> ...after taking into consideration the information that you have provided, we have confirmed that we are unable to reinstate your publisher account.
I hate when using euphemism slides into flat out lying like this. They are not "unable" to reinstate the account, in fact they are the only party able to reinstate the account, that's why the account holder was contacting them instead of someone else. They are "unwilling" to reinstate the account.
I know it's all just bullshit but it bothers me anyway.
It's not lying because there is some implicit information in the "we are unable" statement. What is implied in statements like this is that they're unable due to their policies.
If not for implications like this, almost every single use of "unable" (or "can't", for that matter) ever in a sentence would be "lying" unless something is against the laws of physics.
I disagree. If you buy a product from me with 30 day warranty and it breaks on day 31 and you contact me, I will not give you a refund because: a) I haven't agreed to do so b) I'm not bound to do so c) I don't think it's warranted in this case.
But I'm not "unable" to issue a refund.
In another case I may say "hm it's out of warranty but you know what, it really shouldn't have broken like that and you're a good customer, so I'll give a refund anyway." I can do that because I am able to issue a refund.
As for their policy, they are both the authors and interpreters of their own policy, so the "my hands are tied" argument is pure BS. If they are unable to reinstate accounts, why do they have an appeals process at all?
These are all examples where someone clearly could for physical reasons, but they can't for other reasons they are bound to, whatever these reasons are.
If Google chose to use the "uncowardly" wording, I'm sure someone would just post saying Google is arrogant and cocky bastard. No matter what someone will find some point to complain. Human nature.
"People will criticize no matter what you do" is a great line. It gets used a lot - not so much here, I've noticed. Probably because it doesn't address the particulars of any criticism, and instead provides a nihilistic view of the world where "real improvement" is impossible.
"We're unable to" shifts responsibility to something vague, unspecific. It's like the "run around" only with this phrase you've been redirected to /dev/null. I'm glad the OP said something.
It's shifting the blame to you - something in their policies prevents them from reinstating your account without allowing you to break the contract. There's no ulterior motive, it's simply the best wording for saying that you still violate some policy.
The original email is context for the review rejection email by saying
> In your case, we have detected invalid traffic or activity on your account
The rejection email isn't isolated, so when it says "unable" it's conveying the implied message "unable to reinstate your publisher account <without bending the rules because we think our ad fraud detection systems were correct>".
Well, that is, strictly speaking, a false statement. I agree the discussion has been civil; but consider that the support to Google's position requires adding phrases to their statement which fundamentally change the statements meaning.
I'm not sure what it's called, something like the opposite of a strawman attack. It is indeed simple to defend a statement when you give yourself permission to rewrite it in a post hoc fashion. It's an argument I find uncompelling, no matter how civilly it's presented.
> The only takeaway is that there is no obviously correct wording for google to make when wielding the banhammer.
This is true on kh because ‘correct’ is both a relative term and a black and white one, which doesn’t apply to the situation we are discussing. You have to decide what you value, and perfection is not an option, so there is indeed no ‘correct’ wording, but that doesn’t mean there aren’t better wordings, nor does it make the one they chose ok.
It seems to me that there are many ways Google could be more honest and less opaque.
It seems like quite a few people here (myself included) value those traits and would like to see Google adopt them.
That won’t immunize them from criticism or make everyone agree with their judgements, but it would still be better.
Here, I think the concern is that the alternative wordings considered/proposed are possibly open to just as much criticism and negative readings as the original. That is, others consider it difficult to improve here.
If it's based on a real policy that can be verified by others, then there is no ambiguity here. "We reviewed your case, and based on our policy, we cannot reinstate your account. Because if we did, we'd be the ones violating our policy, and someone -including you- could then actually sue us for unfair business practices, rather than merely complaining about overly restrictive policies that are blindly enforced through a system that is hard to penetrate".
No lying, no ambiguity. They can't reinstate this account.
Should they change their policy so that after that change, they can? Maybe, but good luck getting them to.
They can certainly change it, thus changing what they can do, in the future, but they can't make exceptions. A policy, written down, becomes a contract as far as the law's concerned. Contract changes are fine (provided all parties involved are then allowed to cancel the contract), but contract violation is not.
There are plenty of policies that state that they may be changed by one side or that exceptions may be made in cases where the wording doesn’t cover the intent.
Pretty sure if you file the proper paperwork with google's legal department, you can get a copy of the exact text in question. The downside of business in the US: companies are by law required to make documents available on request, but they are in no way required to make that easy.
Getting the text of the policy isn't the whole issue. As you pointed out both the policy and method of verification need to exist, or there is ambiguity.
Given the information in the article, you can't verify any of the traffic or actions that were supposed to break policy. After all Google wrote, "We understand that you may want to know more about the issues that we’ve detected. Because this information could be used to circumvent our proprietary detection system, we’re unable to provide our publishers with information about specific account activity."
"We understand that you may want to know more about the crimes that we’ve detected. Because this information could be used to circumvent our proprietary policing system, we’re unable to provide defendants with information about alleged criminal activity."
And yet no one, including people in this thread who are claiming that the intent of Google's wording is to deceive, are actually the slightest bit unclear about what Google means.
It isn't about wanting to deceive, it is about their seemingly unwillingness to admit; these are related, but not at all the same. It is the same kind of semantic difference people think is really important when discussing scenarios like "you didn't misplace my item on accident, you discarded it on purpose and we both know that: I want to hear you say it out loud".
But, as others have mentioned, it's extremely standard to use phrasing like "can't do that" and "unable to do that" like this. It's simply not reasonable to interpret this messaging as intended to claim that it's physically impossible to do the thing. I totally understand being upset with Google's policy and decision here, but this particular criticism about the wording they used is simply disingenuous.
We all know what it means because we are familiar with numerous other cases of such dissembling. That does not make it any less dishonest; it just means they are members of a big, dishonest club.
It is not how everyone uses language. I do not use language that way. If you used language that way, you would be dishonest. It is how dishonest corporations use language.
That we are aware they are dishonest does not make them less so.
It’s not dishonest because it is language used with a certain intended meaning and that intended meaning is clear to everyone including the people complaining about it. That’s precisely what normal, honest usage of language is: you have an intended meaning and you effectively convey the intended meaning.
Brazen lying does convey an intended meaning; an action that speaks louder than words, it always conveys the same meaning: "You're a fucking peasant who has to take what you get."
Sometimes that's true. Most times they hope you will believe it's true. Many people have been trained to believe it, true or not.
A business concerned you may take your custom elsewhere will not insult you this way. It is the mark of a monopolist or a crook.
I will make a point of remembering your relationship with truth.
And deliberately so, to defuse the situation and not anger the customer further. The "we are" is of the same origin. It creates the assumption that the customer is dealing with "some Google team" that made the decision, when in fact it was one person or even just a stupid algorithm.
There's an important distinction between externally and internally imposed restrictions. (In the case of killing, hopefully both restrictions are in play.)
The language is intentionally deflecting responsibility by obscuring the source of the restriction. They're trying to reduce argument by giving the impression responsibility exists in some other unidentified channel.
Yes, but without those reasons these are just ambiguous unprovable statements.
Without reasoning we cannot tell if the auxiliary verb is even correct.
“I can’t eat meat anymore because it’s illegal”, really should read “I shouldn’t eat meat anymore” as although it’s a bad idea you’re still physically capable of eating meat.
I think the issue we’re talking about is ambiguity, and this really just emphasises the point.
It isn't really lying from a personal perspective either. The "person" writing the response is unable to reinstate the account as a matter of policy, which is a valid reason forbidding something in a civilized society. Likewise, by matter of a different policy the author is unable to comment on the specifics of the suspension.
It could be as simple as "Google management reviewed this app and decided it cuts into the bottom line of some service offered by Google." If the low-level person writing emails is aware of this fact then it would be reasonable to understand why they are unable to share the true motivation for suspension. What is more likely is the low level email writer looks up the account and the reason for suspension listed is, verbatim "Ad fraud - <3 Mgmgt." Then the low-level person would not be stretching the truth at all when they say they are unable to reinstate the account and are unable to provide more information.
> It isn't really lying from a personal perspective either. The "person" writing the response
I agree that the person writing isn't lying, but the language is deflecting responsibility away from management choices. The clearest wording from the prospective of the writer would be "I am unable because we are unwilling...".
I agree with those who feel it's important to keep a distinction between externally imposed limitations and internally imposed limitations.
They are speaking on behalf of Google. So what is effectively said is "Google is unable to ..." which is clearly BS.
I mean it is like "I'm unable to return the money [as it would be against my policy to do so]".
Though it is even worse than that as Google wouldn't even say which policy was violated. Full Kafka. The fact that people still put up with this is a clear evidence of Google's monopoly position.
This is like being pedantic about usage of the word "literally"...
Just because this usage of "unable" doesn't match your strict personal definition doesn't mean they are wrong. People generally agree and understand what "unable" means in this context, so you're kinda SOL.
You make valid points. I believe the contradiction here lies in the exact context. The individual shop employee might be "unable" to issue a refund, due to the policy set in place by the managers of the shop. The shop as a whole is certainly able to change the policy and provide refund (unless it is out of money, of course). The individual --- phrasing the message --- might be accurate. But the customer is not interested whether the person in front of him is able to issue the refund. He is usually interested in getting the refund from the shop as a whole.
Similar arguments apply to the Google store the person or more likely the software system that composed that email might be unable to reinstate the account, but Google most definitely is. But Google is merely unwilling to do so.
If I were to ask you if I could get a refund for an item out of warranty, what language would you use to refuse me? I'm struggling to come up with a response that doesn't use the terms "unable" or "can't" that wouldn't come across as fairly rude.
You would be lying - and people will call you out on this, because they will find out that you have in fact issued refunds for products with expired warranties.
They could write "We generally do not issue refunds for items outside of warranty" and they're back to the statement being just one level more vague, and thus more true.
But in reality, both of those mean the same thing. Writing "We don't issue refunds outside of warranty periods" has an understood "excluding exceptional circumstances". Everyone knows it's there. Only people who are pedantic to the point of uselessness will argue about this, and you'll find out that the courts generally have little sympathy for that.
All human languages so far are inexact. Math is probably the most exact language we've invented for communicating ideas, but languages that the general public knows are all inexact.
If the correct thing is communicated unambiguously, that's already a success, even if a pedantic person can say "I know you mean that you don't 'generally' do it, so the absolute there is a lie", the fact that the pedant can point it out means they absolutely understood what was being conveyed correctly.
This level of semantics is indeed pointless - to clarify, your comment supports both what you wrote and Google's use of the "unable" wording in their response; they are unable to reinstate your account <without introducing liability to lawsuits regarding unfair business practices> <and except in exceptional circumstances>.
The person responding at a big corporation is often unable to, for practical purposes as a result of policies other than in exceptional circumstances.
When you write in and ask them, please steal a million dollars and give it to me, while they might be able to figure out a way to steal and give it to you, for policy and job performance reasons they are unable to. They say - "I'm unable to do that for you". Who cares if they somehow could - we all understand they have chosen not to.
We are unable to reinstate your account = person responding does not have policy authority to reinstate your account and the exceptional circumstance was not identified.
That feeling is specifically because we all know that depersonalizing and speaking passively 'softens' the blow.
"As your product is out of warranty we will not be issuing a refund."
Sounds rude, right? Because it draws attention to the fact that the decision is, at some level, completely arbitrary. But if you have your left hand write the policy and your right hand enforce it then you can say.
"I'm sorry but I'm unable to issue a refund because your product is out of warranty."
Makes it sound like that's just how the world works, doesn't it? And you come away feeling like "aww man they can't" instead of "they won't, money grubbing assholes." Customer service is, at its core, about managing emotions and often delivering bad news in a way that preserves the company's image.
> Unfortunately the warranty on your product has expired and we do not issue refunds for products outside the warranty period.
If you pressed me I would admit that yes, in some exceptional cases we issue refunds for products outside of warranty but we're not doing so in this case because [whatever, the product broken due to misuse, etc.].
To say I am not issuing a refund or that I do not issue refunds on out-of-warranty is truthful or reasonably so. It's perfectly possible to communicate that without being rude or claiming to be "unable."
A pet peeve of mine is the deferral and personification of "policy". Policy is just your opinion that you happen to have written down in the past. It holds no power over you, you write the policy! It's not like the US law, which while also just words on paper, is enforced (and often chosen by) other people over you. Me deferring to the law (vs. my own opinion) has meaning because they can be different. The way we really know this is that we repeatedly see policy broken all the time -- again, because it's just a pretend separate agent, not an actual entity that wields power over you. It does in fact ultimately just serve to disguise an active action as a passive one "Oh, I checked the book of rules (that I wrote) and it said I can't let you do that. Shucks. Man, that book, its a tough negotiator. Nothing we can do I'm afraid." I think it is their right to write the rules, but just own up to it. Say "we aren't doing it because we don't want to," that's the truth, because if they did want to, they would, regardless of the "policy".
The "policy" is indeed the law, in the form of a contract - you or Google breaking that contract could mean you end up in a civil lawsuit that would cost you tens or hundreds of thousands of dollars assuming it isn't frivolous. Instead of actually taking everyone to court and scaring off developers, they simply give themselves the option to terminate the contract if you break it instead of going to court.
The thing is that they can't bend the policy for certain players without being sued for unfair business practices/anti-competitive behavior, which is why Google has to enforce it on everyone if they want to enforce it on anyone.
Plenty of companies get sweetheart deals from Google and Apple. Your contract has no bearing on another company’s. That’s why I can’t sue Apple for giving Netflix and Amazon a more favorable deal than 30%. It’s also why I can’t sue Target for making an exception and letting someone else return something one day later than their return policy explicitly allows but not doing that for me. Furthermore, most contracts you sign (click) with Google and such usually have a catch-all clause that says everything is up to their discretion and they can change their minds on most of these subjective judgement calls.
You're right, but I think you're not doing justice to the OP's complaint.
You're right that this isn't solely a faceless corporate thing. People say "I can't" when "I won't" for the same reasons Google did. We even ask "can you watch my kids?" Again, the same reasons drive the language. It lets a false but face-saving implication stand: You will pick up my kids if you can and if you won't than I'll assume you couldn't.
We also "ask" our employees or waitresses to do things, even though it's technically an order.
All this is good and fine. Language is supposed to embed cultural niceties that speak to our values and smooth relations between people.
The Orwellian shit comes in when it comes in. These cross from figures of speech into euphemization and the Orwellian point is that these things run deep. A bank manager is literally unaware of where her own prerogatives, organisational norms, hard corporate policies and regulatory rules begin and end. They are constantly implying (and thinking) that whatever is annoying/abusing their customers is not because of them. Usually it is.
Is "can you watch my kids?" really the same as "are you able to watch my kids?" or an idiom in which "can" does not have precisely its stand-alone meaning?
Well... I don't think you can nail down language, especially idiomatic phrases, to that level of specificity.
"Can you X" literally/etymologically means "are you able." If you were to translate, you'd translate to "will you." I don't think the etymology is coincidence, or lost on an average speaker. "Can you" feels softer and more polite. It reflects something about how people want to interact with each other. You have to leave work early because your mom "couldn't" watch your kids, not because she refused to.
Incidentally, in Ireland we do say "will you," "would you" and "are you able to" more commonly than "can you," which sounds slightly american/international to my ear. Oddly (or not), "will you" is (IMO, locally) more informal. You'd say it to friends, when making trivial (pass the salt) requests. "Would you not" is also (I think) an irish choice of words. It's used to make suggestions, rather than requests.
These things don't bother us until/unless they're coopted into a different context, and used tactically. Going back to the original point about corporate-drone speak.... The "can't" vs "won't" language is used in the first person to obscure responsibility. I didn't call it Orwellian because it's evil or onerous. I called it Orwellian because it affects culture/thought deeply. The language helps maintain an impenetrable ambiguity, implying that every contentious decision is actually not a decision. It's dictated by regulators, or at least by "corporate."
Also, in context... it's an (passive?) aggressive way to cut off a conversation. The equivalent of "Good day Sir!"
You aren’t wrong, but (taking the corporate entity in question as a monolith, which is fair from the outside) “unwilling” is a much more honest word choice in cases like this since it clearly communicates that there was a real practical decision that could feasibly have gone either way. “Unable” lines up better with things that are infeasible, e.g. Apple can’t recover the data on an encrypted hard drive without the password or recovery key because it’s literally impossible or would at least require nation-state level computing resources to have a realistic shot at cracking even a weak password.
“Unable” is dishonest because it passes responsibility beyond the veil of the typical user’s ignorance. We’re so used to this sort of language that we’re conditioned to allow it even when we know it’s bullshit. It shuts down discussion and allows its wielder (inevitably a corporation) to avoid explaining itself. In the developed Western world we have a big problem with letting corporations do whatever the hell they want without explaining themselves, so I don’t think we should let them get away with this sort of thing anymore, and not being satisfied with mealy-mouthed evasion is one of the first steps down that road.
Well, I am unable to give someone your money because you won't agree. It's not against the laws of physics, but I still can't do it. Google can do it, they just don't want to.
Hell, they can even change their policies if they want, so they aren't really "unable".
Yes, but it is a dodge. Like an apology wrapped in an excuse. I read this post and I made a mental note to try to never say I am "unable" when I am unwilling. It's corporate speak that I have used myself.
But there lies the lie. When they use 'unable' they are implying that an external factor is blocking them, so arguing further is not possible and unfruitful.
As a cashier, I am certainly "able to" just hand you the goods and let you leave without paying, but in reality due to laws, regulations and good morals I am unable to do that.
As a cashier you are not empowered to make this decision. You are not "able to" violate store policy this way and keep your job. If a store owner or manager wishes to give someone a product for free or issue a full refund, yes they are "able to" do that.
The rep in TFA uses "we," referring to Google. Google is able to reinstate accounts, and The Google Ad Traffic Quality Team is able to reinstate accounts depending on their judgement of whether someone is violating policy. If they are not able to reinstate accounts, can you explain to me why they're adjudicating account ban appeals? Do they say "no" to everyone?
The key point here is that the agent(s) are responsible for interpreting the policy. They have decided that Droidscript violates their policy, and I personally have no opinion about that. But to imply that it's "out of [our] hands]" is dishonest.
