the mentorship Googlers have provided to Pryor’s students. 

This is exactly the kind of difference we hope to make with our new office and data center projects in 2020. These investments will create thousands of jobs—including roles within Google, construction jobs in data centers and renewable energy facilities, and opportunities in local businesses in surrounding towns and communities. 

This effort builds on the momentum of the $13 billion investment in communities from South Carolina to Nevada we made in 2019. Combined with other R&D investments, Google’s parent company Alphabet was the largest investor in the U.S. last year, according to a reportfrom the Progressive Policy Institute.  

We look forward to continuing this progress in the year ahead. Here’s a look at our 2020 investments by region:

2020 investments by region

South

Google continues to invest in Atlanta, and we will be welcoming new engineering teams to our growing office there this year. We will also invest in expanded offices and data centers in Texas, Alabama, South Carolina, Virginia and Tennessee. Plus, we’ll open a Google Operations Center in Mississippi to improve our customer support for users and partners around the world. 

Breaking ground at new office development in Atlanta, in 2019

Breaking ground at our office development in Atlanta in 2019. We’re expanding our space in Atlanta this year.

Midwest 

We recently opened a new Google Cloud office in Chicago and expanded our office in Madison, Wisconsin. We’ll make additional investments in our offices in Detroit, open a new data center in Ohio, and complete the expansion of our data center in Iowa.

Ribbon cutting at our new Google Cloud office in Chicago, Ill., in 2019.

Ribbon cutting at our new Google Cloud office in Chicago in 2019.

Central 

In Colorado, we have the capacity to double our workforce over the next few years, in part by expanding our presence in Boulder. We’ll also invest further in growing data centers in Nebraska and Oklahoma. 

Sundar Pichai speaking at Google’s Mayes County, Okla., data center expansion event.

Google’s Mayes County, Oklahoma data center expansion event. 

East 

We’re opening our new Hudson Square campus in New York City, where we have the capacity to double our local workforce by 2028. We’re also expanding our office in Pittsburgh, and a bigger office in Cambridge, Massachusetts, is under development. 

West 

We are expanding our Google Cloud campus in Seattle and undertaking a major development in Kirkland to open later this year. We’re making office and data center investments in Oregon. In California, we continue to invest in new locations in the Bay Area and Los Angeles. 

We’ll also accelerate our work with businesses, governments, and community organizations to distribute the $1 billion we committed for Bay Area housing. In the first six months of this commitment, we’ve helped to create more than 380 new affordable housing units in the Bay Area, including an investment in a development focused on affordable and inclusive housing for adults with disabilities. There’s more to come in 2020.

In addition to these investments in infrastructure and jobs, we’ll also continue our work nationally with local startups, entrepreneurs and small business owners to help Americans access new digital opportunities. Already Grow with Google and Google for Startups have trained more than 4 million Americans in hundreds of communities across all 50 states. Looking ahead, we're especially excited about our work creating pathways to jobs in the fast-growing field of IT through our two Grow with Google certificate programs

Our growth is made possible only with the help of our local Googlers, partners and communities who have welcomed Google with open arms. Working together, we will continue to grow our economy, create good jobs for more Americans and make sure everyone can access the opportunities that technology creates.

More & better data export in Search Console

We have heard users ask for better download capabilities in Search Console loud and clear - so we’re happy to let you know that more and better data is available to export.

You’ll now be able to download the complete information you see in almost all Search Console reports (instead of just specific table views). We believe that this data will be much easier to read outside SC and store it for your future reference (if needed). You’ll find a section at the end of this post describing other ways to use your Search Console data outside the tool.

Enhancement reports and more 

When exporting data from a report, for example AMP status, you’ll now be able to export the data behind the charts, not only the details table (as previously). This means that in addition to the list of issues and their affected pages, you’ll also see a daily breakdown of your pages, their status, and impressions received by them on Google Search results. If you are exporting data from a specific drill-down view, you can see the details describing this view in the exported file.

If you choose Google Sheets or Excel (new!) you’ll get a spreadsheet with two tabs, and if you choose to download as csv, you’ll get a zip file with two csv files.

Here is a sample dataset downloaded from the AMP status report. We changed the titles of the spreadsheet to be descriptive for this post, but the original title includes the domain name, the report, and the date of the export.


Performance report 

When it comes to Performance data, we have two improvements:
  1. You can now download the content of all tabs with one click. This means that you’ll now get the data on Queries, Pages, Countries, Devices, Search appearances and Dates, all together. The download output is the same as explained above, Google sheets or Excel spreadsheet with multiple tabs and csv files compressed in a zip file.
  2. Along with the performance data, you’ll have an extra tab (or csv file) called “Filters”, which shows which filters were applied when the data was exported.
Here is a sample dataset downloaded from the Performance report.


