Pirate captain blasts Google for its 'mystery' Chrome blob Pirate Party captain Rick Falkvinge has weighed into the Google Chrome 'listening blob' debate, saying Mountain View silently downloaded an 'eavesdropper' to Chrome users' machines. The row arose last week, when Debian users first noticed that The Chocolate Factory was dropping the blob on their machines. Falkvinge rejects …
But if you include a stealth binary with otherwise OpenSource Code, doesn't that mean the binary is treated as OpenSource as well? If that's the case then open that little bastard up, find out exactly what it does, & pimp slap Google for including it at all, much less in secret. If not then I'd still vote to ban Google from making any non-validated-and-verified additions to the project as they have been doing, instead putting a hold on all contributions until/unless the code has been vetted not to pull shit like this.
<Sarcasm>Or you could just run Windows 95, the world's most secure operating system ever!</Sarcasm>
*Runs. Like. Hell*
I took a brief look at the licenses. These are open source licenses, not free software licenses. The non-Google authors of the code selected licenses that permit linking with closed source software. Google is not obliged to release any of their source code for Chrome.
If Google had incorporated anything with a proper free software license, then recipients of Chrome would be protected by the four freedoms of free software and would have the right to purchase the source code at approximately the cost of media and shipping.
As always, read and understand the license before installing or contributing to a project.
Chromium is the open-source part of the web browser project, and Chrome is Google's version with additional propitiatory stuff built-in (flash, other spyware).
That is what has kicked off the storm, that Google had modified the open source part to download a close-source (and pretty creepy) feature for voice recognition.
So the problem seems to be that users of Chromium who do trust the many millions of lines of Google contributed code in their browser don't trust Google not to transmit data other than after the keywords "OK Google" have been spoken?
You're absolutely correct, it's not tricky.
If these users trust the source code because they can read it, they can easily confirm that the binary blob is never called unless the user affirmatively opts in.
Surely that's exactly what's intended by an open source license that permits linking to closed source binaries? If you don't trust the binary, you can satisfy yourself that it is never called or if it were to be called you can modify the code. If those are beyond your skill level then you can pay someone appropriately qualified to perform the task.
"People trust the open source lines because they can read them."
Which is great in principle, but everyone assumes someone else has read (and understood) the lines so nobody ever does. HeartBleed is a perfect example.
Open source *should* be more understood and less likely to be "malicious" than closed source. But the "trust" you place in open source software is only as good as the trust you place in the people who have peer reviewed the code. And you know who they are, don't you?
This post has been deleted by its author
Unfortunately it's Hobson's choice as far a "trusting" a thief is concerned.
Microsoft, Apple, Google and Oracle have a very poor track record when "innovating"* systems.
.
* Interesting note, the term "innovation" was coined by Bill Gates in the 90s when discussing the theft development of the companies software.
* Interesting note, the term "innovation" was coined by Bill Gates in the 90s when discussing the theft development of the companies software.
He must have stolen that too then because "innovation" is from Middle English and is derived from the Latin innovatio (n), and innovare (v)
I would absolutely recommend people to read that lawyer-drafted posting that apparently explains the whole thing away as being just a silly misunderstanding of an easy mistake that anyone could have made.
Includes reassuring remarks about how something *should* default to 'not enabled', and was not listed because it's a "component extension" and therefore apparently an integral part of the chrome experience even though you can supposedly turn it off. It reads like someone carefully not apologising for something they hoped they would not get pulled up for.
This is all about the global corporate mainframes extending their reach, and it's only a matter of time before the listening modules are fully integrated and inseparable. Do you believe the tick-box? The voice recognition is there for control, even if it appears to be for nothing more than to answer increasingly inane and pointless questions that must all be started with the mantra of submission to your computational master! The machines have already won and nobody noticed...
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