Just say "upon review we've determined that your app violates our policies so we will not be reinstating your account."
I think you're overcomplicating things. Fine, substitute "business owner" for cashier, and the point stands. I am "able to" just hand you the goods, but my policies and morals prohibit me from doing so. They are abbreviating the longer statement, "we are unable to reinstate droidscript at this time without significantly redefining our policies"
It's reasonable to say you're unable to do something because it's against the law and doing it would make you a criminal. Equally its fair to say you 'can't' do something that would go against your morals.
That is not equivalent to what's happening here. There is no law preventing Google reinstating the account, and corporations don't have morals because they're not people. The only thing preventing them doing it is that the employees involved choose not to.
It would be correct correct for the Google employee to say "I am unable to..." because that is against their employer's policies. But they say "We are unable to...". "We" meaning Google, and Google is certainly not unable to reinstate the dev's account because they are unwilling to do so, which is what "against Google's policy" means.
No, you _will_ not do that, and made that decision so long ago it feels inviolable to you.
When someone points a gun at a cashier and says "this is a robbery and I'm gonna shoot you if you move a muscle," the cashier usually uses their ability to hold still out of concern for their safety.
We've gone from a world where we can run any software on our devices, to one where Apple and Google tell us how we can make money, what we can run, and what speech is permitted.
It's Orwellian, but with corporate greed instead of nation state fascism.
For a startup community, where founders will often be in a customer support role, the wording and tone of user communications (especially those with an unwelcome message) is often top-of-mind, so a language discussion can be relevant.
I’ve sometimes spent hours crafting a single reply to politely decline a request. It’s not even proportional to the prospective importance of the customer, it’s a matter of respect for all potential users.
Also, sometimes, investigating the issue to determine the right words has revealed hitherto unknown problems, uncovered new possibilities, highlighted alternative solutions that may be palatable, or even changed the outcome entirely.
Discussing the language used is actually thereby more productive & constructive than simply piling on Google for being careless, callous and pompous yet again.
Yeah I don’t get why it’s top comment either, I just meant to vent about an annoyance that’s frankly not material to the question at hand. I was unable to refrain from laughing at your quip incidentally.
Plain English is a wonderful thing. I wish it were used more often.
Non-plain English is usually a flag that the person you’re dealing with is not smart.
The usage of plain English words is something we do strive to see more often. We do hope that it can be utilised more often going forward. Unfortunately at this time we advise that the occurrence of non-plain English may indicate a violation of our MTC (minimal thought capacity) guidelines.
> Non-plain English is usually a flag that the person you’re dealing with is not smart.
I don't think it's that they're not smart. It's that they have a separate agenda, often deflecting responsibility. People often use this sort of indirect wording even without consciously realizing it.
This stuff is on the rise. I used to be able to resolve issues with customer service And they would admit fault. It’s becoming a liability shield where no one accepts fault.
The comments created by this “unable” vs. “unwilling” matter exemplifies but one reason I love HN. I know of nowhere else I can read intelligent back-and-forth arguments in Philosophy, Linguistics, Information about a Google Ads email—-one I find of importance as, I too have received such emails from big G over the past decade... And, like DroidScript, the experience was devastating for my business. But the more painful, the better. Failure is feedback. And because of my painful past experiences with Google, it’s impossible for me to forget. It’s a case study in Diversification vs. Focus. The downside of Focus is... “A business of one is a business of none.”
Yes the wording is intended to soften the interaction.
They use “we” to refer to the team you are interacting with emphasis on bound by the company policy/process
You may see “we” as the company itself setting its own policy/ process
> In your case, we have detected invalid traffic or activity on your account (Publisher Code: pub-********) and as a result it has been disabled. Because of this, the ability to serve and monetise through all products which depend on AdSense will also be disabled (for example, AdMob and YouTube).
> We understand that you may want to know more about the issues that we’ve detected. Because this information could be used to circumvent our proprietary detection system, we’re unable to provide our publishers with information about specific account activity.
> Once you’ve made changes to your site(s), app(s) or channel(s) to comply with our programme policies and terms of service, you can reach out to us using our appeal process. Please make sure that you provide a complete analysis of your traffic or other reasons that may have led to invalid activity in your appeal.
I realize that the term Kafka-esque is a bit overused nowadays... but this sounds exactly like a plot summary of Der Process.
I used to work detecting ad fraud. Publishers would do bad things, call in, and try to get their account rep to get details.
Obviously I can't say "of the last 2500 ad clicks zero of them had any mouse movement over the ad before the click event" because then the publisher obviously just fixes their fraud software.
This isn't specific to Google or even advertising. Every company has figured out when dealing with abuse and fraud sharing the minimum amount of information is beneficial to the health of the ecosystem as a whole.
In a case like that, sure. But they don't provide any information even when they want the publisher to make a change. Our Adsense account once got suspended because ads were appearing on pages that contained user-entered search keywords. Occasionally users would enter keywords that google considered 'naughty', and didn't want their ads appearing alongside. If they'd just told us that, we could have added a filter to not show ads with the list of keywords they had a problem with. Instead it was an infuriating, weeks-long process of pulling teeth to get clues as to what the problem might even be, and then making a list of every conceivably bad word we could find or imagine (admittedly that part was a bit fun) before we were finally able to get re-approved. And presumably we only got that much leeway because we were a reasonably large account.
The subtility is they don’t actively _want_ these small publisher to do something.
It could be better if the issue is fixed, but Google’s skin in the game is small enough it doesn’t matter, and they already chose to get rid of the publisher as an efficient solution.
A valid explanation, but not one I believe applies here.
This ban is not only not explaining how it detected unwanted activity, it is not explaining what activity it detected.
"We detected you faking ad impressions, though we won't tell you how we (believe we) know" is very different to "We detected you (or your app) doing something wrong, stop doing it and you will be fine. We won't tell you what you did wrong".
"Our ML system registered a hit on your account, which is almost always associated with policy violations, but we don't know what the trigger was, or why that set of data about your account is almost always associated with policy violations... it just is."
"and we know that it doesn't always work and don't care because despite our ML model being opaque and hard to introspect when we tested it against our database of known bad actors it performed better than both human review and our old heuristic based system."
There is an opposite side to this. If you have a human appeal process your accuracy drops to min(ml_model, humans) and I have bad news about which one of these is smaller.
I would believe this if Google wasn't notorious for providing the worst customer service that will avoid someone going to prison. Cable monopolies have a better reputation.
If the justice system started acting this way too where they don't tell you what crime you committed, what proof they have and how others can not commit such crimes, then I don't think that would mean "minimum amount of information is beneficial to the health of the society as a whole". This is basically letting get away with arbitrary rules without any accountability.
Is there anything in place to prevent bad actors from deploying fraudulent ad-click tools to takedown accounts?
(What you said makes sense to me, I just don’t know if/how ad networks could differentiate between the account-owner committing fraud and a malicious 3rd party.)
You make your peace with the fact that you'll have a certain rate of false positives, where you'll intentionally lose also some legitimate business in order to keep most of the "ecosystem" cleaner. Perhaps an unsatifying answer, but that's it.
It's not a situation like putting someone in prison where "beyond all reasonable doubt" is the appropriate mark; you can refuse to do business based on mere suspicion that may be mistaken. There's a limit where extra investigation or appeals is too costly compared to just accepting the lost revenue, and for small-scale customers, that limit is quite low. With fraud detection, you have to balance the tradeoff between false positives and false negatives, but you'll certainly have both.
In Google’s case, this is not enough. They exert too much control over the online advertising industry that it’s simply unfair to ban anyone with no explanation and recourse. It should be illegal. It’s almost impossible to effectively monetize an app or website using ads without including various Google technologies and services, and that’s Google’s own doing; they’re the ones who purchased all of those companies and integrated their own products in a way that makes them inseparable.
We viewed them as a cost of doing business. Some small accounts got nuked. :shrug: If we had to have humans investigate everything, and produce reports / interpretations that nuked customers found satisfactory, we wouldn't have been willing to service accounts under probably $40k/year.
And keep in mind the ecosystem is filthy with fraud, particularly on the low end. There very much are groups of organized thieves actively exploiting adtech.
And as @PeterisP says... look, we're not a court. We're a private business that is refusing to do further business with someone. Our right to do this was very clearly explained before the beginning of any relationship, and agreed to by that someone. If that someone doesn't like it, their recourse is to not do business with us.
> And as @PeterisP says... look, we're not a court. We're a private business that is refusing to do further business with someone. Our right to do this was very clearly explained before the beginning of any relationship, and agreed to by that someone. If that someone doesn't like it, their recourse is to not do business with us.
So you are basically justifying Google behavior. You are not a court, that's right. But every ban process should be easily and quickly prosecutable to settle the issue right in a court.
Obviously real fraudsters will never appeal like that, because they know they would incur in even bigger problems.
> Obviously real fraudsters will never appeal like that
I now know you have no experience at all fighting online fraud. People, um, lie.
On a serious note, if you require a prosecutable ban process -- whatever that means, because prosecuting is something the government does -- where you'll end is my original point. Ad companies will refuse to do business with publishers that aren't above some minimum threshold. My guess is $40k a year. Because remember eg google or whoever keeps about 1/3 of that money, so a $1k/mo minimum to staff humans and deal with arguing feels ballpark reasonable.
Separately, I'm not justifying anything. I'm explaining the economics driving behavior. If you want to be mad at me for behavior I don't control or influence... :shrug:
People have this misconception that ad networks some how get joy from turning people off for no reason. Every ad shown is a penny in their pocket, even if its 100% fraud. When advertisers start asking for money back is when investigations are launched and accounts are terminated.
There are literally no false positives. It may be fraud, it may be the ad is too close to a back button and gets accidently clicked, it could be the ads don't display right. But at the end of the day, it is a revenue decision.
There are several similar examples on android development subreddit. The best one which comes to my mind if when a developer got their account suspended because they were using a trademarked name in their metadata. The trademark name was "Windows". The developer was referring to house windows, not the Microsoft Windows....
Note that apparently there's a late-ish ‘restoration’ that seems to correct some of Max Brod's editing decisions so that the plot is more straightforward, if that can be said of the novel. Literally the chapters' proper order is unknown.
I listened to the audiobook of that (read by Geoffrey Howard), and while the reading itself is fine, you'll want to avoid the editors' preface because it gives out some plot points and the ending. (PSA: if you make audiobooks, don't put editors' or critics' opinions anywhere before the end, even in ‘footnotes’. Only clarifying notes for unfamiliar terms.)
This article is big news, because it shows that Google will permanently yank your Android app if your website violates AdSense's secret fraud detector! If you're running Google AdSense ads and you have an Android app that you care about, take down the ads immediately and switch to another vendor.
AdSense is the product where Google pays you for running banner ads; they can and frequently do kick people off of it for secret reasons. When my company was kicked off of AdSense back in 2010, I wrote about it extensively. https://www.choiceofgames.com/2010/08/were-banned-from-googl...
Google will never tell you why they ban people from AdSense, and there's no effective way to appeal. (They have an "appeal" process, but what are you supposed to write in the appeal when the charges against you are secret?!)
At least we can still publish Android apps, right? (We now run Facebook ads instead.)
But Google's email to DroidScript saying that the DroidScript app was removed from Google Play Store for "Ad Fraud" says otherwise.
Publishing status: Suspended
Your app has been suspended and removed due to a policy violation.
Reasons of violation
APK:206 Ad Fraud
App violates Ad Fraud policy.
Surely Google could have just revoked DroidScript's access to Google ads, while allowing DroidScript to ship on the store, like they did for us.
If Google ever yanked our Android app over "ad fraud," we'd have no recourse. We've appealed our AdSense rejection a dozen times over the last 10 years and we always get a form letter rejection. We have no idea what they think we did wrong, and we never will, so we can never fix it.
Thank god we don't run AdSense ads anymore. Based on this, I never want to run them again!
Maybe, but in this case they had advertising in the app which Google is claiming may have been fraudulent, and it seems everything ballooned out from there. There’s no indication that this has anything to do with advertising on their website.
Yeah I think claiming Ad Fraud is pretty much on the libel side of things, also I'm not sure why hasn't any developer taken legal action against outlandish Google practices yet.
There was at least one small claims case (exactly about the unexplainedness of the termination), where in the end Google produced logs that showed that the ToS was violated.
if you don't interlink your app account and your website's adsense google account, then this _shouldn't_ really be an issue right?
So i say always maintain separate google accounts for individual apps, for individual usages. Separate your personal google account from your business account, from your ad-network account etc. And i would argue that each individual app should own their own account (you pay for this of course, because of the fee per account i guess).
Google are wise to this; they'll hit you with an "associated account" ban. All your company accounts, app accounts, ad accounts, personal accounts, your spouse's, dog's, dentist's account - all banned.
This looks like the best course of action in the current situation.
Now the different accounts would still be linked to the same entity, and as stories like this make the news, more people would split their services on multiple account. As a response, it doesn't look like a stretch to me if next time Google would go after all account owned by the entity the deem responsible.
I mean, they already crossed the line of banning all services associated with an account. Wouldn't be surprising if they cross a few more lines as long as there is no critical impact for them.
And blood-black nothingness began to spin... A system of cells interlinked within cells interlinked within cells interlinked within one stem... And dreadfully distinct against the dark, a tall white fountain played.
"DroidScript is an easy to use, portable coding tool which simplifies mobile App development. It dramatically improves productivity by speeding up development by as much as 10x compared with using the standard development tools. It’s also an ideal tool for learning JavaScript, you can literally code anywhere with DroidScript, it’s not cloud based and doesn’t require an internet connection. Unlike other development tools which take hours to install and eat up gigabytes of disk space, you can install DroidScript start using it within 30 seconds!"
So... having read through their marketing material, this is an on-device tool that opens up what appears to be most of the Android application API to at least the user of the device, and potentially to any Droidscript applications they grab from other sources, and... maybe to other apps on the device? It's not clear from a quick read how extensive the runtime control is.
So just right out of the gate this is defeating basically the entirety of the Play Store vetting process. Droidscript itself may not be engaged in advertising fraud, but it makes advertising fraud trivial to deploy. (And it needs to be said: this is the kind of app that would never have been legal at all on any version of iOS.)
Add to that that it's a closed source IDE for an open platform, and my intuition sides with Google here. My guess is that when details come out it will turn out that at-least-plausibly harmful Droidscript garbage was being pushed to users and Google decided to kill it.
> this is the kind of app that would never have been legal at all on any version of iOS.
Pythonista is a complete Python programming environment which provides access to camera, music, contacts, the network, and so on, and has been available for iOS since 2016. What specifically distinguishes Droidscript from Pythonista such that you think Apple would reject Droidscript?
Droidscript has support for writing custom intents, which Pythonista (and Scriptable, a JavaScript version of the same thing) do not have. A malicious Droidscript application could access other applications on the device.
I've done some, although not a lot of, native Android development and I'm not quite sure what's so bad about sending intents. "Could access other applications" sounds dangerous, but as far as I know that "access" is limited to things those apps have explicitly decided to allow external apps to access.
Probably it's not the capability to send custom intents. Everytime i buy a new device, i look for apps with unknown or curious names, check the manifest and use an app like Intent (https://play.google.com/store/apps/details?id=krow.dev.schem...) to poke around.
Applications could be exposing intents they assume will be used by trustworthy applications (i.e. apps in the Play Store). A user could download a Droidscript (which as I understand doesn't trigger the unknown sources policy) which then tries to use intents it shouldn't need without asking the user for permission.
If Droidscript required unknown sources to do anything (not just APK exports), then other apps could check the unknown sources policy on the device and disable certain intents (which they may do anyway at the moment, since that would mean that the applications installed may be untrustworthy). But this way there isn't any way to tell.
trustworthy applications (i.e. apps in the Play Store)
Please don't equate trust with any app store like that. Firstly, many incidents have shown that this blanket trust isn't warranted, and second, the final arbiter of trust is the owner of the device, not the owner of the app store.
100% false. When a user buys iOS they willingly (maybe not stating 'I relinquish my control to Apple', but implicitly) give up a degree of freedom in determining who they trust to Apple. It's well-known that you can only get apps from the App Store when using iOS.
> Applications could be exposing intents they assume will be used by trustworthy applications (i.e. apps in the Play Store).
This is a poor assumption to make. Any data coming into your application should be assumed to be malicious. This would be the same as a server just accepting any data made to its API calls without any validation.
I know that this has but a fat chance of being taken seriously by Google but... Isn't this a good chunk of the reason why people here on HN and elsewhere have been arguing for much more granular intent management on Android like they had in the early days?
When we get permissions boiled down to one or two popups we end up with issues providing accurate privileges to applications (and might be forced to allow WhatsApp to trawl through our contact list if we ever want to send a picture in it).
Granular control shifts the power to the user and allows programs like this to have more fine tuned privileges.
I disagree - it turns into users clicking through piles of crap if you've got a crap UX. If the UX is well tuned to display this information and let the user break out to greater levels of detail or keep things simple then you can find a good middle ground.
Given the amazing strides in usability we've seen in nearly every other field it baffles me why everyone isn't onboard with the fact that we can take the learnings from elsewhere and bring them to the domain of permissions.
Permissions are almost always hierarchical and grouped into classifications that make it easier to present the user with fewer more meaningful choices than asking the user to approve whether an app can see each contact on their phone one-by-one.
I'm honestly a bit cynical (puts on tinfoil hat) that marketers have held us back here since a lack of granular permissions aligns quite well with their effort to grab as much personal data as possible.
There's so many crazy gotchas in android permissions, though... eg, most users won't know that there's a connection between wifi and geolocation data. That's a non-obvious connection with a real trade-off: the app might have some interesting wifi-based functionality, but in exchange the app authors might harvest your geo data.
Consider the permissions for the lowly keyboard app...
A proper understanding of fine-grained permissions basically requires a working knowledge of how that permission might be or has in the past been abused.