Additional ways to use Search Console data outside the tool

Since we’re talking about exporting data, we thought we’d take the opportunity to talk about other ways you can currently use Search Console data outside the tool. You might want to do this if you have a specific use case that is important to your company, such as joining the data with another dataset, performing an advanced analysis, or visualizing the data in a different way.

There are two options, depending on the data you want and your technical level.

Search Console API

If you have a technical background, or a developer in your company can help you, you might consider using the Search Console API  to view, add, or remove properties and sitemaps, and to run advanced queries for Google Search results data.

We have plenty of documentation on the subject, but here are some links that might be useful to you if you’re starting now:
  1. The Overview and prerequisites guide walks you through the things you should do before writing your first client application. You’ll also find more advanced guides in the sidebar of this section, for example a guide on how to query all your search data.
  2. The reference section provides details on query parameters, usage limits and errors returned by the API.
  3. The API samples provides links to sample code for several programming languages, a great way to get up and running.

Google Data Studio

Google Data Studio is a dashboarding solution that helps you unify data from different data sources, explore it, and tell impactful data stories. The tool provides a Search Console connector to import various metrics and dimensions into your dashboard. This can be valuable if you’d like to see Search Console data side-by-side with data from other tools.

If you’d like to give it a try, you can use this template to visualize your data - click “use template” at the top right corner of the page to connect to your data. To learn more about how to use the report and which insights you might find in it, check this step-by-step guide. If you just want to play with it, here’s a report based on that template with sample data.



 Let us know on Twitter if you have interesting use cases or comments about the new download capabilities, or about using Search Console data in general. And enjoy the enhanced data!

Posted by Sion Schori & Daniel Waisberg, Search Console team

Calling all fashion & beauty mavens for India’s first NextUp for Beauty Creators!

Whether it’s a simple makeup look, an intricate braided hairstyle, or live streams from the latest Fashion Week, YouTube has grown into an incredible repository of fashion and beauty content from across the globe. Last year, we also launched YouTube.com/Fashion a first-of-its kind, dedicated destination for fashion & beauty content on YouTube. 


With more access to information and products, beauty norms are fast-changing in India too, and YouTube creators are at the forefront of this change. They are helping democratize expression and encouraging men & women to break the set moulds of beauty, grooming and style. In our quest to identify and support the next generation of rising Beauty Creators in India on the platform, we’re proud to announce the launch of the inaugural NextUp for Beauty Creators with L'Oréal Paris. 


Having successfully contributed to the journeys of over 80 Indian creators & artists across languages, genres, and genders over the last 5 years, we return for a fifth year with YouTube NextUp in India. This edition is extra-special, as we have partnered with one of the world’s largest & most recognised beauty brands - L'Oréal Paris - bringing their years of expertise in the beauty industry directly to our rising stars on YouTube. Winners will get a chance to attend masterclasses with beauty industry specialists, gain market insights on trends, and network with brand representatives. 



Who are we looking for? 


For this special edition of NextUp, we are celebrating those who are keen about beauty, and who are passionate about creating compelling content around beauty. We are looking for aspiring creators who are ready to learn and focus on improving their production and storytelling skills, who seek mentorship from industry stalwarts, and who dream of reshaping the narrative of beauty content in India on YouTube and beyond. 


Up to 12 YouTube channels from India will be selected as winners to join the NextUp for Beauty Creators Class of 2020. If selected, you will be eligible to receive:


  • A week of intensive production classes and filming opportunities at a YouTube Pop-Up Space in India, in May 2020
  • Specialized educational workshops and skill-sharing sessions designed by production gurus, content specialists, and industry experts, tailored for beauty creators
  • INR 1,40,000 voucher towards production gear

    Want even more reasons to apply? Hear directly from our Alumni! 


    "My biggest takeaway was having the rare opportunity of having an expert scrutinize your content and give you workable tips on how to make it better! Thanks to NextUp, I know so much more."Nidhi Mohan Kamal, NextUp Women to Watch Winner 2019


    Live the NextUp Journey


    Excited? So are we! Here’s how to apply: 

    1. Visit the NextUp website at youtube.com/nextup to check Eligibility Requirements and Contest Rules. 
    2. If you meet the criteria, go ahead and apply! We welcome entries from all over India for the contest.  

      We can’t wait to see what you come up with! Tweet at us at @YTCreatorsIndia with the hashtag #YouTubeNextUp to share your excitement for the contest. And watch this space for other special editions of NextUp in 2020. 

