公开(公告)号：US09275006B2

公开(公告)日：2016-03-01

申请号：US13717860

申请日：2012-12-18

Applicant: Google Inc.

Inventor： Adrian L. Ludwig ,  Curtis Gerald Condra, IV ,  Nicholas Neil Kralevich, IV

IPC: G06F15/177 ,  G06F9/445

CPC classification number: G06F15/177 ,  G06F8/65

Abstract: A method for updating configuration information includes, in a computing device including a processor, memory, and an operating system, initiating an update to at least one configuration setting of the computing device. The update may be downloaded from at least one update data source. The update may include configuration update data and configuration update metadata. The update may be verified by comparing the configuration update metadata with metadata associated with a current version of the at least one configuration setting. The update may be installed if it is verified. The update to the at least one configuration setting may be installed based on an intent from an unsecure component of the computing device. The unsecure component may include content consuming application installed on the device, a component of a computing platform of the device, and/or an update-seeker application installed on the device.

Abstract translation: 一种用于更新配置信息的方法包括：在包括处理器，存储器和操作系统的计算设备中，启动对所述计算设备的至少一个配置设置的更新。 该更新可以从至少一个更新数据源下载。 该更新可以包括配置更新数据和配置更新元数据。 可以通过将配置更新元数据与与至少一个配置设置的当前版本相关联的元数据进行比较来验证更新。 如果验证更新可能会被安装。 至少一个配置设置的更新可以基于来自计算设备的不安全的组件的意图来安装。 不安全的组件可以包括安装在设备上的内容消费应用程序，设备的计算平台的组件和/或安装在设备上的更新查找器应用程序。

公开(公告)号：US20140123285A1

公开(公告)日：2014-05-01

申请号：US13717824

申请日：2012-12-18

Applicant: Google Inc.

Inventor： Adrian L. Ludwig ,  Curtis Gerald Condra, IV ,  Nicholas Neil Kralevich, IV

IPC: G06F21/55

CPC classification number: G06F21/55 ,  G06F21/552 ,  G06F21/554 ,  G06F21/577 ,  G06F2221/2101 ,  H04L63/1433

Abstract: A method may include, in a computing device including a processor, memory, an operating system, and at least one installed application, detecting an attempted exploitation of at least one known vulnerability associated with the device. The attempted exploitation may be logged. At least one remedial action may be performed on the device based on the logged attempted exploitation. The known vulnerability may be associated with the operating system and/or the at least one installed application. The at least one known vulnerability may include one or more of at least one known coding flaw in the operating system or in the at least one installed application, at least one known weakness in a protocol running on the computing device, a known family of coding flaws in the operating system or in the at least one installed application, an unauthorized triggering of premium SMS services, and/or triggering of a hostile misconfiguration.

Abstract translation: 一种方法可以包括在包括处理器，存储器，操作系统和至少一个已安装应用的计算设备中，检测对与该设备相关联的至少一个已知漏洞的尝试利用。 可能会记录尝试的利用。 可以基于记录的尝试利用在设备上执行至少一个补救措施。 已知的漏洞可以与操作系统和/或至少一个安装的应用相关联。 所述至少一个已知的漏洞可以包括操作系统或至少一个安装的应用中的至少一个已知的编码缺陷中的一个或多个，在计算设备上运行的协议中的至少一个已知的弱点，已知的编码系列 操作系统或至少一个安装的应用程序的缺陷，未经授权的触发高级SMS服务和/或触发敌对错误配置。

公开(公告)号：US09117072B2

公开(公告)日：2015-08-25

申请号：US13717824

申请日：2012-12-18

Applicant: Google Inc.

Inventor： Adrian L. Ludwig ,  Curtis Gerald Condra, IV ,  Nicholas Neil Kralevich, IV

IPC: G06F21/55 ,  G06F21/57 ,  H04L29/06

CPC classification number: G06F21/55 ,  G06F21/552 ,  G06F21/554 ,  G06F21/577 ,  G06F2221/2101 ,  H04L63/1433

Abstract: A method may include, in a computing device including a processor, memory, an operating system, and at least one installed application, detecting an attempted exploitation of at least one known vulnerability associated with the device. The attempted exploitation may be logged. At least one remedial action may be performed on the device based on the logged attempted exploitation. The known vulnerability may be associated with the operating system and/or the at least one installed application. The at least one known vulnerability may include one or more of at least one known coding flaw in the operating system or in the at least one installed application, at least one known weakness in a protocol running on the computing device, a known family of coding flaws in the operating system or in the at least one installed application, an unauthorized triggering of premium SMS services, and/or triggering of a hostile misconfiguration.

Abstract translation: 一种方法可以包括在包括处理器，存储器，操作系统和至少一个已安装应用的计算设备中，检测对与该设备相关联的至少一个已知漏洞的尝试利用。 可能会记录尝试的利用。 可以基于记录的尝试利用在设备上执行至少一个补救措施。 已知的漏洞可以与操作系统和/或至少一个安装的应用相关联。 所述至少一个已知的漏洞可以包括操作系统或至少一个安装的应用中的至少一个已知的编码缺陷中的一个或多个，在计算设备上运行的协议中的至少一个已知的弱点，已知的编码系列 操作系统或至少一个安装的应用程序的缺陷，未经授权的触发高级SMS服务和/或触发敌对错误配置。

公开(公告)号：US20140274172A1

公开(公告)日：2014-09-18

申请号：US13934176

申请日：2013-07-02

Applicant: Google Inc.