And ultimately, fine-grained permissions are probably answering the wrong questions. The user expresses some basic trust via the initial app installation; what permissions ultimately help with is deciding whether or not to keep trusting the developer. If the app ask for lots of unexpected stuff, it's probably malware and should be uninstalled. If the permissions seem reasonable, the app is probably fine, and the user just wants to delegate responsibility to the app to do what it needs to do to get shit done.
It's really /all/ about trust. If you can't trust a random app, installation is a high-friction event. Check the stars, number of users, read a bunch of recent reviews, carefully go through permissions providing access for exactly what's needed. If you /can/ trust a random app, you can just install it, use it to read the fscking QR code and go on with your day. The need for trust is why we've ended up with centralized app stores with stringent content policies, and all the false positives that come along with it.
Android's fine-grained permissions system isn't a good fit for something like Droidscript; one script could use a permission for valid reasons, then another could do something bad.
You can't access any random application just by sending intents. Available intents must be exposed to other apps if desired - for example, the camera app has a "show the camera for taking a photo" intent.
If you don't want another process sending you an intent, don't export your entry point. This isn't hard. Security through obscurity is no security at all.
You can't use it to create a backup script to online backup your phone data. For good measure iOS also blocks all apps since they would lose iCloud revenue.
I think your thoughts on this are plausible, if not likely. However, the usual complete lack of communication by google is the actual problem. Perhaps droidscripts could mitigate googles concerns, if they had the decency to explain them.
But if they do, a malicious actor can use that information to circumvent their restrictions, and its their walled garden, so they have very little incentive to tell everyone exactly what they don't like.
I know this is standard practice for most big companies moderating lots of content, but it has always seemed like such an insane policy to me.
Imagine if this were applied to actual laws enforced by the police. "You're under arrest but we won't tell you what law you've broken, because then other criminals might use that knowledge of the law to avoid being arrested. And by the way, a secret court has sentenced you to life imprisonment and all of your appeals have been denied."
Putting aside that law enforcement has very different risks & pressures from corporate moderation, you don't really have to imagine: US law enforcement have a tool called civil forfeiture which lets them seize assets suspected of being involved in a crime without charging the asset owners of any specific crime. The owners have to prove to the police that the assets were not involved in a crime to restore their property. The US also has FISA courts for sensitive matters, FISA hearings are secret and only involve the judge & government representatives without the presence of all relevant parties.
I'm not endorsing these US policies, but it's worth noting that even in democratic law enforcement it's accepted that the system isn't always bound by transparent policy and process. There are usually justifications for keeping some things secret and discretionary to enhance law enforcement effectiveness.
That's the claim made by Google and many other big corporations. It's plausible enough, but I haven't seen any hard evidence that it's true.
Suppose it is true that these companies can't reveal their decision making because there's so much to be gained by bad actors that game these highly centralized systems.
Then it seems like a larger number of smaller firms could be more transparent and still achieve the same effective level of security.
> However, the usual complete lack of communication by google is the actual problem.
Uh... Seems like the actual problem (given that scenario) is that adware is being pushed to users, not whether or not Google defended its ban in public. Complaints about customer service (from everyone, not just Google) are a dime a dozen, actual user security is clearly more important, right?
Your answer presupposes a frame where Droidscript is innocent. What if it's not, and it knowingly nodded to a community of junkware being pushed to its users (again, I have no evidence!). In that case you'd want it banned without "decency", right?
Banning it first is fine. banning it first, then not giving a reply to the concerns they have is not. Even if they have reasonable believe or proof that droidscript is indeed malware, it looks like at least a chunk of their userbase uses it for legitimate usecases and the devs, who likely invested at least a few hundred hours of work in it, deserve at least some communication.
I used to work at Google, and a friend reached out to me for help – his company's app was in a similar situation, with similar communication from Google. This was a good friend from high school, so I pressed the issue using internal channels. The person handling it on Google's side was very assertive about them violating a policy, and after some back and forth I received a _vague hint_ about what was the supposed violation. I passed the hint along, and after some digging, lo and behold, it turned out one of their people had lifted someone else's images without permission, violating copyright (kudos to Google for figuring it out). My friend apologized profusely to me, to the support rep, his boss, and let the culprit go. They purged the app's assets, changed their processes, and eventually the app was reinstated.
Now, this was a special situation. I had a personal relationship with the developer, and I was happy to vouch for their honesty. Yet it still turned out Google had been right all along. Now, it's a shame Google couldn't let them know what was the issue. However, it's a safe assumption that the vast majority of people Google support deals with are spammers. And there's a lot of them. If Google gave a detailed explanation to all of them it would mean a ton of additional work – which would create an unsustainable situation at this scale.
> However, it's a safe assumption that the vast majority of people Google support deals with are spammers. If Google gave a detailed explanation to all of them it would mean a ton of additional work – which would create an unsustainable situation at this scale.
You describe a situation where Google was going to put a whole company out of business -- probably ending your friend's job, as well as that of many other honest people -- rather than give them the information they needed to fix the problem. And you think this is reasonable, because it would be "a ton of additional work" for Google? We just have to accept people losing their livelihoods as collateral damage in the war on spammers?
Imagine if we applied the same logic to the government. If they think you committed a crime, they just toss you in jail and don't have to tell you why. They could catch a lot more criminals if they didn't have to waste time prosecuting them!
No, we need a Habeas Corpus for tech companies. If you are banned, you have to be told why. Make it a law. I don't care if it results in more spam.
> Now, it's a shame Google couldn't let them know what was the issue. However, it's a safe assumption that the vast majority of people Google support deals with are spammers. And there's a lot of them. If Google gave a detailed explanation to all of them it would mean a ton of additional work – which would create an unsustainable situation at this scale.
I don't think that's reasonable. What if most are spammers ? Better let a few spammers in than treat someone unjustly. Why would it become unsustainable ? I've seen this argument repeated ad nauseam, but have yet to see proper proof.
In this particular example, a copyright violation was detected in a image, so an automated response "someone else's image was used without permission, violating copyright" seems entirely plausible.
Google has the scale to do this, but they also have a large enough monopoly where they don't have to, so they won't. It's not that it's unsustainable, it's that it is entirely sustainable to continue doing things this way.
Can you elaborate? I can see how Google can scale this automatically. But I don't see how Google can terminate, say, one million apps a day, if each termination entitles the spammer a one hour conversation with a technical representative.
Why does it need to cost them an hour conversation?!
Look at the tone-deaf example this employee just shared. All they had to do was say in the same email that they used to ban someone "you have copyrighted images".
The moment they find an infraction they could literally take a screenshot, say "the problem is X" and email it, which would incur the 5 seconds it takes to add a screenshot and say the problem you already identifies, but make a world of difference for developers.
This nonsense about "it's to stop spammers" isn't about the cost, the laughably bad logic Google uses is that by identifying what rules you broke, spammers will get better at not doing stuff Google catches...
As if the spammers don't already know what they did to get caught!
Make the person but the hour, say $100. It's a very different value proposition for some one saving their business vs some one trying to game a system.
> In this particular example, a copyright violation was detected in a image, so an automated response "someone else's image was used without permission, violating copyright" seems entirely plausible.
Google should not be enforcing copyright in the first place without at least a report of infringement by the copyright holder - and in that case they should pass the report along to the developer.
Caveat: I work at Google but know nothing about this area and my opinion here is entirely personal.
> which would create an unsustainable situation at this scale.
Financial sustainability may have something to do with it, but I suspect the larger issue is that providing too much detail essentially trains malware authors to route around the company's defenses.
Imagine the Play Store as a castle which has both good townsfolk coming and going as well as being perpetually under siege by a malicious lord. Sometimes, the castle's defenses inadvertently prevent a townsperson from getting to market to sell their onions. When the townsperson is like, "Hey, I can't get in to sell my onions." it's helpful for the castle defenses to be like, "Well, we have the portcullis raised from 9am-11am on Tuesdays and the gatekeepers listen for your accent to decide if you're a local or an enemy."
But that's, like, exactly not what you want to say if the "townsperson" you're talking to is actually an enemy spy taking notes.
>"Rough consensus, and running code. We are not the Protocol Police."
Half the problems we have nowadays is because we have manufacturers playing "the Program Police", which leads inevitably to the point you just made.
You are now, like it or not, adversarial to any User looking to do anything you find unconformant with your bottom line. You cannot solve these issues by whitelisting, just like you can't solve the problem of crime by whitelisting, and hiding the conformance suite. If you can't know the test, you can spend infinite cycles changing the wrong thing to comply with it, and I do not find that to be a tenable state-of-affairs to push on users, even if intentionally aimed at the malicious ones. This is the same problem we have in meatspace with our overly byzantine legal system; but nobody accepts that secret laws are a good idea because if everyone can read the law, it's a national security risk. At least no one without some serious conflicts of interest.
Do you really think that your company is going to nail down a good solution to a problem that society at large can't even handle reasonably? I mean, think about it. This really is a subset of the general question of how to keep everybody doing something productive. I don't even need an answer. I just want to encourage people to think.
> >"Rough consensus, and running code. We are not the Protocol Police."
This model absolutely does not work when it comes to creating spaces where humans interact. There are bad actors and someone has to police them or they will abuse other users.
If you run a bar, you have to hire bouncers. It's simply part of the cost of hosting a safe venue.
I suspect the larger issue is that providing too much detail essentially trains malware authors to route around the company's defenses.
Perhaps so, but it seems not unreasonable to have SOME ability to work with the creator of an app that's been on the store for years with a substantial number of ongoing users and (speculating) a non troublesome patten of installs and purchases.
Nobody believes that Google is technically out financially unable to do this, which leaves the other option - at a corporate level not giving a shit enough to even bother trying.
Google will often do the right thing whether by plan or by happenstance, but it pays to be aware that when it does the wrong thing there is no recourse and will be no correction.
I'm sorry, but the "security" excuse is BS. You don't have to tell users what automated tool flagged them or how their violation was discovered.
You do have an ethical obligation to inform them of what policy was violated with sufficient detail that a good actor has a reasonable chance of complying with your policy.
I think that this should be required of any company that to provides publicly available goods/services, not just Google. This doesn't just help with monopolies, but also makes it harder to hide racism and censorship behind opaque policies.
That doesn't seem to be a problem in this case? Telling spammers they are blocked due to copyrighted images trains them not to upload copyrighted images. Win-win.
Well, this is the essence of discrimination and we wouldn't tolerate it for a whole range of indicators (you're black, gay, if a particular race, etc etc). My guess is the real reason they won't tell people is that they would end up in court pretty quick.
so, in you mind, detecting copyrighted images and using that as a metric to detect spammers is discrimination? Are antivirus programs discriminating too??
From a definitional point of view yes. Using an attribute to place someone in a class and then making decisions on a class basis without actual evidence they possess the other attributes of the class is discriminatory behavior.
How can google even decide that a copyrighted image was used in an illegitimate way? They’d need to check back with the copyright owner to confirm that there is no license and they’d need to confirm that none of the various exemptions apply. This is also a matter that’s entirely between the copyright holder and the author of the app. I could understand if the problem was that the copyright holder explicitly notified google, but then that complaint could just be forwarded to the app owner with no information about any secret sauce being revealed.
i disagree about unsustainability. there are real people on the other side of the business among these bots and spammers and if you ignore them because they might be bots and spammers, they'll leave and tell other real people that google can't be reasoned with because they assume everyone is a bot and a spammer.
you see exactly this happening all the time here on HN. the sentiment for the past few years is abysmal. google is actively blowing up their power user/developer customer base. looks like a metric somewhere got optimized a bit too well.
I think so as well. As a duopoly Google and Apple owe it to their customers and 3rd party developers to know why something gets banned. Being in that position requires special consideration to hold that much power. Government has to do it, why don't huge corps?
> It's a safe assumption that the vast majority of people police deal with are criminals. And there's a lot of them. If they gave a detailed explanation of why they are under arrest it would mean a ton of additional work - which would create an unsustainable situation at this scale.
But it's all good, Google is a private company™ and can do whatever they want®.
> Add to that that it's a closed source IDE for an open platform, and my intuition sides with Google here.
If I can't ship my closed source IDE on the platform is the platform really open?
> My guess is that when details come out it will turn out that at-least-plausibly harmful Droidscript garbage was being pushed to users and Google decided to kill it.
Of course they will say it was because x, y, and z were done to protect the users. But is it really for the users' benefit or just about control over their walled garden?
Yes...Droidscript allowed one to use the tiny computer in their pocket similarly to the way one could use the large computer on the desk. One could script small apps on their tiny computer and they could access most of the same api as java apps. It was pretty awesome.
> My guess is that when details come out it will turn out that at-least-plausibly harmful Droidscript garbage was being pushed to users and Google decided to kill it.
Yes, I'm sure Google will carefully release details that paint them as the good guy. Certainly, we don't want to be needlessly unfair to them, but there is zero reason to give them free trust them at this point.
Google will not release details because Google doesn't care if they look like the good guy (otherwise they wouldn't do stuff like this in the first place!)
Best case is the right person sees this social media outcry, silently gets it fixed and Google moves onto destroying the next developer.
We're talking about a development tool. Of course it's going to make any use of the device possible -- that's the entire point. If the point here is that any development tool shouldn't be allowed in the store (which I think google and apple are mostly fine with), that's a pretty sad thing in my opinion. Maybe google is "right" in enforcing their policies, but is it helping anyone?
> Droidscript itself may not be engaged in advertising fraud, but it makes advertising fraud trivial to deploy.
No more than being able to build an app on my laptop and push it over ADB.
> (And it needs to be said: this is the kind of app that would never have been legal at all on any version of iOS.)
It also needs to be said that this is why I don't use Apple devices. What they inflict on their platform is not an argument for what should happen elsewhere.
> Droidscript itself may not be engaged in advertising fraud, but it makes advertising fraud trivial to deploy.
I think that this is what has happened. The author of DroidScript claims that
> Unfortunately we also have to inform our users that we could no longer support AdMob for use in their own apps either, because we can't test it anymore and can't guarantee that Google won't treat them in the same brutal way.
So apparently users were able to do stuff with AdMob on DroidScript's back, and maybe AdMob registered these fraudulent actions with some Google-ID which was assigned to DroidScript.
I don’t get your point. Sideloading apps was always possible on Android even without a jailbreak. We’re not in Apple world, so it’s unclear which Playstore rules got broken here.
Side loading is an Android OS feature, not a Play Store feature. Can you sideload via Play Store apps? F-Droid isn't in Play Store, but APK Manager is, so I'm confused.
You've always been able to use any of the web browsers in the store to download and install a random APK from a website (for example F-Droid), you don't even need to sideload it. Sideloading apps is mostly just a relevant concept for developers or for users who have no alternative to getting custom code on a device. (Edit: Speaking of ad fraud brought up by the GGP, there are also many automation apps, at least one (Automate) uses a plugin flow-chart architecture exposing all sorts of functionality, with users able to share custom scripts. Not to mention tons of plain "auto-clicker" apps.)
Yup. Check out aurora store. It's a open source frontend to the google play store. All apps can be installed(except of course paid apps. Though if you bought the app and sign in to the account with aurora you can)
The fact that Android Play Store had apps like that all the way back to the earliest days is precisely why some of us have an Android phone rather than an iOS one. There are full-fledged Lua, Python, C++, Java etc IDEs there.
Chrome is closed source and has developer tools, and has damn near every permission Android provides. You can app your apps on it, as long as they are of the web variety. Should we not ban chrome too?
If droidscript enables ad fraud, isn't it an issue with how the android sandboxing model is fundamentally broken? Given that there are far more people using phones than computers, and a lot of new smartphone users will have never used a desktop or laptop computer, droidscript might be their first venture into programming and/or hacking. Let's not shut it down.
Chrome does not provide raw access to the APIs from JavaScript. Instead everything is sandboxed to the hilt.
Also the product has a very heavy emphasis on security, the security team is superb quality and well funded, and Google know that the team is trustworthy.
Chrome polices websites with per-site permissions, controlled by the user. Does DroidScript give users the same level over control over 3rd party code?
Whatever "open platform" might mean Android is becoming less and less of one as Google has made huge efforts to move more and more core operating system functionality into closed source Play Services and continues to remove developer access to many APIs in the name of security. In fact what you're advocating for in this comment is to make the platform less open.
> (And it needs to be said: this is the kind of app that would never have been legal at all on any version of iOS.)
Exactly, iOS is not an open platform and Google has decided they want to be more like iOS.
> wrapping every API with Javascript sounds non-trivial.
I am not an expert in JS or the Android API, but I wonder if you couldn't do it automatically? If types line up closely enough, I would think that you could get a list of Android APIs (pull it from AOSP if you have to) and mechanically translate to a JS API.
Still seems strange to me they focused so hard on the ad fraud part of it, unless they had a sudden change of heart and needed an excuse to get Droidscript out of the Play Store. They could just as well simply have said that any app that allows for easy, arbitrary code execution is a security liability and won't be accepted on the Play Store, which does include a fair number of root-required tools that have been removed at some point before. I don't necessarily agree with it, but that'd be a pretty believeable justification.
My gut feeling says these devs aren't telling the whole story.
> So... having read through their marketing material, this is an on-device tool that opens up what appears to be most of the Android application API to at least the user of the device, and potentially to any Droidscript applications they grab from other sources, and... maybe to other apps on the device? It's not clear from a quick read how extensive the runtime control is.
When did we collectively decide that programmable computers were a Bad Thing?
Some of us realised that end users don't want to program and that they can be better protected from themselves by only allowing execution of arbitrary code when they explicitly say they want it.
I thought the parent comment was speaking generally. Maybe I misunderstood.
Either way, I was thinking of downloading Droidscript as one way of saying "I want arbitrary code exec."
I think it's reasonable for Google to say "Most users don't understand what this implies, so if they want this they'll have to get it outside the Play Store."
That said, that doesn't actually seem to be what they're saying here.
I just think it's a reasonable stance to hold as an App Store.
Interpreters are problematic as they all are for executing what amounts to arbitrary, un-vetted and unsigned code. Weather or not to allow them should be up to the user and it is. Google is saying here, if you want this, you'll have to sideload it.
This is my primary hacking tool for throwing little scripts together on Android. You can bring up an IDE in chrome on your PC and interactively execute it on your phone. I hope this gets fixed.