      Posted by Satya Raghavan, Director, YouTube Partnerships, India, & Marc Lefkowitz, Head of YouTube Creator and Artist Development, APAC

      Data Encryption on Android with Jetpack Security

      Posted by Jon Markoff, Staff Developer Advocate, Android Security

      Illustration by Virginia Poltrack

      Have you ever tried to encrypt data in your app? As a developer, you want to keep data safe, and in the hands of the party intended to use. But if you’re like most Android developers, you don’t have a dedicated security team to help encrypt your app’s data properly. By searching the web to learn how to encrypt data, you might get answers that are several years out of date and provide incorrect examples.

      The Jetpack Security (JetSec) crypto library provides abstractions for encrypting Files and SharedPreferences objects. The library promotes the use of the AndroidKeyStore while using safe and well-known cryptographic primitives. Using EncryptedFile and EncryptedSharedPreferences allows you to locally protect files that may contain sensitive data, API keys, OAuth tokens, and other types of secrets.

      Why would you want to encrypt data in your app? Doesn’t Android, since 5.0, encrypt the contents of the user's data partition by default? It certainly does, but there are some use cases where you may want an extra level of protection. If your app uses shared storage, you should encrypt the data. In the app home directory, your app should encrypt data if your app handles sensitive information including but not limited to personally identifiable information (PII), health records, financial details, or enterprise data. When possible, we recommend that you tie this information to biometrics for an extra level of protection.

      Jetpack Security is based on Tink, an open-source, cross-platform security project from Google. Tink might be appropriate if you need general encryption, hybrid encryption, or something similar. Jetpack Security data structures are fully compatible with Tink.

      Key Generation

      Before we jump into encrypting your data, it’s important to understand how your encryption keys will be kept safe. Jetpack Security uses a master key, which encrypts all subkeys that are used for each cryptographic operation. JetSec provides a recommended default master key in the MasterKeys class. This class uses a basic AES256-GCM key which is generated and stored in the AndroidKeyStore. The AndroidKeyStore is a container which stores cryptographic keys in the TEE or StrongBox, making them hard to extract. Subkeys are stored in a configurable SharedPreferences object.

      Primarily, we use the AES256_GCM_SPEC specification in Jetpack Security, which is recommended for general use cases. AES256-GCM is symmetric and generally fast on modern devices.

      val keyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
      

      For apps that require more configuration, or handle very sensitive data, it’s recommended to build your KeyGenParameterSpec, choosing options that make sense for your use. Time-bound keys with BiometricPrompt can provide an extra level of protection against rooted or compromised devices.

      Important options:

      • userAuthenticationRequired() and userAuthenticationValiditySeconds() can be used to create a time-bound key. Time-bound keys require authorization using BiometricPrompt for both encryption and decryption of symmetric keys.
      • unlockedDeviceRequired() sets a flag that helps ensure key access cannot happen if the device is not unlocked. This flag is available on Android Pie and higher.
      • Use setIsStrongBoxBacked(), to run crypto operations on a stronger separate chip. This has a slight performance impact, but is more secure. It’s available on some devices that run Android Pie or higher.

      Note: If your app needs to encrypt data in the background, you should not use time-bound keys or require that the device is unlocked, as you will not be able to accomplish this without a user present.

      // Custom Advanced Master Key
      val advancedSpec = KeyGenParameterSpec.Builder(
          "master_key",
          KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
      ).apply {
          setBlockModes(KeyProperties.BLOCK_MODE_GCM)
          setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
          setKeySize(256)
          setUserAuthenticationRequired(true)
          setUserAuthenticationValidityDurationSeconds(15) // must be larger than 0
          if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
              setUnlockedDeviceRequired(true)
              setIsStrongBoxBacked(true)
          }
      }.build()
      
      val advancedKeyAlias = MasterKeys.getOrCreate(advancedSpec)
      

      Unlocking time-bound keys

      You must use BiometricPrompt to authorize the device if your key was created with the following options:

      • userAuthenticationRequired is true
      • userAuthenticationValiditySeconds > 0

      After the user authenticates, the keys are unlocked for the amount of time set in the validity seconds field. The AndroidKeystore does not have an API to query key settings, so your app must keep track of these settings. You should build your BiometricPrompt instance in the onCreate() method of the activity where you present the dialog to the user.

      BiometricPrompt code to unlock time-bound keys

      // Activity.onCreate
      
      val promptInfo = PromptInfo.Builder()
          .setTitle("Unlock?")
          .setDescription("Would you like to unlock this key?")
          .setDeviceCredentialAllowed(true)
          .build()
      
      val biometricPrompt = BiometricPrompt(
          this, // Activity
          ContextCompat.getMainExecutor(this),
          authenticationCallback
      )
      
      private val authenticationCallback = object : AuthenticationCallback() {
              override fun onAuthenticationSucceeded(
                  result: AuthenticationResult
              ) {
                  super.onAuthenticationSucceeded(result)
                  // Unlocked -- do work here.
              }
              override fun onAuthenticationError(
                  errorCode: Int, errString: CharSequence
              ) {
                  super.onAuthenticationError(errorCode, errString)
                  // Handle error.
              }
          }
      
