Re: Marvellous advice
It's a fair point, though I think he means visit your bank website - where you know the correct URL and can generally check the EV SSL certificate - and use a link from there to the correct app.
168 posts • joined 14 Jul 2009
It's a fair point, though I think he means visit your bank website - where you know the correct URL and can generally check the EV SSL certificate - and use a link from there to the correct app.
Because things like YouTube, Gmail, Google Docs and Google Voice have been so transient? There are plenty of Google Services that have suck around.
You're absolutely correct, it's not tricky.
If these users trust the source code because they can read it, they can easily confirm that the binary blob is never called unless the user affirmatively opts in.
Surely that's exactly what's intended by an open source license that permits linking to closed source binaries? If you don't trust the binary, you can satisfy yourself that it is never called or if it were to be called you can modify the code. If those are beyond your skill level then you can pay someone appropriately qualified to perform the task.
So the problem seems to be that users of Chromium who do trust the many millions of lines of Google contributed code in their browser don't trust Google not to transmit data other than after the keywords "OK Google" have been spoken?
Seriously? It's typical to have an https proxy? I've not seen one anywhere I've worked, unless the likes of Google are in cahoots with them.
Out of curiosity, how many https proxies generate an EV certificate when the requested domain issues one?
It gets you lots more than that. Your entire GET request is encrypted. So if you browse the BBC news site at work, currently your boss can track not just your use of the site, but also what stories your interested in. Perhaps you show a sudden interest in cancer stories and so you lose your job in some downsizing just in case you go off on sick leave. With https, all your boss knows is that you spent 20 minutes reading the news.
By hiding the metadata https benefits more than just users of sites that personalize content.
Nonsense. All the work before commissioning a vendor to write the software is portable to the second vendor.
Also, the first is likely to have asked most the questions you didn't think about, making it easier for the second.
If you have two suppliers work simultaneously you may get questions from both that make both products better.
As for the comment above about buying twice as much hardware, the article mentions the pilot and copilot's iPads both going blank. So you already have two devices, this is just about enduring there's redundancy beyond the physical device.
Admittedly, Google are late to roll out Google Wallet to the UK, but your experience is nothing like that of which Android is capable in the US.
I tap my phone and get a pin dialogue box. Enter my pin and confirm the payment. I can change which credit card I'm using if so desired.
The process is as seamless as you can really expect from a user point of view.
The problem for me is that I'm billed by Google rather than the store, and this limits my cash back substantially. That, however isn't Google's fault - the banks didn't want to play ball and instead wanted convoluted systems like the one you described.
It's worth pointing out that Republic Wireless already offer something very similar using the Spring network, with limited roaming to Verizon and calls and texts being routed over WiFi when connected to a decent signal. At $25/month for unlimited calls and texts and 5gb of data, it has a lot going for it.
It will be interesting to see how Goggle's approach differs in features and competes in price.
I have one, and am awaiting a second. I can easily monitor its upstream bandwidth so for it to start transmitting vast amounts if conversation would stand out like a sore thumb.
Mostly it's used for playing music or listening to the radio. If I add some hue or wemo outlets, they'll amidst certainly be to control a few lights. Can't say I'm terribly fearful of someone hacking in and turning on the porch light randomly.
Interesting. Which vendors are you considering that don't use hardware sourced from China?
Maybe I believe Google because we know that in February 2011 after a gmail outage, some users had their data restored from tape backups.
As for your aiming problems, I guess that only your wife can accurately comment.
A bit of selective quoting there. You missed the preceding sentence - "We aim to maintain our services in a manner that protects information from accidental or malicious destruction. "
Google backup to tape. When I click delete I do not expect a tape monkey to go scurrying around to find the tape and rearchive it absent my request to start a 45 minute timer.
I can completely understand that hitting delete is not instantaneous. Still, I think that if you click delete the data will be deleted, since to do otherwise would leave the company open to the most massive of class action litigation in the US. It simply wouldn't be worth the risk. And to think they could do it and keep it secret is ridiculous. Google have and will continue to fire people. If any one of them could get confirmation of a deliberate policy of retaining such data for future use by Google, they could inflict massive and likely permanent damage to the company.
Yeah, I tried multiple times with Chrome open and my phone in front of me. Neither would activate until I paused slightly before OK and after Google and removed the pause for the full stop in between.
Note that it only activates if Chrome has the window focus. Then the whole window changes and your computer beeps. So if, somehow, you did manage to make it accidentally trigger you'd know about it like the AC above said.
Seriously? How often do you find yourself saying ' OK Google' in conversation. I have a Moto X and it's never once activated due to an accidental muttering of "OK Google".