I wouldn't really be surprised if EVERY scripting/programming app in the play store technically violates some play store rules, though.
Well damn, now I want to download it. I've never gotten into mobile development because getting started always seemed like a chore, but this sounds like it would be fun to play around with.
Try making a React Native app using Expo. You write JavaScript on your PC (but you can access native functions) and the app will automatically refresh on your phone near instantly.
You can later eject it to an Android Studio/Xcode project if you want.
Whatever you choose, moving to mobile development is extremely fun once set up. Usually IDE if your choice reloads the app on the phone over the cable for you, so the feedback loop is really nice.
Having tried neither, Flutter sounds like the polar opposite of both the experience and capability that GP mentioned. I'm sure it's nice but can it be developed interactively in a PC browser as described above?
Was it used to publish malware? Given that it's a general purpose scripting tool I can imagine that some people would abuse it and use it as some sort of backdoor to get clueless users to run malware without having to publish it on the app store.
If that's the argument I can sort of see Google's point here. The Play Store is supposed to be curated and the application should follow certain guidelines. This tool as I understand it effectively provides a loophole that lets people run non-curated code without jailbreak. I know that Apple removed apps for similar reasons in the past.
TFA is a bit misleading, the whole "AD FRAUD" angle is frankly irrelevant, it's just that since Google considers that the app violates the guidelines it can't be eligible for the ad program.
> This tool as I understand it effectively provides a loophole that lets people run non-curated code without jailbreak.
Installing non-curated apps has always been supported on Android - no jailbreaking required. Just get an APK either straight from the developer or through any number of alternative app stores, open it, click the "yes, I'm sure" option in the security popup and you've got yourself an app.
One of the specific features of DroidScript is that it is a remote IDE. That is, when you start DroidScript on your phone it will serve the IDE UI via HTTP and you can then connect it by using your phones IP address (DroidScript conveniently gives you a URL to use). Maybe that is the reason for Google's decision.
Also, according to DroidScript itself, Google accused them of ad fraud, so maybe there is something there.
This is the same story that HN readers have read hundreds of times over the past couple of years, just with different subjects.
Independent developer/small organization gets their app/YouTube channel/Google account shut down overnight because of false positives triggered by their system.
It takes weeks and insistence with bots to just get to speak to a human.
When you get to speak to a human, they usually respond with template responses and refuse to provide further information.
Rinse and repeat the same kafkanian process again and again.
In all honesty, what the hell is everyone waiting to get off Google? Gmail accounts, app stores, YouTube, ad networks... Alternatives exist nowadays for all of the products developed by a shapeless and faceless corporation that listens to nobody.
I wish a long and successful journey for the Droidscript guys on F-Droid or any alternative store. Time for Google to understand that without the content uploaded by us (users, creators and developers) they are nothing but a useless empty box.
The idea that there are alternatives for anyone but a fringe market without Google is pretty short sited, for example my phone warned me 4 times before it would let me install and use f-droid, each message made it sound like proceeding was compromising my phone.
It's a synthetic but effective barrier to prevent the majority of people from setting it up.
The mobile environment is as bad as chit, and company stores. This won't change by the will of the people alone.
DroidScript users already sound like a fringe market. Seems like the perfect candidate for F-Droid, however I don't know what the F-Droid policy is on showing ads (which sounds like they are not too concerned about keeping in the app, anyway).
Google is 1/2 of the mobile duopoly. No app developer can avoid Google Play Store (for publishing their apps) and Firebase Cloud Messaging (for sending push notifications to their apps).
I have ~800 applications installed on my phone and there are fewer than a dozen of them that I would not immediately uninstall were they to send me a push notification. I don't buy that "no app developer" can avoid using FCM, the overwhelming majority of applications have no use for them besides spamming users with desperate pleas to return to a screen that can serve advertisements.
I wonder if it's even a false positive. Imagine some ad fraud agency is using droidscript as a means to click on ads programmatically in a completely different app (which seems possible based on the overview) - how does Google distinguish between that and any other app using the same APIs to fraudulently click ads? What if there's actual malware that uses droidscript as a vehicle to do this to unsuspecting users' phones at night?
Well there's theoretically a very easy way to do it: static analysis of the source code, especially if it's open source like in DroidScript's case :)
Does it look like any of the references to the malware domain could come from the app itself? Then it's the app's fault. Otherwise, it's the user's fault.
You can also use Python to write ad bots and malware, but that's not a sufficient reason to ban the whole Python language (or any other programming language).
There's a good chance this app was being used as a vector for hacking, spamming or ad fraud. Not by the developers of this app, but by others who found this app being a useful way around the security of the Google Play store approval process.
> Alternatives exist nowadays for all of the products developed by a shapeless and faceless corporation that listens to nobody.
Do they exist? True. Are they "good enough" for the average person? False.
To add insult to the injury, they have nowhere near enough reach to build a network effect outside the narrow community of tech geeks or communities that are somehow underserved by the status quo (including communities built around repulsive things, which gives bad reputation to open and uncensored solutions).
Nonsense. Google is very large and you'll find situations like this in any large sample size. There's really not much more to be said; on the whole google works great for most people. Maybe this particular case has a legitimate grievance (in which case it's a false positive but many FPs exist at scale) or maybe they're opening up programmable interfaces in a way that was never going to fly with play store.
Whatever their reasons may be, they may be legitimate.
But using this sentence is simply not OK:
> Because this information could be used to circumvent our proprietary detection system, we’re unable to provide our publishers with information about specific account activity.
The developer/publisher must be given a chance to correct the issues. This is simply not fair.
I'm pretty sure Google can do better than to rely on security by obscurity.
---
> Unfortunately we also have to inform our users that we could no longer support AdMob for use in their own apps either, because we can't test it anymore and can't guarantee that Google won't treat them in the same brutal way.
Couldn't it be possible that one of those users was using AdMob in a fraudulent way, and that this was then linked to Droidscript? I don't know how Droidscript works, how it creates those apps, but it could be possible that Droidscript then was responsible for the fraudulent use a user did.
TL;DR: They are being accused of ad fraud, without any evidence provided, and they are asked to reply with an analysis of why they think their traffic ?? is legit (when they have no idea what is it that Google considered "not legitimate").
The biggest issue here I don't think is the malware tag, but the ad fraud accusation.
Even thought as somebody pointed out the page linked can be biased, based only on what they state and the emails from Google, this is another case of David Against (automated) Goliath.
From my point of view this is just another drop in the pound of what is already being built as a case against Google (and also Apple) for monopoly.
P.S.: I've used Droidscript in the past, and I do think it's too powerful an app that can be abused. But that happens to a lot of things in life, right?
the ad-fraud accusation is my biggest concern as well.
they provide no information or clues leaving the author to guess.
the author guesses that somehow someone extracted their identifiers from the apk.
google comes back and says more clearly that it's something to do with how the ads are positioned, essentially accusing them of trying to trick people to accidentally click.
this information should have been provided before the appeal, and google gains literally nothing from hiding this information from the author.
the malware claims have more validity, but the way they handled the ad-fraud claim is inexcusable.
Ad fraud will just fix their errors if Google provides any information about how it detected the ad fraud. They're fine with some false positives if it means 99%+ of ad fraud is squashed.
It is extremely possible that from Google's point of view, an inability to give such an analysis is itself justification to remove the app from the Play Store.
If Droidscript is flexible enough to allow end-users to create an ad fraud engine, it's too flexible for the store. Play Store is relatively consistent in its position that a tool that bootstraps policy violations is itself a policy violation.
But it would be great if Google could offer a concrete reproduction case, and from a developer-service standpoint it completely sucks that they don't.
Is there a service where I can host a raspi on my network and let people send it instructions about which ads should be clicked on and it gradually earns crypto over time?
I'd love to make some money while fucking with ad networks... :)
I'm not sure, but I'm going to note that click-fraud already exists and Google (as well as other ad networks) have countermeasures to determine whether your raspi is likely "clicking for fun" and chargeback the advertisers for the non-human clicks.
Whether those countermeasures can be reliably defeated is left as an exercise for the raspi owner. ;)
Instead of enriching particular sites, I wonder if adding a bunch of click fraud could punish others. Does 10,000 clicks being detected as fraud only invalidate those 10k clicks or does google use heuristics so that those 10k get extrapolated and punishes the valid traffic as well? Can you send enough bathwater that they'll automatically throw out the baby?
The only thing approaching malware I've experienced on Android was delivered via Google's own ad network. Given what little happened after reporting said malware one can only assume that they apply a very different set of rules to app developers.
Here's a thought. One of the most frustrating things to me about this kind of thing is that Google (or any other major tech company) could just ignore me and just tell me "you're malware". I get it. Technology people cost a lot of money, so I would propose that companies who the public depend on MUST offer consulting out-of-band at an hourly (or daily?) rate. This way the real issues are squashed.
Now I know that I can get the guidance I need to fix the problems my product is having. Also this helps reassure the public about the big companies intentions in that these FUD stories will become instantly irrelevant. You want your stuff fixed? Pay for the guidance. You don't want to spend the time fixing the issues? So be it. But don't expect anyone to listen to your problems.
On top of this, if it's a small open-source project, create a way to streamline funding for the guidance. If a lot of people depend on your project they'll almost certainly chip in a small sum per person for the guidance you need.
The eBay developer program does this. Premium support tickets are $75/hour iirc, refunded if it turns out to be a legitimate issue on their end. It can be a bit irksome, but it's a lot better than being stuck with no avenue to talk to a real person when something's gone wrong.
Well, if that started happening I'm sure people would start posting stories of how disingenuous the company's practices had become. If they flagged some software as malware they should already know exactly what the reasons are. So we'll call that maybe a 1-2 hr session to get up to speed on exactly what the issues are. How someone goes about fixing it is another story.
I'd say by default those sessions should be posted online for public viewing just so everyone can learn from the mistakes of the original team, or to make a judgment of how disingenuous Google is being about the issues. At the request of the project requesting those services they could make those sessions private.
Also this could lead to real innovation in the tooling for example Google consultants could write unit tests that would need to pass in order to be allowed on the Google App store. Those unit tests would then, potentially become public so everyone could just download the unit tests from Github in order to confirm their software meets requirements.
The other thing is Google would almost certainly see this as a cost center. Billing people at-cost (or slightly above that) for consulting services is way more labor intensive and tbh annoying for companies with a trillion dollar + market cap.
We're not talking a huge amount of money. I'm saying let these companies recoup the balance of the cost. For a small company it might seem unreasonable for a Google to bill them $100/hr for consulting services. Then again if 1,000,000 people are asking for those services at 8 hrs a pop. You do the math.
It seems this is not a rare case, I know that my friend lost great portion of his investment in the app at the point when number of users on his app was enough to start getting braking even, Google just decided that some of his users are deliberately clicking on ads.
I guess that is way when you deal with company with too much power, there is no way to appall, complain, or do anything that will save your business. So, I guess, and from few stories I read if they find out that you have type of business that is interesting for them, they can simply suffocate your business by standard mafia means, like in the movies first they send a "negotiator", then they beat you a bit, and if you do not comply they "burn" your place down.
So, company that had slogan "Don't be evil!" what a joke...
1) Don't make your business dependent on Google
2) Don't make any of your data dependent on Google (don't use Gmail, Workspace etc)
3) Don't make applications you build dependent on Google
Hint: If you can't migrate away from Google within a working day, you're doing it wrong.
And 'Google' here is shorthand for any entity from which you have no reasonable expectation of customer support which is both human and humane — so don't make your business dependent on Google, Facebook, PayPal, or any similar entity.
The writing style of the piece looks like a political mailer.
> The Google Play system has declared DroidScript is Malware and accused us of committing Ad Fraud! Needless to say, we are extremely upset and totally flabbergasted at this shocking allegation!
That kind of hyperbole sets off all my BS detectors.
As I go through the back and forth, DroidScript speculates this:
> Our main guess was that one of our users was experimenting with our AdMob ID after extracting it from our APK...
What I don't see is that they ever went back to the policies to check if that was legit. If it wasn't and you tell Google, "right, that was totally a feature but we've removed it," then, you just indicated that you deliberately implemented a feature that violated the terms of your agreement.
> How can they expect people to build organisations or businesses supported by advertising revenue, when they might be subject to this type of summary execution at any moment!
I agree that Google's communication with their customers is awful, but this is not a new problem: _you have to read your contract_. And that means get a lawyer to go over it and explain to you what it really means and not what you'd like it to mean.
> What I don't see is that they ever went back to the policies to check if that was legit. If it wasn't and you tell Google, "right, that was totally a feature but we've removed it," then, you just indicated that you deliberately implemented a feature that violated the terms of your agreement.
A user reverse-engineering your app to pull out its AdMob ID is neither a feature nor something the app dev can reasonably be faulted for.
Are you serious? It takes a minute to disassemble literally any APK with AdMob SDK and abuse their ID's. These values are not secrets. If a billion dollar company like Google can't detect simple fraudulent activity like this, how are their ads supposed to be worth a single dollar?
> how are their ads supposed to be worth a single dollar?
Hard truth: a lot of internet ads is fraud. With paper, radio and TV, any ad buyer can cheaply verify that their ad spending ends up where it should by buying a paper at a random train station or listening to the airwaves.
On the Internet, it's worse than the Wild West, with fraud and deception on every part of the chain.
Which is ironic because in the 1990s web-advertising was sold to marketeers' as the best form of advertising because every view is logged and tracked: unlike a magazine ad you can know exactly how many people saw it and interacted with it (...right before middle-school kids realized they could make free money by clicking ads they put up on their geocities webpages)
When Facebook launched their ad platform people were saying there would be even less fraud than open web advertising because FB (at the time...) was doing a good job of keeping bots out of Facebook - but I understand right now that Facebook advertising is the worst form of advertising you can spend money on...
For Facebook ads, I have an interesting story... way back years when some neo-Nazis chartered a ship (the "C Star", for those who want to look it up), cruised in the Mediterranean and ended up in distress, I set up a couple ads for troll posts of mine and targeted them to followers of the German alt-right party... and lo and behold, the people flocked in with angry replies.
Best 50$ I ever spent on entertainment, and it was highly effective.
> With paper, radio and TV, any ad buyer can cheaply verify that their ad spending ends up where it should by buying a paper at a random train station or listening to the airwaves.
Good luck verifying that the FM radio station you bought as spots on really averages 150,000 concurrent listeners. Sure, you know your ad was there, but that doesn't help you.
At least for TV and radio stations there are a lot of market research companies determining listener counts, and it's (relatively) easy to do a verification study yourself if you don't trust the numbers the station reports. Grab a phone book or buy an address list and contact people, that's it.
On the internet, it's next to impossible to do any sort of verification yourself.
> The Google Play system has declared DroidScript is Malware and accused us of committing Ad Fraud! Needless to say, we are extremely upset and totally flabbergasted at this shocking allegation!
How is this a hyperbole? The first sentence is literally and completely true. And the developer seems legitimately upset and shocked.
It's not hard to imagine truely being extremely upset that something you probably spent hundreds of hours on got shut down for inscrutable reasons outside your control.
If someone came along and pulled the rug out from under your ability to earn a paycheck you might be a bit excited and hyperbolic as well especially if all they told you was "you hurt our feelings" but wouldn't tell you why. The situation is ludicrous.
Doesn't matter. They're banned from re-uploading any updated version of the app; they're not allowed to fix the problem, even if they knew what the problem was.
This non-profit org was highly focused on the educational market. I think they would have gladly stripped _all_ advertising out of the app while they worked on other funding schemes to try to eke out survival. Google is not giving them that option.
I am not a programmer so I have no idea of the validity of anything they wrote. However, the style absolutely grates on me. It sounds like PR. and the random bold sentences seems like a calculated PR move.
I feel like we see these stories more and more often. Where an App is removed from an App store for nebulous reasons. I feel for the developers. This is their lively hood.
I would also like to stress that this is why we should give more effort to alternative platforms, even if they are "worse than the current offerings". For example I don't see people jumping ship off of YouTube and managing their own PeerTube instances anytime soon, but it is sooo important that something like that exists, and it should be looked at by people making content on YouTube more seriously.
Outch, they have done this sort of thing since quite a while now. A good friend of mine had a very big website (among top 200 Alexa raiting in ~2010) with adrevenue around 10k per month. Google just terminated the website without supplying additional much helpful information. Just an automatic generated email saying: you are done....
(that page was https://kriyayoga.com, which since has been closed down and made available for free download, only the tomb-site remains)
> We don't allow apps with any code that could put a user, a user’s data, or a device at risk.
If Google thinks the ability to execute arbitrary code puts users' data at risk why don't they go the full iOS route and ban everything, from scripting apps to other JS engines beside Chromium?
I am so sick of their behaviour, the only reason I am still on Android because things like F-Droid still exists and iOS is even more closely guarded.
>> "Can't you just make us a general-purpose computer that runs all the programs, except the ones that scare and anger us? Can't you just make us an Internet that transmits any message over any protocol between any two points, unless it upsets us?"[1]
The War On General Purpose Computing continues. Far too many business models depend on selling general purpose computers as "appliances". They presume it is possible to sell a computer that isn't Turing complete.
The battle really parallels the larger right to repair debate. (Especially if we realize the latter is probably is better called the right to exercise control over purchased goods.)
I have had my same fridge for 10 years, with no signs of failure. Unless the monthly payment was $3.00 or less, I would be paying more than I should starting in June.
The rental/do not own anything model is just awful, in my opinion.
Totally agree. The more time passes, the more I realize that I want to own what I have. I've grown more selective about what I purchase in general and I've become more minimalistic; but if I want to have it at all, then I want it to be mine free and clear. Especially when it comes to tools, land, and personal items. I want Good Quality and paid for with cash.
I tend to use things until they completely wear out, and I get really good life out of them. This makes them very cheap compared to the usage pattern of upgrading all of the time. Renting would be very expensive lifestyle; and my usage pattern is more environmentally friendly to boot.
Couldn't agree more. Anything you don't own 100% can be put in jeopardy totally at randomly. If it's something important that can be incredibly stressful.
Hence my point about the price needing to be much much lower.
It's not that I want to own or lease most random stuff I use. I want the use of a particular item. Since owning is cheaper I own a lot of stuff.