      To use:
      biometricPrompt.authenticate(promptInfo)
      

      Encrypt Files

      Jetpack Security includes an EncryptedFile class, which removes the challenges of encrypting file data. Similar to File, EncryptedFile provides a FileInputStream object for reading and a FileOutputStream object for writing. Files are encrypted using Streaming AEAD, which follows the OAE2 definition. The data is divided into chunks and encrypted using AES256-GCM in such a way that it's not possible to reorder.

      val secretFile = File(filesDir, "super_secret")
      val encryptedFile = EncryptedFile.Builder(
          secretFile,
          applicationContext,
          advancedKeyAlias,
          FileEncryptionScheme.AES256_GCM_HKDF_4KB)
          .setKeysetAlias("file_key") // optional
          .setKeysetPrefName("secret_shared_prefs") // optional
          .build()
      
      encryptedFile.openFileOutput().use { outputStream ->
          // Write data to your encrypted file
      }
      
      encryptedFile.openFileInput().use { inputStream ->
          // Read data from your encrypted file
      }
      

      Encrypt SharedPreferences

      If your application needs to save Key-value pairs - such as API keys - JetSec provides the EncryptedSharedPreferences class, which uses the same SharedPreferences interface that you’re used to.

      Both keys and values are encrypted. Keys are encrypted using AES256-SIV-CMAC, which provides a deterministic cipher text; values are encrypted with AES256-GCM and are bound to the encrypted key. This scheme allows the key data to be encrypted safely, while still allowing lookups.

      EncryptedSharedPreferences.create(
          "my_secret_prefs",
          advancedKeyAlias,
          applicationContext,
          PrefKeyEncryptionScheme.AES256_SIV,
          PrefValueEncryptionScheme.AES256_GCM
      ).edit {
          // Update secret values
      }
      

      More Resources

      FileLocker is a sample app on the Android Security GitHub samples page. It’s a great example of how to use File encryption using Jetpack Security.

      Happy Encrypting!

      Data Encryption on Android with Jetpack Security

      Posted by Jon Markoff, Staff Developer Advocate, Android Security

      Illustration by Virginia Poltrack

      Have you ever tried to encrypt data in your app? As a developer, you want to keep data safe, and in the hands of the party intended to use. But if you’re like most Android developers, you don’t have a dedicated security team to help encrypt your app’s data properly. By searching the web to learn how to encrypt data, you might get answers that are several years out of date and provide incorrect examples.

      The Jetpack Security (JetSec) crypto library provides abstractions for encrypting Files and SharedPreferences objects. The library promotes the use of the AndroidKeyStore while using safe and well-known cryptographic primitives. Using EncryptedFile and EncryptedSharedPreferences allows you to locally protect files that may contain sensitive data, API keys, OAuth tokens, and other types of secrets.

      Why would you want to encrypt data in your app? Doesn’t Android, since 5.0, encrypt the contents of the user's data partition by default? It certainly does, but there are some use cases where you may want an extra level of protection. If your app uses shared storage, you should encrypt the data. In the app home directory, your app should encrypt data if your app handles sensitive information including but not limited to personally identifiable information (PII), health records, financial details, or enterprise data. When possible, we recommend that you tie this information to biometrics for an extra level of protection.

      Jetpack Security is based on Tink, an open-source, cross-platform security project from Google. Tink might be appropriate if you need general encryption, hybrid encryption, or something similar. Jetpack Security data structures are fully compatible with Tink.

      Key Generation

      Before we jump into encrypting your data, it’s important to understand how your encryption keys will be kept safe. Jetpack Security uses a master key, which encrypts all subkeys that are used for each cryptographic operation. JetSec provides a recommended default master key in the MasterKeys class. This class uses a basic AES256-GCM key which is generated and stored in the AndroidKeyStore. The AndroidKeyStore is a container which stores cryptographic keys in the TEE or StrongBox, making them hard to extract. Subkeys are stored in a configurable SharedPreferences object.

      Primarily, we use the AES256_GCM_SPEC specification in Jetpack Security, which is recommended for general use cases. AES256-GCM is symmetric and generally fast on modern devices.


      val keyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)

      For apps that require more configuration, or handle very sensitive data, it’s recommended to build your KeyGenParameterSpec, choosing options that make sense for your use. Time-bound keys with BiometricPrompt can provide an extra level of protection against rooted or compromised devices.

      Important options:

      • userAuthenticationRequired() and userAuthenticationValiditySeconds() can be used to create a time-bound key. Time-bound keys require authorization using BiometricPrompt for both encryption and decryption of symmetric keys.
      • unlockedDeviceRequired() sets a flag that helps ensure key access cannot happen if the device is not unlocked. This flag is available on Android Pie and higher.
      • Use setIsStrongBoxBacked(), to run crypto operations on a stronger separate chip. This has a slight performance impact, but is more secure. It’s available on some devices that run Android Pie or higher.