Looking at the Moto X, no audio before the "OK Google" is transmitted since that is recognized in hardware. I haven't tried the browser plugin to see if it's significantly different. To be honest, I think Google are just covering the arse in case they get some extra audio.
If you're concerned about what you have transmitted you can listen to the actual data on the Google Voice & Audio Activity Page.
Out of curiosity, do Samsung let you check and delete your search history from their storage and that of their third party service provider? How about Amazon and their Echo?
It's a bit disappointing that after three years the road access to Explorer House hasn't been added. However, I'm sure one of the OS staff could log in to Google Map Maker to add their entrance road and car park.
Not sure why you feel the need to name call? Perhaps you're just feeling a bit insecure this evening.
As the post above says, I get to use s multitude of Google services for zilch. Of course that has value. In the days before gmail, most webmail providers offered a few tens of megabytes of storage.
But, like I said in my comment, I value things like Google now. I value list sharing in Google keep. I value free US phone calls and 3 cents a minute calls to UK Mobile numbers with Google voice. And in exchange for those services I value, in willing to exchange some information.
It does seem a little disingenuous for el reg to criticize apps for sending information to Google when the page containing such criticism is running Google Analytics.
Frankly, I find Google Now to be helpful. It's nice to know when to leave for an appointment, and since I placed the appointment in my Google Calendar, the fact Google knows about it doesn't usually come as a surprise. When my flight details are emailed to my gmail account, either I can read the message in gmail or I can read the same details in another format in Google Now.
If I didn't want it, I wouldn't have opted in. If I decide I don't want it, I can opt out.
Sure, there are privacy concerns, but they are more fundamental than Google. There are plenty of ad networks out there who are silently building treasure troves of personal information and delivering little or nothing in return. Apple may not be selling user data directly, but they're certainly collecting it. As are Amazon, Microsoft, Doubleclick and so many others.
These are issues that will take legislation to address. Stopping using Google would only solve a tiny bit of the problem.
I'm still baffled by why Amazon think it a good business decision to boycott chromecast. I'm not buying an Amazon branded dongle for my telly when the one I've got works perfectly. And as a result, when I'm renting a movie at the weekend, I'm using the Play Store for no reason other than Amazon won't let me watch what using the device of my choice.
I've had Wifi calling on my Android Moto-X with Republic Wireless for months. They've been offering it on other phones for a couple of years.
It's a nice feature, but at least Republic Wireless recognize this is cost shifting to the customer and so have cheaper plans ($25/month for unlimited talk/text and 5GB of 3g). The big networks offering this with the iPhone don't seem to be doing the same, so your broadband gets used, reducing congestion on their towers and you continue to pay exactly the same.
Funny, the link contains no mention of Headquarters or the word HQ.
RBS have said they expect the move to have no impact on functions or jobs.
The RBS letter to staff sent this morning states:
"'This is a technical procedure regarding the location of our registered head office, based on our current strategy and business plan. It is not an intention to move operations or jobs'."
So, where do you get this statement about relocating the head office? Because it certainly didn't come from anything RBS has made public.
Well, here it was the banks and mobile networks that didn't want to work with Google in a way that would allow Wallet transactions to go directly from merchant to bank. That, as I understand it, is why Google had to accept the payment and then effectively pay the merchant with their own card.
The reason was all the banks and mobile networks wanted a piece of the action, so we had various competing proposals that worked on some networks with some card issuers on some phones. And unsurprisingly there was no consumer take up.
After the banks and networks realized they couldn't do this, the ground was open for Apple to take advantage.
Though in the US, I'm required by law to carry my driver's license and therefore my wallet goes with me every time I drive. If I was in the UK, I don't need my driver's license (since I'm old enough that no one IDs me anymore). I could just grab my phone before going out and have one less thing to carry.
Actually, I welcome the Apple move into payments, by keeping the transaction between you and your card issuer. With Google's wallet, if I make a purchase it goes through Google. Therefore I don't get the 5% cashback my card issuer will give me for shopping in a grocery store/petrol station/chemist etc.
If I was still receiving my cashback, I'd use my phone for any transaction I could, since it's easier to pull out my pocket then getting my wallet, opening it and pulling out the correct card.
The Burnistoun sketch is hilarious and was the first thing I thought of when Google launched the speech recognition. Thankfully it has few of these problems, unlike most the commercial speech recognition implementations I encounter when phoning companies in the US. That's all the more remarkable given the much broader range of speech Google is required to detect.
What is really nice is the contextual correction, so if you speak a street name that sounds like, say Grand St. but then say in Nashville TN which only has a Grant St., Google will spot that and correct it to Grant St. automagically. (The example is made up, but I've seen it do this many times).