If my local library or maker space had better tool and book availability I would own fewer tools sitting in the shed used for one project and not with the effort to resell
No general computing company should be the single ingress point to running on their platform. For platforms with significant penetration, this is a market monopoly. [1]
For Apple, it's iOS and, increasingly, MacOS.
For Google, it's Android, and as has become glaringly obvious, Chrome. They shouldn't be allowed to run a browser.
The DOJ needs to stamp out this anti-competitive, anti-consumer behavior.
You can "protect" consumers with a permissions model and malware signature warnlist regardless of whether you enforce a store. Microsoft does it. Microsoft is the only company playing fairly.
([1] And no, this doesn't apply to game consoles. They're toys with lots of alternatives. You don't do business, banking, dating, note taking, drawing, stock trading, etc. on them.)
> You can "protect" consumers with a permissions model and malware signature warnlist regardless of whether you enforce a store.
I’ll believe it when I see an alternative to iOS devices that my dad can’t get malware on and only need a few seconds to fix by uninstalling an app or power cycling the device.
Agreed. I would feel better about this if I didn't think apps and local computing were really important. The alternative to phone apps is the web, but the web will never be fast (imo) and is simultaneously getting less open every day as well.
The web is the way for universal exposure. Regardless of speed it’s the only standardized, universal and widely used interface.
WebAssembly will be the ticket there—once it’s developed a bit more.
That being said, nothing compares to native. You could have shitty hardware by today’s standard with amazingly performant software if there weren’t so many damn layers in-between.
People are fickle with hardware though and we devs need things to slow down a bit to appreciate the nuances of each device!
Does it? Everyone is quick to judge but coming up with an alternative is hard enough that nobody has done it so far.
With scale comes scaling issues; general purpose computing and repairability need a different commercial model that doesn't match with the currently used models.
This leaves two avenues:
- Make it worse for everyone but keep it going
- Make it worse for everyone in a different way and keep it going
I don't know of a good solution here, but I do know that it's a sucky situation and the many "good ideas" to fix it aren't actually making it that much better.
Current scenario:
- Manufacturer on the hook for most things but also controls most things
- End-users that fall within the 90% bell-curve are fine
- End-users that fall outside of that are royally screwed and they don't even know it
- Users that are not end-users are screwed, but they know they are
So far all I have seen is:
- Manufacturers still on the hook for everything but they get to control less
- Everyone gets a little better but also a little screwed now
- The 10% outside of the curve don't get as screwed as they did but they still don't really know that they are screwed
- The non-users don't get screwed the way they used to but still get screwed
To clarify:
If I were to manufacture something, express what user experience comes with my 'thing' and warrant that experience to a certain degree, I don't want to be on the hook for any service or cost outside of that. The more I get to control, the smaller I can make the risk. That means I can also plan ahead better and reserve resources, but not so much that I don't have resources for something else left over.
This also means that if someone wants a different experience (i.e. they are not my targeted audience) or if someone wants to do something I cannot verify, I really do not want to be on the hook for that.
In total that means:
- If what I want and what my customer wants is similar enough, we're both happy
- If a small percentage wants something else, I cut my losses and simply don't serve their needs as soon as the cost of maintaining that deviation is bigger than what I would make off of it (short term and long term)
- If someone does something I don't have control over, but they do come to me to fix their problem, I don't want to be responsible for that, and I don't want to do any research on the possibility that something I made happened to break at the same time the customer broke something else; I just want a blanket "I am the captain of my UX" rule and be done with it
Now, I'm not saying this is ideal, or that I am an actual manufacturer, or that this is specifically what Google is doing (or Apple is doing for that matter), but I am saying that you can't have it both ways. Want something cheap and abundant? Gotta have scale. Can't have scale if you make a bunch of risk, add a lot of differences and support more than your middle-of-the-bell-curve. This sucks, but it's also not easy as saying "let me do what I want", because what happens to you and your device has side-effects, and I really don't want to get affected by something someone on the mobile network (or wifi network) I'm on did to their 'personal' and 'owned' and 'freedom' and 'muh righz' device.
Or in a high contrast (black-and-white/good-or-evil) line: If you want to be on a shared service, play by the rules or get out. (reality isn't that high of a contrast obviously, but it drives the point of externalities home a lot quicker)
Your primary alternative already sounds materially better than the 'Current Scenario' you describe:
1 - I'm not sure I've encountered anybody that universally falls within the 90% 'ideal' coverage. The more hostile things are to outliers, the more difficult everyone's life becomes.
2 - As far as I can tell, the slack that allows the bottom and top vigesimile (? 1/20th) to survive is also what allows the flexibility to foster the discovery of novel technical and societal configurations that are materially better than the status quo. That's how a kid from a family of coal miners has a path to making significant contributions to NASA.
As for point 1: that depends; if your business operates on keeping the center of the bell curve happy, and you don't like to risk that, than implementing something that degrades that doesn't seem like a sound business decision. Keep in mind that this is from the 'producer' perspective.
As for point 2: that should indeed be how it works, but the circumstances have changed, especially for large scale general purpose computing, and for various reasons and stakeholders as well. This is also the (wrong) fuel on the (wrong) fires in the current discussions on ownership, repairability and shared systems; it often tries to compare the "now" with a chosen "back then", and leaves out externalities causing the whole comparison to be useless.
For example: it used to be that you could run whatever code you wanted and you didn't need anyones permissions and nobody could stop you. Now, at scale, that means everyone from teenagers at schools circumventing the implementation of a usage policy to state-level actors extracting information would run whatever they want. They are of course already doing that to some degree, but this would be so much bigger and so much easier when you just 'run whatever code appears at the JMP', we might as well not have an internet.
This, in turn, means that you have to have some form of control, and some form of distribution or supply of such control as neither the will, nor the skill exists at the required scale to have everyone do this individually. How does one assert such control? Cryptographically. And now you're in PKI hell, or you're in DRM hell with DRM servers that go offline and render systems unusable. Oh, and you get DMCA and Legal requirements for free too.
It would be amazing if we could figure out a way to operate shared systems, and have some form of delegated control without having a PKI-like authority as the only way to ensure it. But I haven't seen it yet :-(
And this is just one of the many issues.
Take hardware for example; you can do plenty of nefarious things with hardware, and the user would never know about it. Want to backdoor an audio module so it constantly streams what the microphone picks up to an actor of choice (a social media company, advertising company, your abusive spouse, the government of a state that will hurt you on detection of dissent), you can do that and no normal user would ever notice. How would you then prevent such modification? Well, you could make hardware hard to access or hard to modify without visible marks. That's one area (slightly) covered, but then there is the software, imagine hacking that remotely. So how would you do something about that? Perhaps signing the software and checking the signature. Bam, back in PKI hell.
And if you were to make hardware hard to access, now you have a bad UX when someone comes to your service department and gets presented with a huge bill because your device had to be rebuilt because your kid put puke in the microphone hole. But if you make it unsafe you have the other problems again. No winning deal there. Or what if you use seals, now you have no idea why the seals are broken. Did someone tamper with it? Was it just a service call that's not registered in your system because it was done elsewhere? Who can you trust? What if you fix the reported issue but now something else breaks and you don't know if you did it or the previous tech did it? Guesses everywhere, everyone is sad, nothing works. yay.
Again, no real solution here. Say you do the (not very often implemented) secure boot method where you insert your own CA; that's great for yourself, not great for a shared system, because now everything else that requires you to be securely booted needs to trust that CA too. This, hoever, is an area where you can do a partial fix: if you just want local verification and you have the CA and CT you can at least know for yourself. But that doesn't work at scale. We can't expect billions of people to be PKI experts. And we can't expect them to understand the ramifications of the lack of verification either. (which includes effects on them, but also effects on everyone else they are in contact with by proxy) So now you still need that 'magic' central authority making a policy and a verification for that policy and enforcement. PKI hell all over again!
(keep in mind, I don't name PKI hell a hell because PKI is bad, I think it's great and I love me some hashing, public-key cryptography and root-of-trust chains -- it's just that there is no solution right now where you don't end up having an authority that can use it for good and bad at the same time)
There are a lot of scenarios where we could mitigate 'some' of it:
- Authenticated core but leave peripherals alone (your mainboard and CPU and AV chain would be on its own, but your keyboard can be key logging you as much as you want)
- Unauthenticated mode but no interaction with shared systems (would work great for things like farming equipment)
- Offline or do-it-yourself mode (again, no interaction, but you'd be offline anyway)
But then you're still in the realm of real-world abuse (want to know your ex'es password? backdoor the keyboard! steal your boss's documents? backdoor the printer!).
I don't know how to fix all of this, but removing all forms of authentication and still having shared systems isn't the way.
> just 'run whatever code appears at the JMP', we might as well not have an internet.
I'm old enough to have used the internet with a computer running Windows 98SE. As far as I can tell, besides data throughput, only webmail, maps, and media streaming have gotten materially better since that time, and even those peaked in an era when people were still running Windows XP SP3.
Despite all this froth about how we need to lock stuff down within an inch of its life with manufacturer-specified code verification, (North American) banks still seem to mostly be using the same terrible authentication policies they were 10, even 20 years ago.
The hardware problem isn't new; phone taps have been easy to install for decades. The world didn't end, nor did we shut down the telephone network.
In re software, we could easily strengthen owner trust in systems without having manufacturers ensnare us in straitjackets. Trust on first use could allow an infrequently-updated chain loader to verify subsequent components without depriving the owner of using the system as they desire. Hardware tokens, or physical buttons with dedicated circuitry could prevent certain system functions from being configured / updated without direct user intervention. 'Trusted' execution environments could be used to run software of particular significance to the device owner. We have an enormous quantity of tools in our tool box to improve the security of systems without relinquishing ultimate control.
Ultimately, though, liberty will always have some irreducible risk. It's not obvious to me why we should be valuing status-quo business plans to its detriment.
The issue is that the users are not capable of overseeing the consequences of their actions, and when you function in a shared system that is not great. (understatement of the year)
Even technically skilled users won't benefit from a construction of 'trust on first use', when was the last time you verified the host key of a system you SSH'ed into for the first time? How do you trust a system purely on something like that? And even then, when you got an error that the host key no longer matched, did you go on a research run to figure out how this might have happened, or did you just replace the key in your local known hosts cache and went on with your day?
What about websites, do you disable all CA's and just use local key pinning on all the websites that you visit? This is something you could do right now. But you won't, and neither will anyone else because it is far too inconvenient. It makes the entire thing useless. And every time you send an email, are you going to verify the fingerprint of the supplied certificate as well?
While it might not obvious to you, the feasibility of this at scale is something you can figure out by simply talking to users, looking at A/B test, comparative research, and looking at the security configuration of various user's systems and asking why they might have chosen the configuration as it is, and what the impact to them, the people they interface with and the internet as a whole might be.
wrt phone taps: it's possible and not the point (and not useful; the Americans did plenty of local and global taps and almost none of the broad taps yielded anything useful over 10 years, it was only the highly targeted taps that yielded real results). It's also not froth, "locking up stuff" and "straight jackets". It's about a hard problem, with everybody having an opinion but nobody having a solution. And the only thing people seem to want to do in such a scenario is apply a scorched earth policy which besides the obvious destruction doesn't yield a solution either. With the current devices and services there is so much personal data, proximity and interaction that the value and impact is much higher than your landline at home. The point isn't to make it perfect or perfectly secure, but to make it hard enough that it isn't an attractive broad-spectrum target anymore. Making it cryptographically hard to hack into a baseband, a bootrom or kernel is a very effective method to make this protection a reality, and so far there has not been a successful alternative presented by anyone, anywhere.
Ultimate absolute liberty is a fallacy, externalities exist, and society doesn't work in anarchy (but doesn't flourish in strict hierarchy either). Until you can manipulate time and space, and modify matter at a subatomic level, you are and will always be dependant on externalities, and as such you have to work with those. How hard you make it for yourself or others depends on the degree of society and civilisation you can live with. You don't control the BGP tables on your ISP's routers, but that seems to be fine for all the millions of users. But all of this is straying away from the topic at hand quite significantly.
(Edit;) As to the 'value status-quo business plans': that is not something we value, but something the producers of some large-scale hardware and software manufacturers value. They aren't society's friend, but they do need it to buy its products. And if the USP of the product is something you want to remove, then the manufacturer is probably going to try to prevent that. This would be 'fixed' by you getting what you want and they getting what they want, but that is not technically feasible (or: has not been shown to be technically feasible yet), hence the long blocks of text describing that problem.
If the network can be adversely affected by a "muh righz" device then the network's threat model is shoddy. Taking away freedom to prop up a badly engineered product isn't fixing the bad engineering.
The Internet is a good example. The threat model has been far too trusting, historically. We're paying for that in a variety of different ways. Burning it all down and starting over is impossible, so we're stuck in a mess. Maybe we can do better in the future.
Indeed. I would perhaps formulate it slightly differently but it is what it is.
This is also something that feeds the 'it used to be better back in the day' feeling, because some aspects might actually have been better because too many possible threat actors back then wouldn't take internet seriously and as such weren't an actual threat. So it wasn't safer, it was just less-attacked. As a result where was less pressure to make hardened clients and servers, and as a result of that, it meant that things like digital signatures were extremely optional (and computationally too expensive to include for the sake of it).
On the other hand, it's also the openness that brought its success, and may very well cause its downfall. (that said, nobody has been able to come up with a worthy replace ment so far) Having no single owner makes it better in that regard, but also worse.
Even as a casual Android dev I've noticed it becoming more and more restrictive over the years, from restricting apps from reading storage, to restring apps from accessing clipboard, to restring apps from running in background, and a ton of other things all in the name of protecting customer. Every time I update to a new phone with a new Android version my hobby apps (which only I use, not published anywhere) are broken in some ways because of this. The end goal of Android seems to be a closed system like iOS and that makes me sad. You can make things harder or hard by default but at least give the power user some choices damn it.
You can still do things, its just that now the user has to approve it. Maybe a 'let every app have every permission by default' checkbox would make you happy but I'm not going to advocate for it. And you can still sideload an APK without even having to jailbreak the device.
Re read the parent post. They write hobby apps that they clearly sideload themselves. They are also right, each iteration of the SDK takes away another feature of the device the app can access, regardless of whether you ask the user, in this instance the author of the app, for permission.
The end state is for apps on Android to be either pointless fluff that basically do nothing useful, or mega apps written by big corps where the rules don't apply. Hobbiest coders are not wanted, or accommodated.
Exactly. To give an example, I have a dictionary app that I wrote to facilitate my French learning that runs in the background and automatically looks up word copied to the clipboard (e.g. from Play Books or Chrome) and brings up the definition. Starting with Android 10 or so they disabled clipboard listener for apps in the background so the whole functionality is toasted. There is no permission to enable this "clipboard listener in background"
That's the way only bean counters should think, not developers, it should be a problem to solve since it helps keep us honest and not just a cog in the system.
There's nothing wrong with the appliance business model - embedded devices that use microcontrollers are Turing complete and yet no one complains about those. It's only when devices are marketed as general-purpose (i.e. smartphones, PCs) but are locked down to prevent running arbitrary user-loaded code that it becomes a problem.
I also mind when things like my tractor or my car are locked down to prevent my ability to use a 3rd party repair shop, repair it myself, or make changes so the item better suits me: The person who fucking owns that computer.
I think there's a very real risk that the concept of "ownership" is going to die if we continue in this fashion.
Do you own a thing if you're prohibited, intentionally - by the manufacturer - from making any changes? I'd say no.
Do you own a thing if it has to check in to an online service controlled by someone else before it works? I'd say no.
Instead you're just renting, and these companies are intentionally rent-seeking (in the worst possible way).
Add that on to the fact that almost everything is rent to buy with "incentives" shoved in your face for never actually finishing out the contract to own something, like your phone. I think ownership for everyone outside of some select few is in very real danger and I've thought so for some time.
I think as long as you're willing to give up your warranty on your tractor/car/whatever because you're hacking on it with 3rd party tools/firmware you should be able to do whatever you want with it. Just remember it's a two way street and everything has a price, you will have to give up something to get something.
I still like my car to have an immobilizer, and locks on the ignition and doors. There is certainly some level of access controls that most people definitely want.
That's not what people are taking about, though. Certainly people want security features that make it more difficult for someone else to steal their car. But those features should be under the control of the owner of the car, not the manufacturer.
It's really hard to do that and make the thing a consumer-friendly product. We've been trying to solve this problem for most of the history of computers, yet, attacking authentication (often indirectly) is still the #1 way that computers are compromised.
Most people simply are unable to properly handle private keys. All of the systems with the highest levels of consumer satisfaction have third parties that manage (or at least can override) keys on the user's behalf. Systems that do what you're suggesting are notoriously plagued with issues surrounding key management to the point where they never reach mainstream use. i.e. PGP, bitcoin, etc.
Those are still "yours" in a sense, so don't fall into the feature set the poster you are replying to is talking about. Though the immobilizer somewhat skirts the line. (Or at least from my personal view).
Think John Deere implementing software lockouts in the tractor ECU. That is nothing more than forcing their business model onto the end user through digital logic.
Those are the sorts of things that need to be legislated. You should not be able to lockout people from ECU for example, but the person would have to be willing that a compromised ECU can blow up/damage their engine and they will have to accept that the warranty is invalid the second they mess with the ECU programming.
That's no good because the car can malfunction for reasons other than damage caused by the ECU, and the warranty covers those reasons too. You shouldn't have to lose your warranty on part A because you modified unrelated part B.
They're just as much "mine" as an iPhone is. It is extremely common for digital authentication of physical keys to be protected by encryption or signing by the manufacturer.
Sure, but to be as blunt as possible - You don't own your iPhone. Full stop.
You are renting it from Apple. They control what you run, when you run it, what you can install, what you can remove.
By default, they're shipping you a device where you're literally not the root user. I can't possibly think of a clearer argument that you're renting, and entirely at the whim of Apple (which does have root access, and actually owns the device you happen to be using).
The issue to me is that ownership implies the right to modify and change a thing, especially in ways that the original manufacturer doesn't support or agree with.