      Note: If your app needs to encrypt data in the background, you should not use time-bound keys or require that the device is unlocked, as you will not be able to accomplish this without a user present.


      // Custom Advanced Master Key
      val advancedSpec = KeyGenParameterSpec.Builder(
      "master_key",
      KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
      ).apply {
      setBlockModes(KeyProperties.BLOCK_MODE_GCM)
      setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
      setKeySize(256)
      setUserAuthenticationRequired(true)
      setUserAuthenticationValidityDurationSeconds(15) // must be larger than 0
      if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
      setUnlockedDeviceRequired(true)
      setIsStrongBoxBacked(true)
      }
      }.build()

      val advancedKeyAlias = MasterKeys.getOrCreate(advancedSpec)

      Unlocking time-bound keys

      You must use BiometricPrompt to authorize the device if your key was created with the following options:

      • userAuthenticationRequired is true
      • userAuthenticationValiditySeconds > 0

      After the user authenticates, the keys are unlocked for the amount of time set in the validity seconds field. The AndroidKeystore does not have an API to query key settings, so your app must keep track of these settings. You should build your BiometricPrompt instance in the onCreate() method of the activity where you present the dialog to the user.

      BiometricPrompt code to unlock time-bound keys

      // Activity.onCreate

      val promptInfo = PromptInfo.Builder()
      .setTitle("Unlock?")
      .setDescription("Would you like to unlock this key?")
      .setDeviceCredentialAllowed(true)
      .build()

      val biometricPrompt = BiometricPrompt(
      this, // Activity
      ContextCompat.getMainExecutor(this),
      authenticationCallback
      )

      private val authenticationCallback = object : AuthenticationCallback() {
      override fun onAuthenticationSucceeded(
      result: AuthenticationResult
      ) {
      super.onAuthenticationSucceeded(result)
      // Unlocked -- do work here.
      }
      override fun onAuthenticationError(
      errorCode: Int, errString: CharSequence
      ) {
      super.onAuthenticationError(errorCode, errString)
      // Handle error.
      }
      }

      To use:
      biometricPrompt.authenticate(promptInfo)

      Encrypt Files

      Jetpack Security includes an EncryptedFile class, which removes the challenges of encrypting file data. Similar to File, EncryptedFile provides a FileInputStream object for reading and a FileOutputStream object for writing. Files are encrypted using Streaming AEAD, which follows the OAE2 definition. The data is divided into chunks and encrypted using AES256-GCM in such a way that it's not possible to reorder.

      val secretFile = File(filesDir, "super_secret")
      val encryptedFile = EncryptedFile.Builder(
      secretFile,
      applicationContext,
      advancedKeyAlias,
      FileEncryptionScheme.AES256_GCM_HKDF_4KB)
      .setKeysetAlias("file_key") // optional
      .setKeysetPrefName("secret_shared_prefs") // optional
      .build()

      encryptedFile.openFileOutput().use { outputStream ->
      // Write data to your encrypted file
      }

      encryptedFile.openFileInput().use { inputStream ->
      // Read data from your encrypted file
      }

      Encrypt SharedPreferences

      If your application needs to save Key-value pairs - such as API keys - JetSec provides the EncryptedSharedPreferences class, which uses the same SharedPreferences interface that you’re used to.

      Both keys and values are encrypted. Keys are encrypted using AES256-SIV-CMAC, which provides a deterministic cipher text; values are encrypted with AES256-GCM and are bound to the encrypted key. This scheme allows the key data to be encrypted safely, while still allowing lookups.

      EncryptedSharedPreferences.create(
      "my_secret_prefs",
      advancedKeyAlias,
      applicationContext,
      PrefKeyEncryptionScheme.AES256_SIV,
      PrefValueEncryptionScheme.AES256_GCM
      ).edit {
      // Update secret values
      }

      More Resources

      FileLocker is a sample app on the Android Security GitHub samples page. It’s a great example of how to use File encryption using Jetpack Security.

      Happy Encrypting!

      Improving Malicious Document Detection in Gmail with Deep Learning




      Gmail protects your incoming mail against spam, phishing attempts, and malware. Our existing machine learning models are highly effective at doing this, and in conjunction with our other protections, they help block more than 99.9% of threats from reaching Gmail inboxes.

      One of our key protections is our malware scanner that processes more than 300 billion attachments each week to block harmful content. 63% percent of the malicious documents we block differ from day to day. To stay ahead of this constantly evolving threat, we recently added a new generation of document scanners that rely on deep learning to improve our detection capabilities. We’re sharing the details of this technology and its early success this week at RSA 2020.