Inventor： Adrian Ludwig ,  Robert J. Greenwalt, III ,  Winthrop Lyon Saville, III ,  Nicholas Neil Kralevich, IV ,  Jake Hamby ,  Randall Sarafa ,  Alexander Faaborg

IPC: H04W4/14

CPC classification number: H04W4/14 ,  H04L51/00 ,  H04L51/38 ,  H04M1/72552 ,  H04M1/72577 ,  H04M2215/28 ,  H04M2250/10 ,  H04W4/24

Abstract: A device includes at least one processor, a messaging service operable by the at least one processor to determine whether an outgoing message is a likely premium message, and a user interface module operable by the at least one processor to responsive to determining that outgoing message is the likely premium message, output, for display, a prompt for confirmation to send the outgoing message to a likely premium code, and receive an indication of input detected within the prompt for confirmation. The module is further operable by the at least one processor to selectively send, based at least in part on the received indication of the user input, the outgoing message to the likely premium code.

Abstract translation: 一种设备包括至少一个处理器，由至少一个处理器可操作的消息传递服务，以确定传出消息是否是可能的溢价消息，以及由所述至少一个处理器可操作以响应于确定传出消息是 可能的溢价消息，输出，用于显示，提示确认将输出消息发送到可能的溢价代码，以及接收在提示中检测到的输入的指示以进行确认。 所述模块还可由所述至少一个处理器操作，至少部分地基于所接收的用户输入的指示，将所述输出消息选择性地发送到所述可能的溢价代码。

公开(公告)号：US09143906B2

公开(公告)日：2015-09-22

申请号：US13934176

申请日：2013-07-02

Applicant: Google Inc.

Inventor： Adrian Ludwig ,  Robert J. Greenwalt, III ,  Winthrop Lyon Saville, III ,  Nicholas Neil Kralevich, IV ,  Jake Hamby ,  Randall Sarafa ,  Alexander Faaborg

IPC: H04W4/00 ,  H04W4/14 ,  H04L12/58 ,  H04W4/24 ,  H04M1/725 ,  H04M11/00

CPC classification number: H04W4/14 ,  H04L51/00 ,  H04L51/38 ,  H04M1/72552 ,  H04M1/72577 ,  H04M2215/28 ,  H04M2250/10 ,  H04W4/24

Abstract: A device includes at least one processor, a messaging service operable by the at least one processor to determine whether an outgoing message is a likely premium message, and a user interface module operable by the at least one processor to responsive to determining that outgoing message is the likely premium message, output, for display, a prompt for confirmation to send the outgoing message to a likely premium code, and receive an indication of input detected within the prompt for confirmation. The module is further operable by the at least one processor to selectively send, based at least in part on the received indication of the user input, the outgoing message to the likely premium code.

Abstract translation: 一种设备包括至少一个处理器，由至少一个处理器可操作的消息传递服务，以确定传出消息是否是可能的溢价消息，以及由所述至少一个处理器可操作以响应于确定传出消息是 可能的溢价消息，输出，用于显示，提示确认将输出消息发送到可能的溢价代码，以及接收在提示中检测到的输入的指示以进行确认。 所述模块还可由所述至少一个处理器操作，至少部分地基于所接收的用户输入的指示，将所述输出消息选择性地发送到所述可能的溢价代码。

公开(公告)号：US20140122862A1

公开(公告)日：2014-05-01

申请号：US13717860

申请日：2012-12-18

Applicant: Google Inc.

Inventor： Adrian L. Ludwig ,  Curtis Gerald Condra, IV ,  Nicholas Neil Kralevich, IV

IPC: G06F15/177

CPC classification number: G06F15/177 ,  G06F8/65

Abstract: A method for updating configuration information includes, in a computing device including a processor, memory, and an operating system, initiating an update to at least one configuration setting of the computing device. The update may be downloaded from at least one update data source. The update may include configuration update data and configuration update metadata. The update may be verified by comparing the configuration update metadata with metadata associated with a current version of the at least one configuration setting. The update may be installed if it is verified. The update to the at least one configuration setting may be installed based on an intent from an unsecure component of the computing device. The unsecure component may include content consuming application installed on the device, a component of a computing platform of the device, and/or an update-seeker application installed on the device.

Abstract translation: 一种用于更新配置信息的方法包括：在包括处理器，存储器和操作系统的计算设备中，启动对所述计算设备的至少一个配置设置的更新。 该更新可以从至少一个更新数据源下载。 该更新可以包括配置更新数据和配置更新元数据。 可以通过将配置更新元数据与与至少一个配置设置的当前版本相关联的元数据进行比较来验证更新。 如果验证更新可能会被安装。 至少一个配置设置的更新可以基于来自计算设备的不安全的组件的意图来安装。 不安全的组件可以包括安装在设备上的内容消费应用程序，设备的计算平台的组件和/或安装在设备上的更新查找器应用程序。