If the manufacturer is still calling all the shots on your device, you don't own the device!
Sure. No matter what your definition of "own" is -- I am saying, my car is already the same thing.
The question is, do we have a good solution to enable the average user to own their device while also ensuring security and availability?
We have two options with cars, either intentionally implement a security hole, or let the manufacturer "own" it. Because the other option -- tell the customer they're SOL when they lose their private key, is not a solution that is practical (grandma will lose hers) or possibly even legal (manufacturers' obligation under lemon law).
This is a solved dilemma. Lets take the car - There's already a huge security hole: The car key.
That key disables all the security measures to stop the car from moving and lets the user drive it.
Why should the same key not also allow 3rd party parts to be installed, or disable any other security feature the user would like to disable?
The user has already been given a device the compromises the entire security system, why do you think they need to do anything as complex as store a private key (it's embedded in the physical key).
Same question for phones - The user's pin/password already removes essentially all functional security from the system. I'd add a requirement for a physical switch to be toggled in the case of the phone (a tiny toggle header, or a certain combination of presses on the available buttons should do just fine) to rule out network based access.
In general though, security measures added by the manufacturer always fail, because the user has to actually use the thing at some point.
So given we already have the hole, the only reasons I can come up with for continuing to forbid the owner of the device from actually owning it are
1. It adds cost to the product
2. It removes future revenue from the company (because that pesky owner might choose a cheaper repair shop if they actually own the device... however will the company maintain their monopoly on parts/service?!?!? Think of the children!)
So many people complained about not being able to run their on firmware on the TiVo that it caused the GPL to be updated to version 3.
While Turing machines are universal, there are practical limitations of the hardware. A tiny embedded microcontroller with kilobytes (or less) of memory is not an attractive target for customization or repurposing. Today it is probably easier/cheaper to simply buy a Rasberry PI or similar.
Also, some companies understand that they are in the business of selling hardware and don't particularly care what you do with it.
>> There's nothing wrong with the appliance business model
Do you mean that literally? There is daylight between "appliances shouldn't exist" and "there's nothing wrong with appliances." I mean, I agree that microcontrollers and smartphones/PCs are different. There's obviously something wrong if problems emerge at some point along a scale. There's no real defining line between GPCs and microcontrollers.
I also don't think it's a problems if someone somewhere has a locked down PC. It is a problem if most people do.
As far as I'm concerned, as soon as you've publically released an SDK and invited third parties to form businesses off of developing software for your device, you have no right to represent the device as an appliance. At that point it is obviously a general purpose computer.
I complain about my TV showing me ads. I complain about my car not resetting one annoying light when i change the oil. I complain about the proprietary connectors on my generic batteries that restrict me to one brand of power tools (that get's discontinued for new proprietary connectors every 2 years).
It's fine if you love exploitation capitalism. But don't go assuming crap about others.
I think the more interesting cases are 3D printing of weapons, and in the future programmable biological material. One of his statements is that he himself, may not like the applications enabled by general purpose computing, but that even if he personally doesn't like them they shouldn't be outlawed or banned.
Google messing around with their app store is peanuts compared to the government banning or restricting 3D printers because they could be used to evade gun control for example.
It's inevitable, given the scale that has to happen before ASIC become remotely profitable and how cheap general purpose computers are today.
Just buy some cheap SOC from the market and load the software, close it in a blackbox and call it a day. It's going to be the future now. God forbid they also talk to internet and runs an OS version from 2014 and never gets patched. It's a botnet paradise.
From the article parent linked: "It doesn't take a science fiction writer to understand why regulators might be nervous about the user-modifiable firmware on self-driving cars"
It's not just regulators who are nervous! What if someone modifies the firmware in their self-driving car and introduces a bug that causes the car to crash and kill someone?
the issue is we as a market expect them to be responsible for the security of the OS and its apps. Its very difficult to manage security without control.
If I'm a network engineer at a company, I need full control of the network to ensure security. As just a user of that network, I would have to understand that I don't have full control for security reasons. But it's not my network.
When it comes to consumer devices, there's no reason why security requires locked down devices that the so-called "owner" of the device can't control. The end-user should always be in charge. If the manufacturer chooses to put escape hatches in front of features that could lead to security compromise, then that's fine. But those escape hatches should exist, and I refuse to buy a general-purpose computing device that doesn't have them.
The Google vs. Apple argument here is specious; the locked-down nature of Apple's devices is not necessary for their better (but honestly still not great) security, and the less-locked-down nature of Android is not what makes it a security minefield.
It's useful to see through a principles/fundamentals lens. General Purpose Computing that isn't Turing complete, or whatnot. Genuinely useful.
But, the "freedom is indivisible" take is not always useful, particularly not on its own. There are practical realities to contend with and the world of appliance-computing is big and complicated. A lot of issues relate to back competition, or lack thereof, for example.
>> an Internet that transmits any message over any protocol between any two points, unless it upsets us?
Look... The problems coming to fruition today have been talked about on HN/etc. for decades. They're hitting the political stage, and all those discussions have near zero impact. The ideas were never translated to general consumption form. We always prefered to be right over effective.
The average politician has never stops to think about how www, linux, email, gnu, wikipedia and such are possible, what that means. If they did, they don't have the vocabulary for it. We didn't give it to them. Just let them read "cathedral & bazaar" or somesuch. Instead of working we snarked our incomprensible principled platitudes. Worse, we arrogantly assumed we'd win anyway. The internet couldn't be locked down. A country who tried to make Great Firewall would fail. Property rights would be redefined^ because digital copyright is impossible and the internet is more important than Beatles royalties. How wrong we were. How seldom we remember it.
Classic ideologies like Marx, Rand & such tend to fall into this exact arrogant trope. I am so right about everything that it's all inevitable. History will conspire. The arrogant fools. Us too.
Think of all the pull that Disney, EMI, etc have. Every politician can recite the case for copyright verbatim, along with the other talking points. Protecting their interests is literally one of the main things the US uses its might for. It's always a non negotiable demand in trade relations. Every politician or hack commentator knows to cite "stealing intellectual property" as a complaints against china or whatnot. Major digital legislation (eg DMCA) was written by and for them, along with other laws.
Conversely, very few politicians or hack commentators could articulate a digital freedom case, a case against copyright militancy, or a case the against software patents. Those that can will be freestyling it. No "talking point" sheets. No consistency. No real lobby. No solidarity. No effectiveness.
How the f##k do EMI & Disney have much more influence than us, or at least Google & such? We are arrogant fools. That's how. They're entertainment industries. We're the engine of modern economies. DMCA affected the tech business just as much as Disney. We even had status quo on our side, so all we needed was a hung jury. How did we lose this? It's a joke. Like Mike Tyson losing to McBride.
Right to Repair should have been long won. We should be battling for OS mandates on the back of it by this point.
So... where are we now? Politicians and journalist-types are literally starting to think of regulating social media as a "common carrier." Concepts recycled from early 20th century Telcom sagas. Not "neutral" carriers. Not "open" networks. No "free as in freedom." In fact, it seems like no idea from the personal computing age has influenced anything. No one who understands FOSS or how the www works is even in the room... the room where decentralising an internet-based communications network is being strategized. Do we realize how big a failure this is?
^No shade intended. I agreed ATT. I still do in the abstract. But, the lack of "what we need to do" was a mistake, IMO. History does not drive itself: http://www.paulgraham.com/property.html
Once there is no way to run Termux that will be the end of the line for me and I've been on the Android train since the G1 days. I am ok with installing it from F-Droid or adb as long as it remains runnable. (I guess I am in the bargaining phase)
I don't think that I am ok with not being able to easily run my own executables since I rely on running a few Go utilities in the Termux CLI.
I'm personally planning to replace termux with a full chroot; my phone is rooted, so all I need is an app to give me the actual terminal emulator and I'm good. This would be fine for running the odd Go utility, but is likely to be insufficient if you're doing anything with the actual Android API (which termux has been great at). And of course, in the long term this is just another reason for me to hope the pinephone gets to prod-ready ASAP:)
Yep, Termux is the most used app on my phone and I don't know what I will do when they have to migrate to SDK 29. I will probably buy another phone and install LineageOS.
SSH, and also when you're on the road and want to write a simple Python script to process something, or do something with your sensor data logging. Termux has a Python API to access sensor data, it has numpy, it has requests, so you can do a lot.
For me ssh to access my main Emacs session is a big part of it but I also run some shell scripts and CLI tools and services written in Go. ssh-ing back into the phone for file transfer is another important use.
Sure, it is a good alternative. But I still need a phone to do some work, like Whatsapp and banking apps (which I don't think Librem supports). So I am waiting for it to become stable and a little mature.
Unfortunately there is no good alternative to Termux (its Android API). But with a rooted phone you can use chroot to install a Linux distribution. LineageOS is just a popular ROM for rooted phones.
I run lineage but I don't typically use my terminal on my phone unless I'm using it for SSH. I hadn't though of the chroot angle though. That's rather interesting...
It was just a figure of speech and if you know how Termux works even a rooted phone is no alternative. (Termux exposes Android APIs, like camera and GPS.)
> Starting in Android 7.0, the system prevents apps from dynamically linking against non-NDK libraries, which may cause your app to crash. This change in behavior aims to create a consistent app experience across platform updates and different devices. Even though your code might not be linking against private libraries, it's possible that a third-party static library in your app could be doing so. Therefore, all developers should check to make sure that their apps do not crash on devices running Android 7.0. If your app uses native code, you should only be using public NDK APIs.
Even mozilla firefox is banned on the premise that it can run arbitrary code and yes, that is the official apple instance.
The fact that they apply it when they see fit and allow other times, and that it is totally arbitrary and opaque based on their own private interests, is exactly what everyone with common sense tried to explain when criticizing the walled garden.
My understanding is that what's banned on iOS is not arbitrary code per se, it's arbitrary code downloaded from the internet. Code you enter yourself, like in Pythonista, is just fine.
Isn't the problem JITing? Mozilla could ship Firefox, even with the JS engine, it would simply be unusable (compared to Safari) because they wouldn't be allowed to run JIT (only interpreter).
Firefox isn't banned, Gecko and SpiderMonkey are. For a few reasons, Apple doesn't want Blink/V8 demolishing users' batteries, and they have the excuse that allowing 3rd party browser engines is a security risk.
You may not realize this but Apple allows scripting apps on their platform now. There are two notable Python language interpreters Pyto and Pythonista. There are some shell environments too that include Unix style command shells and different interpreters.
This is actually worse than the full iOS route, because Apple is likely to at least listen to appeals and implement bright-line rules between "things the app does" and "things users do". They ultimately do want to have developer tools on the App Store and are willing to accommodate them to a point. Even the "no competing browser engine" thing has a technical explanation: Apple wants to be able to update that part of your app without you being involved.
Google just doesn't care about what your app does until they start seeing click fraud, upon which they ban your app, delete your Gmail, and ghost you. They've even done this to paying GSuite customers, game studios they were working on, and their own employees' spouses. As far as I can tell, antispam is at the top of the org chart and can overrule all other layers of management. I would never trust Google with anything I can't backup or migrate to another service.
The console tab of Chrome's developer tools allow arbitrary code execution. That example is not a security violation, ergo arbitrary code execution is potentially but not necessarily a security violation.
A valid remediation requires more than just arbitrary code execution, such as privilege escalation or leaking containment.
Technically, f-droid is a walled garden of sorts, too.
The difference is that fdroid is actually helping users through being transparent about it. The other stores and their policies usually are not transparent, and therefore nobody knows whether there were financial motivations involved in the decisions.
What I don't like is google claiming droidscript harms Android through a malicious AdMob ID. Even if that were the case, what happens to the 100.000+ installs that are rolled out already? And the Apps built with DroidScript?
If there's no support you can contact (at Google) and no changelog on what happened, the policies get intransparent and look more like a financial motivation rather than a decision that seemed to be beneficial for the end-users.
I can add third-party repositories to F-Droid. The default F-Droid repository may be a walled garden but as far as I can tell the app and protocol are definitely not.
A walled garden doesn't necessarily exist solely of proprietary protocols and code. In the case of fdroid, apps that violate open source licenses are not allowed.
So, technically, from the perspective of a company like Facebook, fdroid is a walled garden they cannot enter without open sourcing their code.
(I'm not saying fdroid's policies are bad. I'm just trying to make an argument for the counterside and am playing the devil's advocate here.)
PS: I know about third-party repositories. That's not the point, it's differences in policies and their effects on the ecosystem I want to discuss because I think they're more important.
Google advocates always make the argument that endusers "can just root their phones and install the APKs anyways" which is similar to f-droid with an external repository. Most non-technical endusers simply won't do that.
"In the case of fdroid, apps that violate open source licenses are not allowed" ...on the main repository. AFAIK, there's nothing stopping Google or anyone else from setting up their own F-Droid repository to distribute apps with proprietary code. The normal F-Droid app should be able to use a repository like that just fine.
EDIT: Addressing the "PS" that was added...
> Google advocates always make the argument that endusers "can just root their phones and install the APKs anyways" which is similar to f-droid with an external repository. Most non-technical endusers simply won't do that.
Android skirts around the criticisms fielded towards iOS by technically allowing users to install and distribute third-party apps. The real problem with Android is that the default distribution platform (Google Play Store) is a walled-garden, proprietary app with such a massively disproportionate market share that most users don't even realize there are alternatives. And Google ensures their store will always be the default because they hold their proprietary Google Play Services for ransom. And Google Play Services is so valuable because it provides many convenient features and functions, including some which used to be part of the operating system itself.
But I think that the main issues of Android (or AOSP) are even a level deeper than just the Play Services.
There are lots of initiatives that try to create a free ecosystem for themselves (Lineage, /e/, Carbon, et al), with their own stores and sources for Apps. Most of them have varying degrees of success, due to gapps counterparts like microG [1] not being able to keep up with what Google's Play Services provide API-wise.
It's an absurd amount of features, and a lot of API workflows to consider. Bugs and crashes everywhere down the user experience...but hopefully they're getting slowly to a stable state.
Coming back to the real problem: I think it's actually the Vendor deals that Google did. Most of the manufactured devices are almost impossible to flash without reverse engineering skills, and this is intentional. Having to wait more than 3 months to unlock a smartphone's bootloader because the manufacturer doesn't give a damn about you is just one of many examples; setting aside that most of the unlock procedures are meant to be understandable by developers-only.
I think that in order to "really free Android" the creation, flashing, updating of ROMs has to be standardized in a more homogenic way (partition fatigue, anyone?), because it would allow a graphical and easy-to-use software to be built. That would allow to flash a ROM without e.g. losing all /data and more importantly - be usable by end-users without technical knowledge.
In my social circles I'm the guy that flashes LineageOS to their devices, because most of the terminology is so far away from the reality of most users that they have no single clue where to start. The amount of knowledge that is required to flash your device (and be Google-free, even in Apps with e.g. with Appwarden [2]) is absurd and as long as this is the case it will be a niche that's being ignored by politics (and potential regulation laws that would force Google's policies to change).
I kind of agree, although I'm not sure it's fair to say that the problem with Android is that you can't easily replace it with another OS. That's not really an Android problem.
It's incredible what a smartphone can do given its form factor and a lot of that is thanks to their use of SOCs. I have no experience with OS development for SOCs, but I hear it is much more involved because a new version of the OS must be created for each SOC - specialized to work with the device tree supported by that chip. As I understand, Google doesn't do that work. Manufacturers have to fork Android and implement support for their SOCs on their own, then they have to maintain that fork as new Android releases keep coming. It's no surprise then that manufacturers don't want to invest addition support into other operating systems like LineageOS.
There's probably a better way to do things. I'm sure manufacturers could make information more available to OSS communities which would allow them to do the work themselves more quickly and effectively. Like you mentioned, standardization would also go a long way towards making our current smartphone ecosystem more friendly to third-party OSes. But ultimately, none of that is really Android's fault.
Even without Google's vendor deals, I doubt the likes of Samsung, Motorola, or any other major smartphone manufacturer would start supporting LineageOS. It's hard enough to even get Linux suppport from desktop/laptop manufacturers. LineageOS is a really amazing project, but I don't think it's the one paving the way for open source operating systems on smartphones. I think most of that work has to come from the hardware side with projects like the PinePhone.
What else can you expect from a monopoly that knows its above the law—as there isn't any that's either applicable or enforceable?
Thus, being above the law Google has no need to concern itself with bothersome matters such as fairness, justice and one being considered innocent before the Law until proven otherwise by due process.
Do we really have to go demonstrate on the streets before our legislators will act to stop this out-of-control monster?
Part of me is amazed that so many apps continue to rely exclusively on the Google Play Store for distribution and monetization. With Google's track record, it's practically negligent to build a business which is completely dependent on their proprietary services.
That said, there's also probably no money in Android apps it isn't on the Google Play Store. I doubt most Android users know how to install apps from anywhere else, much less search other app catalogs. So I guess I really shouldn't be amazed at all.
nah, you don't need a permit for that... you'd just need a computer without a boot chain of trust, too bad those things exist only in museums and landfills nowadays, have fun digging through trash to find your slow-ass 5 year old 18-core RISC-V 256G RAM SoC for witch there is an exploit to break it's chain of trust. Oh and make sure nobody notices, breaking the chain of trust is obviously illegal, and for good reason you could try to break the DRM of a Neuralink-Entertainment-Stream, we can't have that.
I don't like the tone of the comment (feels like a tantrum) but unfortunately this happens more often that people think.
What I find interesting is the little information they give you after a ban. Apparently if they explained the reasons of the banning then other people could use that information to find flaws and 'game the system'.
This means that, if you deliberately made something against the rules and were banned, you can then 'explain your mistake and the measures to not do it again'. But if you don't do anything unusual and simply break one of the crazy rules they have by mistake, it's game over.
P.S.
If you have a blog and practically all of your visits come from a single source (perhaps a link in something popular) don't EVER use admob on that blog. You will be banned.
You're not wrong that it's a bit of a tantrum, but after spending years working on a app and then being banned out of the blue without any recourse or even information, I think the author is entitled to a bit of a tantrum.
It's true that giving all details might lead to people gaming the system, but c'mon, a bit of details wouldn't be so bad.