      Since the new scanner launched at the end of 2019, we have increased our daily detection coverage of Office documents that contain malicious scripts by 10%. Our technology is especially helpful at detecting adversarial, bursty attacks. In these cases, our new scanner has improved our detection rate by 150%. Under the hood, our new scanner uses a distinct TensorFlow deep-learning model trained with TFX (TensorFlow Extended) and a custom document analyzer for each file type. The document analyzers are responsible for parsing the document, identifying common attack patterns, extracting macros, deobfuscating content, and performing feature extraction.


      Strengthening our document detection capabilities is one of our key focus areas, as malicious documents represent 58% of the malware targeting Gmail users. We are still actively developing this technology, and right now, we only use it to scan Office documents.

      Our new scanner runs in parallel with existing detection capabilities, all of which contribute to the final verdict of our decision engine to block a malicious document. Combining different scanners is one of the cornerstones of our defense-in-depth approach to help protect users and ensure our detection system is resilient to adversarial attacks.

      We will continue to actively expand the use of artificial intelligence to protect our users’ inboxes, and to stay ahead of attacks.

      Enhancing the Research Community’s Access to Street View Panoramas for Language Grounding Tasks



      Significant advances continue to be made in both natural language processing and computer vision, but the research community is still far from having computer agents that can interpret instructions in a real-world visual context and take appropriate actions based on those instructions. Agents, including robots, can learn to navigate new environments, but they cannot yet understand instructions such as, “Go forward and turn left after the red fire hydrant by the train tracks. Then go three blocks and stop in front of the building with a row of flags over its entrance.” Doing so requires relating verbal descriptions like train tracks, red fire hydrant, and row of flags to their visual appearance, understanding what a block is and how to count three of them, relating objects based on spatial configurations such as by and over, relating directions such as go forward and turn left to actions, and much more.

      Grounded language understanding problems of this form are excellent testbeds for research on computational intelligence in that they are easy for people but hard for current agents, they synthesize language, perception and action, and evaluation of successful completion is straightforward. Progress on such problems can greatly enhance the ability of agents to coordinate movement and action with people. However finding or creating datasets large and diverse enough for developing robust models is difficult.

      An ideal resource for quickly training and evaluating agents on grounded language understanding tasks is Street View imagery, an extensive and visually rich virtual representation of the world. Street View is integrated with Google Maps and is composed of billions of street-level panoramas. The Touchdown dataset, created by researchers at Cornell Tech, represents a compelling example of using Street View to drive research on grounded language understanding. However, due to restrictions on access to Street View panoramas, Touchdown can only provide panorama IDs rather than the panoramas themselves, sometimes making it difficult for the broader research community to work on Touchdown’s tasks: vision-and-language navigation (VLN), in which instructions are presented for navigation through streets, and spatial description resolution (SDR), which requires resolving spatial descriptions from a given viewpoint.

      In “Retouchdown: Adding Touchdown to StreetLearn as a Shareable Resource for Language Grounding Tasks in Street View,” we address this problem by adding the Street View panoramas referenced in the Touchdown tasks to the existing StreetLearn dataset. Using this data, we generate a model that is fully compatible with the tasks defined in Touchdown. Additionally, we have provided open source TensorFlow implementations for the Touchdown tasks as part of the VALAN toolkit.

      Grounded Language Understanding Tasks
      Touchdown’s two grounded language understanding tasks can be used as benchmarks for navigation models. VLN involves following instructions from one street location to another, while SDR requires identifying a point in a Street View panorama given a description based on its surrounding visual context. The two tasks are shown being performed together in the animation below.
      Example animation of a person following Touchdown instructions: “Orient yourself so that the umbrellas are to the right. Go straight and take a right at the first intersection. At the next intersection there should be an old-fashioned store to the left. There is also a dinosaur mural to the right. Touchdown is on the back of the dinosaur.”
      Touchdown’s VLN task is similar to that defined in the popular Room-to-Room dataset, except that Street View has far greater visual diversity and more degrees of freedom for movement. Performance of the baseline models in Touchdown leaves considerable headroom for innovation and improvement on many facets of the task, including linguistic and visual representations, their integration, and learning to take actions conditioned on them.

      That said, while enabling the broader research community to work with Touchdown’s tasks, certain safeguards are needed to make it compliant with the Google Maps/Google Earth Terms of Service and protect the needs of both Google and individuals. For example, panoramas may not be mass downloaded, nor can they be stored indefinitely (for example, individuals may ask to remove specific panoramas). Therefore, researchers must periodically delete and refresh panoramas in order to work with the data while remaining compliant with these terms.

