Posts by RyokuMas 1913 publicly visible posts • joined 29 Oct 2009
... and besides, there are no real world instances of Android viruses actually out there in the wild - it's all just FUD and an attempt to smear Google, right?
I had a number of NHS clients in my first role, all of whom had their... let's say "eccentricities", for politeness' sake. But the one that springs to mind in this case were very twitchy and, apparently, had an aversion to reading...
So we've installed an update to their system, and a couple of days later they call us saying that they are getting this "weird error message", can we please come and take a look. I say "okay, well can you tell me the actual message you're seeing - chances are we can fix this over the phone". No go - they weren't at their desk so they didn't have the exact message, can someone please come out...
This exchange goes on for a while before my boss intervened, booked me into a hotel and told me to go take a look. So I have my night away (hotel was very nice, would have been great if not for the fucking seagull outside my window waking me up all night), and got on site the following morning.
And the error message?
"This report needs to make a complete scan of your archived data, and may require some time to run. Do you wish to proceed?"
Been thinking about this for a while - albeit as a solution to the ongoing issue of monetization and microtransactions in games: a big pop-up on load which informs in order to play, you will need to give [n] percent of your spare CPU up to crypto-mining, and options to increase this percentage for a given time in order to purchase in-game items - otherwise the game costs nothing.
"Beer went public after Apple worked out a fix for the kernel memory corruption bug."
"Worked out" - did he give them time to test it?
Of course, there is then the question of which would be the more damaging - a knee-jerk rush to push out a fix that is potentially under-tested and/or carrying further bugs, or taking the time to make sure that said fix is good but leaving the vulnerability open for a period of time?
But once again, this is Google deciding to dictate the rules with their usual "disguise attacking the competition behind a mask of altruism" approach. And, judging from the comments appearing with increasing frequency on here, the scales are slowly beginning to fall from people's eyes...
"Pretty much everyone I know has an android phone, and absolutely no problems at all."
Pretty much everyone I knew back in the late 90s/early 2000s had a windows PC. Sure we had all heard of these viruses that could exploit vulnerabilities, but everyone we knew had had absolutely no problems at all.
Then one day, one poor unfortunate soul we knew of managed to infect his works' systems with the Sircam worm...
So go ahead - keep on drinking that Google kool-aid, with you hands over you ears, your eyes shut and screaming "la la la, everything's ok"... I guarantee you that sooner or later, everything will end up not being okay, and your blase attitude will come back to bite you on the arse - unless, of course, the one here actually spreading the FUD (or rather, sowing the seeds of ignorance) is yourself.
After 20+ years in programming for desktop, web and mobile, I would have to disagree: 90% of the time, poorly written code is down to the manager who invariably wants the moon on a stick, delivered yesterday, and is unwilling to put time aside for rebuilds of legacy applications, refactoring, maintenance, etc.
"Fast, cheap, right - pick the two ways you want us to do this"...
So Google is looking to pull Youtube access from Amazon... this sounds hauntingly familiar...
A prime example of why Google needs to be broken up; product tying is an anti-competitive practice and is illegal in US law, with precedent already having been set against both Apple and Microsoft - but Google as they currently stand certainly have the legal and lobbying leverage to at least keep this tied up for years to come, if not completely overturn it.
... because anyone who cares about privacy is clearly not a good little consumer, ready to whore themselves at the altar of their corporate overlords... right?
So Google are going to block third party code in Chrome "to cut down on stability issues"... in other words, the usual "we're doing this for your benefit" bullshit we have come to associate with Google.
... meantime, you have black-hatters <a href="https://www.theregister.co.uk/2017/11/22/cryptojackers_google_tag_manager_coin_hive/>using Google tag manager to mine crypto-currency</a>.
Hence the use of the word "bullshit", above. It's so obvious that all Google care about these days is their bottom line that even their cheerleaders on here seem more and more reluctant to defend them - lots of downvotes, sure, but no attempts at a counter-argument (save for the odd AC attempt).
I can only hope that once the dust settles from the anti-trust cases (which cannot come soon enough), that people, and especially anyone in the IT arena learns from this and we do not get another repeat of what has happened over the past 20 or so years between Google and Microsoft...
This is probably going to get me downvoted to hell, but I just want to explore the idea...
We're all sick of adverts on our websites. We all hate ads and the free-to-play model in our mobile apps and games. But the fact remains that devs, hosting, content providers and all the other resources do need to be paid for, which leads us to where we are now.
What if on a website, alongside the "this site drops cookies" message, there is another notification, something like "this site needs to pay its way, so rather than put up a paywall or bombard you with ads, 10% of your processing power will be used to mine crypto - using the site means you agree to this". Or a similar message on the start screen of an app, with the possibility of increasing CPU allocation used for mining in place of currency-based in-app purchases.