This isn't some sort of fairly inconsequential website like HN or Reddit we're talking about, but literally people's livelihoods. This is like the cops walking in to your house to arrest you for theft, but they won't tell you what you stole, where you stole it, or how they know it was you. You now go to prison, have a nice day.
Perhaps they're right 95% of the cases. But in 5% of cases they're wrong, and bye-bye livelihood and many years of work down the drain.
When I had a small scale business Google was difficult to work with. Practically impossible to start advertising for amounts around a couple of hundreds of dollars a month. The support organization even gave advises for the wrong services.
I still own some apps that Google Play removed because they don't fit some "programs". The thing is that the apps never opted in on those "programs".
For companies I work with that spend 1 000 000+ Euros monthly on Google services it is the opposite way around. Staff from Google more or less are fixing everything, even setting up Google Analytics reports and so on.
Google will be the tell when it is time to sell all these insanely overrated stocks that we all own.
Setting aside all of the other absurdities that Google has been throwing out here, the one thing that really gets to me is the concept that "ad fraud" is even a type of punishment for Google. I run an site with Google Ads, and users of my site have, in the past, realized this and purposefully ran autoclickers on my ads in order to get me banned from AdSense.
I don't understand how they can blame the publisher for this type of action. I understand they obviously can't pay out for the fraudulent clicks, but instead of banning the account, simply don't count the fraudulent clicks! What's so difficult about that?
I think you then run into the issue of companies trying to sneak fraudulent clicks past Google. If I knew there was little to no chance of repercussions, I would absolutely try a bunch of programs to try and sneak fraudulent clicks past.
It's like if you told a student that there was no punishment for cheating, the questions they cheated on just wouldn't count. This doesn't hurt that bad, because if you were cheating on a question you (most likely) didn't know the answer.
It's not a perfect analogy because advertising doesn't have a limited number of "questions." If someone adds fraudulent clicks to your site, there's no downside to your business. Worst case, these clicks are ignored. Best case, these clicks are actually counted. Either way, your business is unaffected.
The War On General Purpose Computing[1][2] is escalating. The war has moved past trivial fights over copyright/"DRM", and is now directly targeting programming environments.
This seems so self-defeating by these companies. All this will do is push people to learn to develop on the web (arguably where they already are learning), while completely bypassing any built-in API's and stores. Sure, there's stuff you can't access without native code, but at a certain point why would anyone want to risk making their primary codebase dependent on one of these stores?
When FOSS tablets and phones become competitive, I'm really interested in getting one. Maybe even before they're realistically competitive.
Web is being crippled too. Google is clenching its iron grip from both sides (search and browser), while Apple leaves it crippled on its own devices for obvious reasons.
It won't become so without your help, join the fight and make a stand. Every user lost by proprietary platforms tilts the scales more in FLOSS/H's favor. Scale makes all the difference.
This really shows the issues with the private business model in conjunction with critical infrastructure as an oligopoly (as this poses crucial questions with regard to ownership of any reliant products). I know no way out of this short of turning tables.
E.g., have a thorough public review process as a last resort (most nations are investing in cyber security anyway and this may provide a valuable proving ground) and force app-store providers to comply. Providers may oppose the verdict, but will have to provide detailed proof and concise reasoning in an appeal process.
Apparently not only the revenue stream but a ban from the store and maybe other Google services. Seems like a good tool to take down a competitor's app.
We live in a world where people unironically put comments on top of every file in their projects (but only the ones they can easily insert a meaningless string into) like "you cannot disclose this file blah blah blah" and call themselves "grown ups". What's this Android nonsense, can't it just run programs like a normal computer? At the very least if it purports to not be a general purpose computer, then there should be no excuse for security vulnerabilities.
So they created an app that works as a programming environment, one of their users abused the google play services and they are getting the flak for it.
After 10 years working as a mobile developer predominantly on Android and having had a had in publishing roughly 17x fully fledged commercial applications (under the employ of others) I have yet to take the plunge and try to create a viable business through one personally.
I simply don't trust Google to be fair in anyway, and not crush the little guy without reason.
> Unfortunately we also have to inform our users that we could no longer support AdMob for use in their own apps either
Does this imply that Google is holding them responsible for apps originating from their platform which might also have been sources of bad traffic ...separately from their own in-app advertising?
I can think of at least two other apps that do this—which I won't name in case Google is watching. 'Not to mention Termux, which I can't live without. Why is Droidscript being singled out?
Off topic: I won't be buying a new phone for a looong time so I can keep Termux's functionality.
So, what would be needed to start a real, honest-to-god replacement for Android/iOS?
You'd need a whole governance structure for your project so it wasn't controlled by a sole entity. There would need to be assurances that using your project was stable long-term. That there were adults driving the bus, and that everyone could use the bus, etc.
You'd need to provide a roadmap for everything needed to be built to replace Android, piece by piece. (I guess you could re-use sections of open source code, but some would need to be rewritten from scratch?)
You'd need to contact developers, vendors, service providers, etc, the whole ecosystem existing around smart phones, and get them on board with your project. Sell it to them as "no longer being answerable only to Google and Apple". You'll also have to provide alternative revenue sources, as they may depend heavily on Google and Apple services for their revenue.
And then you need to find people to do the work, and get paid for it.
I'm guessing all this would take at least 6-12 months to get off the ground and some serious capital.
I can't find it now, but I read a story that's been repeatedly posted here about someone who got an idea, dropped everything, built an MVP, showed it to potential customers who loved it... and was told "I definitely need this, but I wouldn't pay for it." And then the person realized that the customer was right (the worst kind of right), and that the idea was both awesome and unmonetizable.
In the same vein... question.
Google is absolutely terrible at customer support and handling these kinds of issues. I once read in a comment posted here that they apparently don't even regard issues as valid signal unless 10,000 users are affected. (I've personally always instinctively shied away from app/site feedback buttons myself, and now I know why.) I'm guessing it's because con$i$tent ridiculou$ adverti$ing revenue ("we can do no wrong") has caused the death/deselection of normal customer support feedback loops.
Sooo... could a startup, or startups, fill the absolutely massive vacuum that is being created here?
For every story that trends on HN, how many more false negatives of people being bankrupted are there that never see the light of day? :(
I can only think that this number is probably remarkably high given that stories have to trend on social media and/or popular websites, for multiple days, before a connection is made and the problem can be fixed.
Once again, the more I look at this, the more I get the impression that this is a huge hole that could be filled to great benefit.
But thinking about it, I don't think it would be monetisable:
- It would ultimately be a company taking people's money to leverage a few private contacts. It doesn't take much squinting to see this as extortion and gatekeeping, which happens everywhere but would legally be very interesting to defend (especially against a company the size of Google). :/
- The contact issues only exist because of process and organizational failure, so even if private contacts were successfully established, the signal/noise ratio was ideal, and this company did perfect triage, it wouldn't take long for manglement to hear of the situation and decree that no Google employee were allowed to interact with the company professionally
- The whole thing would have to operate under the radar to operate at all... and maybe such operations exist and are successful, we've just never heard of them. Problem.
Running the whole thing as a volunteer operation maybe sounds like it could work though.
And if issues don't get fixed until >10,000 people "notice" maybe such an operation could have noticeable presence before being acknowledged.
The signal to noise ratio would still be terrible. The company would have no mechanism to work out who was actually being honest.
For every story that trends on HN, 9 times out of 10, it turns out Apple/Google/Microsoft/Facebook were right, and the company was doing something dodgy.
Facepalm. I forgot to mention the stipulation part that I mentioned last time I mused about this.
The platform would require HN profile info, GitHub account details, maybe a keybase identity or two, perhaps a project website, etc, demonstrating years of organic ongoing activity, to be submitted with cases in order for them to be lodged. Basically any and every type of dev-oriented signal that would be extremely difficult for a scammer to fake.
> DroidScript has a user base of over 100,000 people world wide
a user base built on such foundations is no base at all. unfortunately , only open platforms can be considered a solid enough base for building any kind of community
I like most people don't like the idea of a few large groups controlling entire ecosystems. Especially in technology if these companies have a complete stranglehold on the entire system it's not good.
HOWEVER, I really don't think that's the case. I mean look at Hacker News! They built up their brand and product through grass roots efforts. Large ecosystems take notice and recognize, I think, reputation in smaller ecosystems.
When a group gets banned like this and feel it's their only hope, I'm skeptical.
My guess is either these guys are playing dumb or they don't understand why the best software engineers in the world think they're doing malicious stuff. Either way they don't appear to be ready for the "big time".
Google did something similar to me and my ads account about a year back. Nothing short of hiring a lawyer seemed a way forward. I would support a class action against Google.
FDroid do allow subscriptions and ads. They label them 'AntiFeatures' which is not as bad as it sounds; many people will still happy install the App. However FDroid to strictly insist all code is free and open source; this dose mean you are rolling your own Ad and Subscription libraries.
Correct. Newpipe on f-droid has the anti-feature of promoting a nonfree network service (YouTube) but that doesn't mean people don't install it or that it's banned from f-droid.
Google is pretty infamous for the over reliance on automation for customer service. But ultimately the reason why they persist is because they can afford get away with it.
I think one day there will eventually be a class action lawsuit filed against one of these companies for their opaque customer response process.
How did it get this way? How did we allow it and for so long? I really don't know. Here we are, the community involved yet somehow this method of customer [non]interaction grew out from underneath us.
Yes. Android and gmail are my last two to get rid of. I was wanting to play with mail in a box, but this morning had an alert on my phone demanding my birthdate within 14 days. So, I'll be expediting google out of my life within the next 14 days.
I'm using YouTube less and less. The ads have become intolerable, and I had my own bad experience with their copyright violation detection. That's the easiest one for me to abandon.
ublock origin helps with the ad problem but yea ive been using it much less recently as well. there used to be a point where i would get good recommendations on the homepage but all that shows up is trash these days.
i think i must have clicked on 1 short trashy video once and now google thinks thats what im really into. its similar to how annoying it is to use spotify these days and having to be really careful what you play otherwise the suggestions get messed up.
or maybe it's that nudging people to watch more short videos make youtube more ad money. i would rather they just went back to showing you videos from your most popular subscriptions and then a few good recommendations
The funny thing is I can't even vote with my dollars. Most of the ads I get are for insurance companies that have already refused to touch my century-old house with knob-and-tube wiring.
Base Android with unmodified settings is terrible for privacy. If you're willing to put in the work to install LineageOS and move off of Google apps and jail/delete them, it can become a superior option over iOS, if for no other reason that that you can set up competent adblocking and take advantage of Open Source replacements for apps like Youtube that don't transmit as much data.
This is part of why it's tricky to make phone recommendations to privacy-conscious people. iOS is the clear winner on privacy for nontechnical people, and the clear loser on privacy for highly technical people. But a lot of people fall in the middle of that spectrum -- semi-technical -- and then it becomes complicated to figure out what they should do.
Is AOSP bad for privacy as well? I've been migrating all my services and devices away from Google (I've owned nothing but pixels and nexus phones for a long time) but I was hoping flashing to lineage would work rather than buying a new phone.
It's sort of interesting how long this has worked, and as well as automated customer service the same or similar case can be made for automated moderation.
You can often hear people on here excusing this by saying "if they didn't do this, their business model wouldn't scale". Well yes. If you can do the automation and it works then you have a business at scale. If not, perhaps your business shouldn't be a scale business. As is, the negative externalities of this imperfect automation are significant.
Google's business model is where they automate everything, and you keep running on the treadmill. From a business standpoint, its fabulous, and I'd probably applaud them if they weren't so awful.
the problem of a free market in the management of the important hubs of a sector (as is Google for most of the services of its type on the internet) is that they (the big names in the sector, those who reach the top with the free market), are which then once they arrive they can do as they prefer.
the problem of a non-free market, in this matter, would be a government monopoly, with the same problem: they can do as they like.
the alternative to this currently is not easily applicable, and does not give the current advantages of the "big" (whether they are companies or governments the result does not change; really, it is the same).
if you think that Russia and its coming private Internet, or the American NSA security system, or even that I know ... Amazon and eBay, or Facebook and its network (not just the Social Network site, but all its additional services, and where it gets to manage what it manages), or even Chinese censorships on the Internet, are different from each other (to give random examples), think again.
then of course comes troll-boss Trump (they ban him from Twitter and other similar sites) and everyone thinks (confused) that this is not real wath I am writing in this comment.
we are beyond the conspiracy, here the conspiracy comes to life by itself, randomly, without anyone creating it; now in its own life.
who is at the top decides for who is below the top, obviously the developers of Droidscript appeal, they do not like this decision, but they are like everyone else they are subject and subject to the "big".
if you don't want big problems from the "bigs", don't support them, don't use them.
It's seriously time to re-embrace the idea of ownership and control of our devices, and reject Android and iOS altogether. Developing for those platforms has become worse and more restrictive over the years, and this kind of crap is now just everyday news.
How good are Pinephones[1]? Are there better alternatives?
The biggest problem with "alternative" platforms is just the lack of app support.
I used to have a Nokia N9; great phone. But it didn't support WhatsApp and I was out on the loop on the WhatsApp chat all my other coworkers were in.
Then there's things like banking apps, flight check-in apps, food ordering apps, dating apps, etc. etc. Can you do without those? Sure, of course. But if I want to order food where I live then the only option is to use an app.
No platform will have any chance of any sort of adoption unless it supports some way of running those apps. There are options here, for example Jolla/Sailfish OS can run Android apps (no idea how well that works in practice; the latest update says it supports "Android 9, and the support for Android 10 is already nicely on the way").
It's a "vendor lock-in" ecosystem that's worse than the Windows lock-in of yesteryear IMO.
Since I don't really use my phone all that much I decided to "just use an iPhone" (because it's the only phone that's not huge), even I think they're really horrible.
I use Sailfish OS and the android compatibility layer is decent, but not perfect. Some apps have issues understanding the network connectivity state, and photos taken with the Sailfish camera app sometimes don't show up in the Android file selector until the compatibility layer is restarted. Other than that, most apps work fine. (I mainly use it for spotify, slack and maps.)
> It's a "vendor lock-in" ecosystem that's worse than the Windows lock-in of yesteryear IMO.
For regular companies, if they want to shoot themselves in the foot by not being on the web, they're welcome. It's not such a huge issue as it would be with government for example.
Also "any chance of any form of adoption" is a bit overstatment. I still use a dumbphone, and if I migrated to pinephone, lack of the kind of apps you mention would certainly not concern me. Even then, many apps have web alternatives here, or alternative GPLed clients for Linux (that includes whatsapp, apparently), that can be made native on pinephone.
"Not being on the web" doesn't seem like a huge footgun. There are probably more people with a mobile phone and no traditional computer than the other way around, especially if you go outside of the US and Europe.
Revolut, Grab, Gojek, Tinder, WhatsApp, and many more are all successful that offer a mobile-first solution, with either no web/desktop client or just as a an additional client (usually with fewer features, and/or still requiring access to a smartphone).
> Also "any chance of any form of adoption" is a bit overstatment. I still use a dumbphone
Of course it's possible; but depending on what your interests in life are you will pay a price, and in practice for the vast majority of people the price is too large to use a non-Android/iOS compatible device.
> many apps have web alternatives here, or alternative GPLed clients for Linux (that includes whatsapp, apparently), that can be made native on pinephone.
Unless they somehow hacked the encryption, you're still going to need a connection to the phone's WhatsApp client.
> Unless they somehow hacked the encryption, you're still going to need a connection to the phone's WhatsApp client.
Apologies if I sound a bit naive, but what would be there to "hack"?
WhatsApp clients are available for many platforms, whatever encryption they might be using can easily be figured out by decompiling the code, and if they are using a key on the client side to do any encryption, that key is available for extraction from the distributed client too.
Basically, my question is what can a closed source downloadable client do to protect the encryption it uses to connect to a public network?
Well first of all that's just total BS, but secondly this thread isn't even about privacy. None of this is. In fact your comment is the very first mention of that word in this thread.
I dream of a dual phone (conceptually 2 phones glued back to back) where you do web and open stuff on one side, and the inevitable proprietary apps on googled-android on the other side, with a quick button to freeze the prop side (for power saving and mitigating spying).
(Or same where the 2 phones are somewhat multiplexed on a single screen, preferably in hardware.)
You can do it on Pinephone with two different independent operating systems, one on the eMMC storage and the other on the microSD card. When you put in the microSD card, the devices boots from it. Otherwise it boots from the internal storage.
You can do the banking (from most banks) and food ordering from a web browser on your smartphone. No apps required. Grubhub, Uber Eats, Doordash, all those sorts of things. Most of them have a web version, and you can use that instead of an app most of the time. Just shake loose the Apple-induced app mentality that keeps you locked in.
A lot of hardware devices require use of an app these days. Any with wifi will also require use of location on ios and are thus unusable if you have location services disabled systemwide.
I just returned some IP cameras recently because of this.
No, it's the bad hardware. With high-end hardware, it would be no problem to just run something like anbox and immediately have most of the important apps running. Except asshole apps that require DRM/safetynet of course, but I don't use them on my current android phone anyway.
I keep hearing this and it's totally wrong. Desktop Linux has a huge app ecosystem and arguably has more high quality software than Android does. All of this works on the pinephone and other similar devices.
Okay, so how can I chat to my friends or companies with WhatsApp on Linux? How can I order food similar to Grab or Gojek on Linux? How can I get a date on Linux like Tinder?
You can't. Sure, there are technological solutions to all of those, but in the real world that alone is pretty much useless.
> if you're using Whatsapp at all you're either massively ignorant or stupid.
Lets not name call here. Many people have different motivations and concerns different than you. Most people likely already gave facebook their number, or someone else did for them through contact book sharing.
I think many would argue that thinking Facebook doesn't have your phone number is either massively ignorant or stupid. After all, it only takes one person you know signing up and allowing access to contacts.
That said, I am considerably less concerned about Facebook having my phone number versus Facebook being able to mine all my conversations to create a pretty complete profile of who I am and what I do.
I have never uploaded my phonebook to WhatsApp durring the short period I used it nor did I give my number to Facebook (either by entering it into my profile or by answering the nags to enable 2FA when I used to use the site.) It was not included in the recent leak (which doesn't mean they don't have it.)