      StreetLearn: A Dataset of Approved Panoramas for Research Use
      An alternative way to interact with Street View panoramas was forged by DeepMind with the StreetLearn data release last year. With StreetLearn, interested researchers can fill out a form requesting access to a set of 114k panoramas for regions of New York City and Pittsburgh. Recently, StreetLearn has been used to support the StreetNav task suite, which includes training and evaluating agents that follow Google Maps directions. This is a VLN task like Touchdown and Room-to-Room; however, it differs greatly in that it does not use natural language provided by people.

      Additionally, even though StreetLearn’s panoramas cover the same area of Manhattan as Touchdown, they are not adequate for research covering the tasks defined in Touchdown, because those tasks require the exact panoramas that were used during the Touchdown annotation process. For example, in Touchdown tasks, the language instructions refer to transient objects such as cars, bicycles, and couches. A Street View panorama from a different time period may not contain these objects, so the instructions are not stable across time periods.
      Touchdown instruction: “Two parked bicycles, and a discarded couch, all on the left. Walk just past this couch, and stop before you pass another parked bicycle. This bike will be white and red, with a white seat. Touchdown is sitting on top of the bike seat.” Other panoramas from the same location taken at other times would be highly unlikely to contain these exact items in the exact same positions. For a concrete example, see the current imagery available for this location in Street View, which contains very different transient objects.
      Furthermore, SDR requires coverage of multiple points-of-view for those specific panoramas. For example, the following panorama is one step down the street from the previous one. They may look similar, but they are in fact quite different — note that the bikes seen on the left side in both panoramas are not  the same — and the location of Touchdown is toward the middle of the above panorama (on the bike seat) and to the bottom left in the second panorama. As such, the pixel location of the SDR problem is different for different panoramas, but consistent with respect to the real world location referred to in the instruction. This is especially important for the end-to-end task of following both the VLN and SDR instructions together: if an agent stops, they should be able to complete the SDR task regardless of their exact location (provided the target is visible).
      A panorama one step farther down the street from the previous scene.
      Another problem is that the granularity of the panorama spacing is different. The figure below shows the overlap between the StreetLearn (blue) and Touchdown (red) panoramas in Manhattan. There are 710 panoramas (out of 29,641) that share the same ID in both datasets (in black). Touchdown covers half of Manhattan and the density of the panoramas is similar, but the exact locations of the nodes visited differ.
      Adding Touchdown Panoramas to StreetLearn and Verifying Model Baselines
      Retouchdown reconciles Touchdown’s mode of dissemination with StreetLearn’s, which was originally designed to adhere to the rights of Google and individuals while also simplifying access to researchers and improving reproducibility. Retouchdown includes both data and code that allows the broader research community to work effectively with the Touchdown tasks — most importantly to ensure access to the data and to ease reproducibility. To this end, we have integrated the Touchdown panoramas into the StreetLearn dataset to create a new version of StreetLearn with 144k panoramas (an increase of 26%) that are all approved for research use.

      We also reimplemented models for VLN and SDR and show that they are on par or better than the results obtained in the original Touchdown paper. These implementations are open-sourced as well, as part of the VALAN toolkit. The first graph below compares the results of Chen et al. (2019) to our reimplementation for the VLN task. It includes the SDTW metric, which measures both successful completion and fidelity to the true reference path. The second graph below makes the same comparison for the SDR task. For SDR, we show accuracy@npx measurements, which provides the percent of times the model’s prediction is within n pixels of the goal location in the image. Our results are slightly better due to some small differences in models and processing, but most importantly, the results show that the updated panoramas are fully capable of supporting future modeling for the Touchdown tasks.
      Performance comparison between Chen et al. (2019) using the original panoramas (in blue) and our reimplementation using the panoramas available in StreetLearn (in red). Top: VLN results for task completion, shortest path distance and success weighted by Dynamic Time Warping (SDTW). Bottom: SDR results for the accuracy@npx metrics.
      Obtaining the Data
      Researchers interested in working with the panoramas should fill out the StreetLearn interest form. Subject to approval, they will be provided with a download link. Their information is held so that the StreetLearn team can inform them of updates to the data. This allows both Google and participating researchers to effectively and easily respect takedown requests. The instructions and panorama connectivity data can be obtained from the Touchdown github repository.

      It is our hope that this release of these additional panoramas will enable the research community to make further progress on these challenging grounded language understanding tasks.

      Acknowledgements
      The core team includes Yoav Artzi, Eugene Ie, and Piotr Mirowski. We would like to thank Howard Chen for his help with reproducing the Touchdown results, Larry Lansing, Valts Blukis and Vihan Jain for their help with the code and open-sourcing, and the Language team in Google Research, especially Radu Soricut, for the insightful comments that contributed to this work. Many thanks also to the Google Maps and Google Street View teams for their support in accessing and releasing the data, and to the Data Compute team for reviewing the panoramas.