What if someone tried to use this as a legitimate business model? Rather than having to hide behind pop-under windows, be up-front and say "hey, we're doing this so you don't have to pay or deal with crappy ads!"
Colour me curious...
Please, please, please make branded smartwatches using our OS... you'll be able to tell where your customers are at any time - sounds good, doesn't it?
"You can't pin that on Google."
Okay, so who administers Project Zero? Who decided on the 90 day deadline? Who arbitrarily went public despite the fact that Microsoft were in the process of testing the a patch?
Here's your smoking gun. Once again, Google making up the rules in order to try and attack the competition under the guise of altruism.
"... and in time the truth will become eroded to the point at which people may start to believe... "
Like people bought into the whole "Don't be evil" lie, eh? Or is this the same kind of positive contribution as Google pointing out flaws in Microsoft's products instead of getting their own house in order.
Keep drinking that kool-aid...
Yes.
I have just been involved with a project in which the client required me to get their website up on a number of new environments, each comprising of a back-end edit server and a number of content delivery servers. So far, I have encountered the following problems:
- Wrong .NET version
- Missing IIS HTTP modules
- Ports not open
- Missing Windows features/components
- Servers turning out to be completely dead
- Missing access rights
... across various servers. In fact, I would go so far as to say that no two servers are exactly alike. Not exactly confidence-inspiring when it comes to deployment and testing...
"Why now?" - because Google have become arrogant, put their bottom line above consideration for their users, and are now realising that people are beginning to see through the altruistic spin ("we're filtering this content for your benefit!") to what they really are. It has happened before, and will happen again.
And, as with others before them, they are now trying to figure out what to do about it - and following pretty much the same path: get the cheerleaders out, attack the competition, try and take greater control or clamp down where they think they can and hope to weather the storm.
The sad thing is, I can see that in about twenty or so years time, we will be doing this exact same dance again, except with Google in the position of someone like Microsoft, and "the next big thing" in their place...
"Pretending it's the new Windows is just idiotic"
I could go over the whole thing about how people obtain apps and how Google police (or fail to) the Play store, but it's obvious where your loyalties lie...
... so keep drinking that kool-aid, sticking your fingers in your ears and singing "La la la not listening!"
"Android security problems are pretty much non existent.."
In 2003, the vast majority of applications installed (legitimately) on a Windows PC were still installed from physical media. The "internet" was still a relatively new territory, and Microsoft - in their usual style - were completely wrong-footed when it came to the challenges that this might bring, namely the ability to piggy-back viruses and other nasties onto the back of emails, attachments etc that could then propagate themselves across networks and via email by plundering address books.
Fast-forward to 2017, and the benefit of over a decade of experience. Android was built with a connected world in mind, and as a result is fundamentally more secure to the attack vectors that plagued early 2000s Windows PCs. However, if you want to install any software on Android, your options are either to get it from the Play store, or turn on sideloading capabilities and download it from another source. This latter option is considered risky, to the point where the argument has been posed to remove the ability. And the former option? Well,
In short, the attack targets have moved on in accordance with direction technology has taken, based on profit and easy of access - and considering that it costs a mere $25 to submit as many apps as you want to the store of the highest-market-share mobile OS, coupled with said store's front-line policing being purely algorithmic, it is not surprising that, to quote, "It's 2017 and you can still pwn Android gear with [insert attack vector here]".
Security is, and always will be, a consistent predator-prey type chase - and anyone who claims that a system's security problems "are pretty much non existent" is either using something that is completely disconnected from everything, or has drunk the cool-aid of their vendor of choice.
A Cease and Desist solution would mean that results from bona fide vertical search companies would appear in the search results. Foundem says Google is lobbying furiously to avoid this.
If what Foundem claim is true, then this proves beyond any doubt that Google has abandoned all pretences of being about providing the best search results in favour of showing what they want us to see ie: what will make them the most money.
... round we go again. Let's just hope that the courts have enough power and sense to stamp on this and bring Google to heel.
... the biz is still refusing to accept its responsibilities and obligations as a de facto publisher.
That's because Google is, was and always will be an advertising company. It doesn't care if what it shows is factually accurate, as long as it generates clicks that can be tracked and/or earn revenue.
The problem we now face is what can be done about this. Google's potential to control information is on a level where they can effectively ignore this responsibility, should they so desire - between lobbying power, friends in the right places and a legal team that can tie process up in knots for years, it will take someone with a huge level of clout - as in EU or US government - to bring them back under control.
"We know you have a beef with Google because, for you, IOS users are much more profitable.""