Obviously it's up to you whether or not you speak to Google, though if you ever call me and I don't answer, don't bother leaving a message. Google Voice will be recording and transcribing it for me.
I use it all the time too. My kid asks a question that you'd normally look up with a search - how much does a blue whale eat in a day, how many rooms are in Buckingham Palace, etc.? Or I'm in the car and need to send a text message, or make a call or navigate somewhere new. All of these I can do quickly and reliably without touching my phone. And all that with a Scottish accent, it's pretty remarkable.
Spend per device is a useful measure, but only to a degree. Popularity can change quickly - just ask anyone over at RIM/Blackberry.
If iPhone popularity were to fall significantly, and it would have to be a huge drop, then they'll start to lose app makers who will inevitably go where the money is.
Another problem Apple face is that, as phones become more feature filled as standard, the need for apps that are only available in the iOS ecosystem begins to fall. As that happens, so too does the extent of Apple's vendor lock-in that comes from customers not wanting to lose all their purchases.
I'm not predicting the demise of Apple, only pointing out that they will need to keep finding ways that allow customers to justify the price premium
Browser's hoot when they see a new self signed certificate because there's no trust involved. Anyone could have made that certificate. If you rely solely upon such a certificate, anyone could perform a MITM attack, and your encryption is now worthless.
If you don't want the browser to spit fire when it sees such a cert, install the certificate on the client. If you can't install the certificate, the only way to obtain a benefit from a self-signed certificate is to have the end-user actually view the certificate details and confirm the fingerprint matches one which has been securely transmitted to them. And that's a whole lot of hassle to save a few dollars.
Just how many wildcard domains would you need? They're less than $100 a piece.
If you're running a business setup that requires multiple domains and a content delivery network for your customer facing side of things, I'd be pretty surprised to learn that you don't already have certificate management in place. Crikey, when I managed the business side of such things, I had every site SSL accessible a decade ago.
If your contractors cannot manage SSL configuration, you need new and competent contractors. This stuff isn't rocket science.
Presumably you don't need a high google ranking. Otherwise, when an SSL cert is available for around $10/year it's a bit of a no brainer.
Encouraging the use of self-signed certificates is never going to happen. On a public facing website, their use only encourages users to blindly click through security warnings. Their only appropriate place would be where you have control over all the client devices so you can install your own certificate authority.
The licensing cost is likely trivial compared to the cost of developing a quality alternate codec that will have hardware decode/encode support that's necessary for decent scaling. But, if you really want to avoid the costs of licensing something that's been tried and tested, use speex which can work at similar bitrates.
I remain skeptical of any need or benefit from developing a proprietary codec.
Why would you spend money developing a proprietary compression technology that carries voice in 11 kbps when g.729 runs at 8kbps and with extensions can get to 6.4kbps?
Either way, on 2G data this isn't happening. With consistent bandwidth g.729 is good enough, but on 2G mobile data latency and jitter will be big issues. Combine that with the ever decreasing cost of just making a call from your phone and there's no incentive.
In most the world, the cost of mobile calls are declining or being bundled as unlimited packages, whereas data is becoming more restricted. That reflects usage. If, in areas where calls are still pricy, there is any sudden shift to VOIP, carriers will just change their pricing structure.
At least for the 900MHz block, and I think also for the 1800 block, operators had population coverage requirements to meet. So they paid for the allocation in terms of rolling out masts.
If only the government had adopted that stance with 3G and 4G and these small islands would have close to 100% geographic coverage with high speed mobile connections. That would have a potential to drive real economic growth. Instead the government just went for a quick pay day that has only hindered deployment. Now they seek to repeat the mistake.
Seems hugely unlikely. I check permissions before installing any app, and don't recall any unusual ones asking for read/send SMS permission. So I dig around and find the actual source for the article: http://research.zscaler.com/2014/07/and-mice-will-play-app-stores-and.html
And sure enough, of the 75k apps, 7% ask for SMS permissions, or 5,250 of the 75,000 tested.
68% of apps with SMS permissions have the ability to send, so 68% of 7% is 4.76% of apps, from the 75,000 tested, can send text messages.
Whenever my discount ends I go through the 20 minute call saying match what you gave me or just cancel the service.
You mean now they're going to answer with 'okay, we've turned of your interwebs' rather than offering me a discount on my bill?
Create new document, add some random text
File -> Email as attachment
Set filetype to plain text
There, you just created a plain text version using the Google Docs web interface.