      Source: Google AI Blog


      Dev Channel Update for Desktop

      The Dev channel has been updated to 82.0.4068.4 & 82.0.4068.5 for Windows & Mac, 82.0.4068.4 for Linux.
      A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
      Krishna Govind Google Chrome

      How we help Black-owned businesses grow their digital skills

      Born on a cotton plantation in Louisiana in 1867, Sarah Breedlove faced many challenges as she sought to work her way out of poverty during a time of intense racial discrimination. Like many Black Americans, Sarah, who would later be known as Madam C.J. Walker, turned to entrepreneurship as a way to create her own opportunity and started a hair care line in 1906. She eventually grew that company into a hair and cosmetics empire, becoming the first Black female millionaire in the United States.

      Today the number of Black-owned businesses is on the rise in the U.S., with Black women fueling much of that growth. Even so, Black entrepreneurs still face obstacles, including a lack of access to funding and digital tools. 

      Google is committed to creating greater access to opportunities for these business owners. Last year, Google.org pledged$10 million to help underrepresented entrepreneurs start new businesses by providing access to training and capital. And we recently announced the Google for Startups Founders Academy, which will support underrepresented startup founders in Atlanta on topics such as sales, strategy, hiring and fundraising.

      We’ve been working in communities across the country to provide free in-person workshops through our Grow with Google Digital Coaches program, which aims to help Black and Latino business owners become more digitally savvy and reach customers online. Since the program’s launch in 2017, our digital coaches have trained tens of thousands of business owners in cities across the country. 

      One of those cities is Washington, D.C., which has long been home to a vibrant Black entrepreneurial community. Our local digital coach, Johnny Bailey, has trained thousands of local entrepreneurs,  including Sherika Wynter and Shallon Thomas, co-founders of T|W Lunch Tote, a startup that creates stylish and professional lunch bags. They knew that plenty of people were tired of carrying their lunches in paper or plastic bags, but struggled to find their customers. 

      After attending Grow with Google workshops led by Johnny, Sherika and Shallon learned more effective ways to use online tools like Google Ads, Analytics and G Suite, and put that knowledge to work. Since then, their sales have grown by 55 percent and now they face a new challenge: keeping up with orders.

      As we celebrate Black History Month, Grow with Google is hosting a Black Small Business Meetup in D.C. today, where we’ll be training entrepreneurs on how to use digital tools and hearing from Johnny and Sherika about how they grew their business. You can join us by tuning into the livestream or learn more about Digital Coaches.

      We look forward to continuing to support business owners like Sherika and Shallon, who carry on the legacy of Madam C.J. Walker, and the many other entrepreneurs who came before them.


      How to showcase your events on Google Search

      It’s officially 2020 and people are starting to make plans for the year ahead. If you produce any type of event, you can help people discover your events with the event search experience on Google. 

      Have a concert or hosting a workshop? Event markup allows people to discover your event when they search for "concerts this weekend" or "workshops near me." People can also discover your event when they search for venues, such as sports stadiums or a local pub. Events may surface in a given venue's Knowledge Panel to better help people find out what’s happening at that respective location.

      Screenshots of clicking on an event in Search
      Sample event landing page screenshot

      Launching in new regions and languages

      We recently launched the event search experience in Germany and Spain, which brings the event search experience on Google to nine countries and regions around the world. For a full list of where the event search experience works, check out the list of available languages and regions.

      How to get your events on Google

      There are three options to make your events eligible to appear on Google:

      • If you use a third-party website to post events (for example, you post events on ticketing websites or social platforms), check to see if your event publisher is already participating in the event search experience on Google. One way to check is to search for a popular event shown on the platform and see if the event listing is shown. If your event publisher is integrated with Google, continue to post your events on the third-party website.
      • If you use a CMS (for example, WordPress) and you don't have access to your HTML, check with your CMS to see if there's a plugin that can add structured data to your site for you. Alternatively, you can use the Data Highlighter to tell Google about your events without editing the HTML of your site.
      • If you're comfortable editing your HTML, use structured data to directly integrate with Google. You’ll need to edit the HTML of the event pages.

      Follow best practices

      If you've already implemented event structured data, we recommend that you review your structured data to make sure it meets our guidelines. In particular, you should:

      • Make sure you're including the required and recommended properties that are outlined in our developer guidelines.
      • Make sure your event details are high quality, as defined by our guidelines. For example, use the description field to describe the event itself in more detail instead of repeating attributes such as title, date, location, or highlighting other website functionality.
      • Use the Rich Result Test to test and preview your structured data.

      Monitor your performance on Search

      You can check how people are interacting with your event postings with Search Console:

      Search Console Rich Results report

      If you have any questions, please visit the Webmaster Central Help Forum.