And therein lies the crunch - the assumption that because I have posted something against Android, I am by default an iOS user (an "entitled fanboi").
I have a beef with anyone who abuses a position of power for their own gain at the expense of the masses. If an article raises how Apple have done something stupid, for their own gain at the expense of their users, or out of sheer hubris, I'll slate Apple. Same with Microsoft, or anyone else.
Right now (and I'll be the first to admit it) Google are getting the lions share of such comments from me - simply because by their position as the defacto search provider, they have an unprecedented level of power over how people use their computers. Google put a link on their results page with wording "A faster way to browse the web" - and all of a sudden, their Chrome browser is #1 - coincidence? An entire industry - SEO - has grown up based on trying to make web pages more appealing to Google; similarly, there are divisions and dedicated agencies with SEO's mobile counterpart (user acquisition) dedicated to making things as favourable as possible to Play services.
At the same time, Google is trying to get us all to use their own proprietary extension of markup on webpages, having already effectively taken over what was originally an open source mobile operating system by closely coupling their services with it. And all the time, they are acting with more hubris ("don't be evil" is long gone) and trying to hide behind a mask of benevolence.
Of course, if you are happy going round the same cycle with Google as we did with Microsoft about 15-20 years ago - or worse, reaching a state where Google is actively controlling the content you see and thereby influencing the actions you take (remember - Chrome is now the #1 browser), then that's your bag.
(Ironically, upon trying to submit this, I was asked to complete a Capcha - the first time I have seen it on El Reg. You know, the one that by clicking the checkbox, you agree to a bunch of Google's T&Cs...)
Ah, the ad hominem approach - first resort of those without a decent counter argument.
I never said anyone doesn't have the right to use the internet - even Donald Trump has the right to use the internet, more's the pity.
And I'm pretty sure Google does do lots of testing to make sure that approvedappropriate content is served for each region.
But say you were running a business and had the option of focusing your marketing effort either on individuals with a disposable income of (say) £100/month, or £1000/month (hypothetical figures to make a point here) - which would you choose to put the most effort into?
"... but curiously Google has revived it, not for sub-$100 phones, but for mid-rangers in mature markets, like the HTC U11 Life, announced today..."
Makes perfect sense if you think about it - Google is first and foremost an advertising company, whose goal is to get you to buy stuff. If you're looking at the market that's buying landfill Android, the chances are that they won't have too much disposable cash to spend on the stuff that's being advertised.
Much more sensible to try and track/control an audience that is in a position to respond to those efforts.
AMP is basically the first step on the slippery slope that leads from SEO to content control. Now not only do you have to have all the Google-approved tags and trackers on your page in order to hit those the top spots on the results page (the only ones that 90-odd percent bother with), but now on mobile, you have to present your content in the way Google want, using their proprietary, non-standard markup.
Meantime you also have Google trying to dictate what ads you can and cannot see - again, another step on that slippery slope towards controlling and censoring what we can and can't see on the internet.
"building, releasing, and maintaining native apps for both iOS and Android"
iOS users like their apps to looks like iOS apps. Android users like their apps to look like Android apps.
A web app is usually some nasty frankenstein thing that looks like neither and often requires a degree of "wtf?" to work out the differences between how it works and the native functionality of the device. And that's before needing some always-on connectivity.
Of course Google want us all using web apps instead of native - a few extra lines of javascript (the lack of which will probably have a negative impact on the web-app's discoverability) and presto! They can track the end user's every activity.
And as for separate native apps for each OS - have cross platform development tools been conveniently overlooked, or are we still in the dark ages here?
"... while outdoing them in terms of discovery and distribution"
... provided you bend over and take it from Google in order to feature anywhere near the top of their search rankings. Which probably involves adding their tracking and tagging, and hell, their proprietary, non-standard extension to the base set of HTML.
Because those who do not remember the past are doomed to repeat it.
As with Microsoft around 20 years ago, Google has achieved a massive land-grab in an area that has grown to an essential part of how we use computers - they are now using this position to try and leverage control is as many areas as possible, including astroturfing, FUD-spreading and all the other dubious tactics that we saw the best part of two decades ago.
The worrying part in this is that where Microsoft looked to control our PCs and the applications we ran, Google is wants to control the flow of information both too and from us - to know as much as possible about who we are and what we do, and let us see what they want us to see. I can see a time coming when nobody dare oppose Google, lest information on any of their past misdemeanours suddenly rise to prominence on web search results - or possibly a more public airing of their dirty laundry, as Google and Microsoft are currently doing to each other.
So yes, you have those that actively support Google (for whatever motivation), and another group who are just simply repeating history.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