As for the backup being with Google, rather than on my computer, I'm pretty confident that Google have better backup processes in place than I'll ever manage at home. They've previously shown that even gmail gets backed up to tape.
On most modern phones, a clear rear cover is really only going to show you the battery, since it takes up the vast bulk of space behind the rear cover. That's probably a big part of why, when Google/LG and Apple made phones with glass backs, they chose not to show the phone's innards.
The problem is that if all the publishers act together then they'll breach competition rules. If one independently decided to boycott and others independently chose to follow that might be okay, but they'd likely be in big trouble if they acted as a group.
Still, there are other outlets for their books on both sides of the Atlantic, be it Barnes and Noble in the US or Waterstones in the UK. I'm sure either would happily take the business if one or more publishers wanted to abandon Amazon.
God help us.
I imagine streaming a Chrome tab is the least most common use for the Chromecast. A great many more users will be using it as a way to get Netflix, Plex, HBO etc onto their big TV while controlling things from their phone.
This is where Chromecast comes into its own, because it streams directly from the server, rather than through your mobile device as in Apple's AirPlay.
An adult head weighs over ten pounds. About five kilos in new money.
Moving your head a lot is typically uncomfortable. Try tilting your head and keeping it at an angle for a minute. To me at least, this user interface sounds exhausting at best, and downright painful at worst.
I really can't think of a worse way to navigate a phone than moving my head.
They could take lessons from Google. My Moto X responds to voice commands. It also recognizes if I'm giving them and ignores them if it's my wife speaking.
I have to guess you've never used it. It takes me far longer to open my wallet and get out my card than it does to pull out my phone and tap the back against the terminal. So it's faster, not slower.
Using Google Wallet I pay exactly the same. My only disadvantage is I get fewer rewards from my credit card company - I'd normally get about 5% cash back in a supermarket and that's cut to 1% as a general transaction through Google Wallet. If I was using a debit card rather than credit card with rewards, there'd be no difference whatsoever.
Certainly it's unnecessary, but so to are debit and credit cards. Indeed we could all return to paying by lumps of gold. But, truth be told, I have a wallet full of bank cards and store cards. I carry my phone with me, so it's necessary. With widespread NFC acceptance, the wallet is not.
If it were to be a big problem, the solution is for Ofcom to hold the carrier responsible for the CLID. They should trust peers to send a genuine CLID and where there is no trust, refuse to set one.
Telemarketers can then be blocked by CLID, calls with no CLID can be dumped straight to voicemail and abuse can be traced.
Reputable VOIP providers will require proof of ownership of the number before it's available as a presentation number. Non-reputable ones will find no-one sees the CLID they set and they'll lose customers.
Restoring from an actual backup would limit the inconvenience to about three or four minutes. It's a shame Google, in their drive to get us all relying on the cloud, haven't actually integrated a proper backup tool within Android.
I'd love my phone to recognize it's at home and it's the middle of the night and to then start making a backup of itself to my NAS.
I have to wonder if the author has driven in the US? In the UK, you can anticipate the green light because it has a preceding red + amber light. In the US, the light switches immediately from red to green. Drivers of the mostly automatic cars then have to switch from brake to accelerator - no sitting with the clutch depressed, other foot on the accelerator and a hand on the handbrake for a quick getaway.
The highway code assumes about 0.7 seconds reaction time. I'm going to guess the computer driven car will have a much smoother departure from stationary than your typical driver too, so I doubt there would be any particularly noticeable delay from other road user's perspective.
Sure there are plenty of wide and straight roads, but - as someone who has driven on both sides of the Atlantic - the idea that all US roads are like this is tosh. Even San Francisco which has a nice grid system, also has hills and windy roads. Head east and you hit a mountain range.
As for everyone driving at the same speed with cruise control, it's no different to the UK. Sure if you're on the interstate/motorway you can probably use cruise control for lengthy periods, but then you'll hit a lorry passing another lorry with both lanes suddenly slowing from 80mh to 45mph in the blink of an eye. Then the two lorries - non speed limited - will reach the top of the hill and accelerate to 80mph on the descent before repeating.
Now the Google Car might not be prime time ready yet, but anyone who thinks UK roads are somehow special and that UK drivers somehow excel over and above all others is the type of person still buying stock in buggy whip manufacturers.
Do you really believe this? If so, I cannot imagine why.
My gmail account has been made available to numerous companies. I see almost no spam, only a steady trickle of adverts that Google dumps into their own folder automagically.
On my own server, an email account that's about fifteen years old and which has been widely used also sees little spam, thanks to spamassassin, RBLs, and some postfix rules.
If anything, modern anti-spam techniques mean my inbox is cleaner today than it was ten years ago.