And you still need the phone app for that Linux client; everything is routed through that.
Good grief, I keep bloody repeating this. Do you people actually read anything?
> Although, if you're using Whatsapp at all you're either massively ignorant or stupid. I mean, giving Facebook your phone number is just not wise.
I'm a normal human being who values social contact and doesn't want to pester all my friends in using some other app, and a lot of businesses use WhatsApp here too.
I am neither "ignorant" nor "stupid". This is literally the worst of HN right here. Do you even listen to what people have to say and consider perspectives outside of your own?
I can't help but notice that it's not a “Linux”'s job to do something about WhatsApp demanding this and that from you. It's a problem (let's not belittle it), and it's yours (well, you share it with others).
Also, people who can't get in touch with you because you don't use some fad-of-the-year app are not your real friends. Tell them that you still use MySpace (wearing a Myspace T-shirt), or prefer WeChat (a billion of users can't be wrong), and see how it goes.
> Also, people who can't get in touch with you because you don't use some fad-of-the-year app are not your real friends.
I'm in touch with many people, most of whom are not close friends. To break up a social contact just over this is too high a price to pay (and acquittances can be upgraded to close friends over the years, too, but not if you start by badgering them in to using some other app).
I got my Pinephone last week, and have been fairly surprised that it's reasonably usable. I viewed the purchase more as a donation and a signal that there is a market, but I've been using it more and my Android phone less as the days go by.
I'd encourage more people here to purchase one, even if just to tinker with. There's so many "I'll buy one when it's ready" replies, but that may never happen if there's no money to fund the companies trying to make an alternative to Android/iOS.
Android is opensource, and is technically really great. There is a great opensource community of people that are very capable in this area, and supports already the vast majority of devices in the world.
You only need to get rid of Google. Which many custom Android provide. Personally my smartphone is a Pixel 5 (IMO best smartphone currently available that fit in a hand), running Android, without any Google application. I'm very happy with it, and from what I discussed with Pinephone users, it's lightyears more usable than what exists for Pinephone.
More and more functionality is being shoved into Google Play Services. I have a deGoogled phone running Lineage, but even with that, no Google Play Services, and some custom settings (like changing the captive portal URLs), there's still network traffic to Google. Add in relative unknowns like AGPS and the situation gets even worse. I also have no push notifications for most apps, have to keep a static notification so Android doesn't kill apps like my email client, AND still run micro-G for basic functionality to work. Oh, and thanks to SafetyNet there are still apps that refuse to run, even with systemless "undetectable" root.
Android itself might be really good, but it's pretty obvious that deGoogled phones have a strong chance of being functionally useless in the future.
The ratio of available apps of Android without gapps over pinephone is still more than 1000 fold, despite SafetyNet or other reliances on Google.
For push notifications, microg does fill the gap, so I'm not sure what you're talking about. UnifiedPush is coming to fill this gap without violating Google's ToC, with self-hosting, and fully FLOSS. Is anything like that coming to PinePhone or Librem?
The Google phone-home "features" can be removed, and this is exactly the point of this thread. Android is opensource, you can control this platform however you want, especially removing all connections to Google services.
I'm guessing what you're saying is that you installed some custom Android ROM, and expected it to remove any Google tracker, but that's a wrong assumption, most Android ROMs don't target deGoogling.
Even my AOSP GSI, with FLOSS variant doesn't target removing Google phone-home features. Why? I don't approve of any data collection on Google's DNS, AGPS, or generate 204, which means it is illegal for them to use it to track me without my consent, and I believe that they are not total outlaws. Running a DNS, AGPS, or even generate 204 reliable infrastructure is hard.
> I have a deGoogled phone running Lineage, but even with that, no Google Play Services, and some custom settings (like changing the captive portal URLs), there's still network traffic to Google.
I'm running LineageOS without Play Services too and didn't about know this!
Do you have any reference materials (I guess getting busy with Wireshark and the source is my next step)? I found this Reddit thread[1] talking about a connectivity check but am keen to start tracking down any others.
> Small numbers (1-3) of stuck or dead pixels are a characteristic of LCD screens. These are normal and should not be considered a defect.
Their product line does not really inspire much faith. I can't say I've bought a device in the past 10 years which has dead pixels on the display. To me, this is a defect, given that I can pick up a device, overwrite Windows with Linux, and have a device without dead pixels.
Check out their philosophy[0]. They aren't exactly a company targeting end user consumers. They want to put affordable hardware in the hands of a community of tinkerers.
Good luck with that. See how long that last, if the current trend continues.
Soon you might have to aquire a certified developerversion to unlock your device to tinker with it.
This warning is present, albeit in much smaller print, on all devices with a screen that you buy. The unofficial apple policy appears to be "repair starting from 1 dead pixel on iphone, 3 on ipad". Samsung has a policy which depends on the screen type: 1 for normal LCD, 3 for Super AMOLED, 4 for WVGA-resolution LCD. Every single manufacturer has this kind of clause, you cannot fault pine64 for this.
Though of course as it is a much smaller venture, you can’t hound a sales rep until they accept to repair it nonetheless.
That warning is designed to scare away 'regular' consumers, so it's doing its job. If the prospect of a couple dead pixels scares someone, they are not the target customer for a PinePhone. It is absolutely not a device for the average consumer.
How do you know if you're the target customer for a PinePhone? You read the 'dead pixels' warning and think 'I don't care... I want a Linux phone'. People who would find a couple dead pixels unacceptable would also likely find the features and functionality of it unacceptable as well. For months it couldn't take pictures or (reliably) make phone calls/text.[1] Now we can take poor quality pictures and have marginal phone functionality and think life is good! It's not that we're nuts (ok, maybe a little ;-) but rather that we accept this a long term process/effort and not something that will be even remotely perfect anytime soon.
[1] Hell, mine will never be able to reliably work with most USB-C chargers due to a hardware bug in the first iteration. Didn't care... I want a Linux phone! (and I'm too cheap to replace the board, I'll wait for a v2 to fix that and other issues)
I’d be hesitant to jump on another platform unless it has a way of locking down app permissions similar to iOS. I think it’s been shown that the app review process is a farce, but the permissions system like the new app tracking feature is great for privacy and security.
If this droid script equivalent were going to start reading my emails watching me through the camera, reading my clipboard, or tracking my real world location, I’d definitely want something that alerted me to that before it happened.
> If this droid script equivalent were going to start reading my emails watching me through the camera, reading my clipboard, or tracking my real world location, I’d definitely want something that alerted me to that before it happened.
Android has supported permissions since at least Froyo (2010), and these permission requests were made on-demand/runtime rather than pre-install with Marshmallow (2015). So Droidscript would be unable to do any of those things (except reading the clipboard) until you explicitly granted those permissions to the app.
Remember that you can still use Android without Google apps entirely. Depending on how popular your device is, you can retain close to 100% of functionality. You can also use banking apps etc. but methods are in constant flux and it's an ongoing battle
Maybe it's just time to see phones as what they are - a phone.
I don't really care what software is ran in my truck, as long as it works (And that's why I'll not buy a Tesla). It's a phone, use it to call text and guide and browse some internet. That's it.
But for many people, maybe even most people, they're not just "a phone". They're a multi-purpose tool that comes in the form factor of a mobile phone. Camera, chat, web browser, games, social media, music player, access to nearly the sum total of human knowledge... Treating such as tool as merely "a phone" doesn't make any sense.
It’s still a phone actually and colloquially even if I use the Phone App infrequently.
The point isn’t what you call it. OP’s point was and I agree that you don’t need to have full control over every device that can possibly run code. Just let it be a device that does its thing.
It’s the difference in people that want calm technology vs “power users”. I want the device to exist waiting on my input and even though I have deep knowledge of its internal systems and processes, I don’t care, I just want it to work, solve a problem for me, and I’ll put it away.
Go ahead and root your phone to do whatever actively complex thing you need... it’s a tool for me and I personally want the walled garden to prevent it from possibly not working when I need it.
> you don’t need to have full control over every device that can possibly run code
I argue that if the device sends data to third parties over radio/internet and/or the manufacturer can remotely push updates that changes the devices behavior then users must have full control.
Something like that should become law.
Then manufacturers can keep devices locked down as long as they stay out of the surveillance game.
> The point isn’t what you call it. OP’s point was and I agree that you don’t need to have full control over every device that can possibly run code. Just let it be a device that does its thing.
That's not how I read the op, who said "It's a phone, use it to call text and guide and browse some internet. That's it". The tone in that reads not like "you don't need to..." it reads like "you should not...", which I disagree with. I rarely use my phone to make calls. I use it as a multi-function tool of tremendous capability. If I wanted a simple flip phone, I would have bought one of those, instead.
I envy your chill. We all do need to take a deep breath at times and realize it's truly a first world problem.
With that said your truck analogy isn't perfect. Your truck will last as long as you keep it going. That can be 20 years or more. It would be more like having a truck that the doors do not lock anymore after 2 years and you cannot fix that you must buy a new truck if you don't want thieves.
Also I think the analogy doesn't quite work because a truck is a truck. You can do some customization, you might (or not be) able to change some parts, or being a mechanical engineer you might even be able to repair it or enhance. But it will always fundamentally be a truck.
The difference from phones is that a phone is a computer, and as such it has computer's endless potential. For some it can be just a phone, sure. But many people want to use it as an extension of their mind, as knowledge management tool, as a creative tool, etc. The frustrating bit is that is many aspects phones are much nicer and better suited for such tasks than regular desktop computers (think portability, having cameras & sensors etc), yet because of these walled gardens it's much harder for a knowledgeable person to leverage this potential.
You are displaying your ignorance of trucks. For decades now, all automobiles and trucks have included proprietary computer systems. Some are easy to hack and alter. Some are more expensive/challenging, but people do it. An EV is missing _most_ of the mechanical parts that defined a "truck" for a century, and is basically only four tiny motors, brakes, a computer system, and a battery with wheels. The sole characteristics of "truck" that still remain which Henry Ford would recognize are "has wheels" and "can carry cargo".
Exactly. You have almost complete control over it which is exactly why trucks can last so long IRL. If your radio stops working you don't need to buy a new truck.
Phones are the only pocket computers that see quick advances in performance and battery use. For someone who wants a pocket sized computer, it's just most convenient to combine it with your phone.
But they are horrible as production machines, at least until when our brain is no longer using our body as interfaces.
For pure pocket sized computing, why not use RPi? It's both much cheaper, more customizable, and it runs Linux. With enough tweaking you can make it run completely headless, plug-and-run mini computer that you can ssh over local network.
I think the biggest problem with the combining idea is that computing in general is about productivity, and phone is about phone stuff.
It's not much cheaper if you want battery, LCD with CTP, and perhaps a LTE modem for non-wifi mobile internet. Also it would have a horrible form factor.
Pinephone is basically a smarthpone shaped SBC, with much better software situation than rpi, and you can use it as such. I ssh into mine all the time. You can connect anything you like to it via USB hub, incl. the full keyboard and mouse. You can use bluetooth keyboard, and just do normal computing you'd do on your dekstop, etc.
Except for small display and lower performance there's no differnece.
Phones are kinda too small, but iPads (which are, in essence, oversized phones) are just fine for production machines if you don't equate productivity with programming.
With a Pencil and Procreate, it's really hard to beat for drawing and illustrating. With an external keyboard and some kind of stand writing is a joy, I like it better than on a proper computer because of a ton of little things that help me keep focused and because the device is so portable and doesn't have the laptop form factor with a permanently attached keyboard, with bluetooth periphery it's more like a wireless battery-powered external screen.
Light to medium spreadsheet work is also totally doable, and I've build dozens of slide decks in various apps, with hand-drawn illustrations.
I use a Pi as a mini server, but doing creative work on one, I can't imagine that to be as nice and slick as on the iPad. Last time I tried the PiOS desktop, it definitely wasn't.
You're absolutely right about drawing and other 2D renders. I may have overlooked this because I have not a bone for arts in my body and prefers the terminal to UI.
I uninstalled all social media from my phone. I feel so much better.
I use it for chat apps, phone calls (usually via chat apps), and occasionally wandering around Imgur when it would be socially awkward to not be on my phone.
The rest of the time I've come to appreciate being present in the moment.
So yeah, I'm looking at the new generation of Linux phones with interest. If I can run the chat apps in a browser OK, then I think it might work for me.
When loitering, I've found that phones are a strong signal that distinguishes those uninterested in engaging with the strangers around them, from those that are. When trying to convey one's innocuousness to the wardens of a domain, it can be helpful to use your phone.
Related, if in a group, everybody else disengages to be engrossed in their phone, it can be helpful to do the same if one does not want to demonstrate a vulnerable dependency on the generosity of their attention.
A lot of awkwardness comes down to self-perception of vulnerability.
I'm a middle-aged white guy. In situations where everyone else is 20 years younger and dressed in half the clothing I am, I come across as a total perv if I look at anything except my phone. Or at least that's how it plays out in my head.
I do find it useful to sometimes be absorbed in my phone and not aware of what's going on around me. Or at least to have that impression.
> Maybe it's just time to see phones as what they are - a phone.
Maybe it's time to call phones what they really are: pocket computers with a legacy voice call functionality that is increasingly irrelevant to anyone who isn't a Boomer.
Now, regarding the locked-down of both iOS and Android ecosystems, I can see both points of view. The majority of ordinary users need to be protected from increasingly sophisticated malware stealing their online banking credentials or other mischief, but power users also need to do whatever they want to do once they've signed a disclaimer
> pocket computers with a legacy voice call functionality
I don't necessarily agree with this, because this is the direction that everything is moving towards.
It is so much cheaper to embed an SOC into everything that needs some form of automated/assisted control. Not necessarily a good thing, but that's what is going to happen regardless.
Your fridge can become a pocket computer with refrigerating capability - but you'll still see it as a fridge. It's really about how you see and utilize these items.
Indeed! Half seriously, we just need thermoelectric generators to get efficient enough, and then our phones can be powered directly from our body heat, and also refrigerate us on a hot day!
You don't need to use any of the driver assistance features. It’s not doing any of that if you don’t explicitly engage it and sometimes even requires enabling settings toggles.
Here's the deal though, when I press the brake pedal in my truck the force is mechanically applied via a hydraulic system to brake pads in the wheels.
I've read that Tesla abstracted all that with electric signals coming from a computer, now a proprietary software system sits between my legs input and the brake pads.
What if it goes wrong? You can try to convince me that it is an RTOS where signals from the brake pedal have the highest priority. And it seems to be that way, but I'd rather not.
I've dealt with enough computer problem to trust some onboard computer that can receive updates from the internet over how I brake.
Not sure where you’re getting your FUD. The steering and breaks on a Tesla are mechanically connected with electric assist motors just like all modern cars, including your truck.
Per mile driven Teslas are the safest vehicle on the road. The software helps ensure the safe operation of the vehicle. It’s really not that scary. The software is overlaid on a pretty standard vehicle aside from tue fact that it uses electric motors instead of an internal combustion engine.
One thing that comes to mind is that the wiper functionality has to be accessed from the center console touchscreen, and generally when you need it on you need it right then.
Most users would prefer a mostly safe experience and gladly give up the option to run arbitrary code on their device for that experience (including arbitrary code they've written). In an all-out "this or that" between allowing IDEs on the Play Store in general and giving the average Play Store user what they want, the IDEs would lose.
But it does suck if there is no legitimate way to release an IDE targeted to run on a mobile device via the Google Play Store.
Most users don't really understand what they're giving up when they give up the option to run arbitrary code
As with privacy (Facebook privacy settings, cookie boxes), it's easy to bamboozle the general public with complexity and then interpret their confusion and (violated) trust as consent.
I will burn karma forever on continuing to assert, on behalf of the average user, that even if they don't understand the details they do know what they want.
It's not like people didn't have the experience of using Internet-enabled devices without an app store equivalent in the nascent days of the Internet, where many options were good, a few would inject malware onto your system, but (most importantly) all of the options were equivalent and there wasn't a "correct" one to choose.
Don't make the mistake of assuming that people spend so much on Apple products for no reason. A major portion of the marketplace likes the lack of choice paralysis. The ability to run arbitrary code is one giant choice-paralysis engine. Google has found a good middle ground in selling a device that is basically configured as "safe by default, but here's the break-glass button if you want to run arbitrary code and maybe be more vulnerable to someone tricking you into root-kitting your own device," but their average customer would still rather never worry about the risk of rootkits and they have the data to know that.
If we are to be in the business of protecting the right to free(-as-in-speech) machines in the mobile ecosystem, we need to understand the average consumer that is paying the bill for that industry to exist, and asserting they just don't get it isn't how you start that process.
This is one case though where that lack of understanding leads to the right conclusion. The average user is giving up nothing by losing the right to run arbitrary code, because they never were running arbitrary code.
JavaScript is allowed on iOS and Android already. So if Goole or Apple do not allow you to run some scripting language you want then the reason is not security(the sandbox and permissions should be enough and if is not enough then it means the sand boxing is a lie).
... which is, unfortunately, a weakness of F-Droid's own making (for the right reasons!). Because they don't do stat-tracking on users, they don't have numbers. So Play Store is able to claim "1 billion active monthly users" (as of 2015) with some certainty, F-Droid can give an approximation and a shrug.
Tweaking your wording slightly, it's basically the fundamentals of social contract theory.
I may have the freedom to bash my neighbor's head with a rock, but they have the same freedom to do the same to me. This isn't as useful as the freedom to sleep at night, so we voluntarily give up this freedom.
Reframing to the topic at hand: if the freedom to mutate the code on my mobile device makes it more likely that I'll get pwned by some clever social-engineering than the odds I'll improve my quality of life by tweaking some behaviors on the phone, then it's entirely rational for me to give up that freedom. And, indeed, millions of phone purchasers annually make that decision.
Ditching Android is not a good solution - see the application support problem on Linux for why. What we need is a serious and well-funded Android "distro" that lifts Google's dumb restrictions and reimplements Google's proprietary APIs for compatibility. MicroG is doing very well on that second part, but due to lack of funding still has far too many holes.
No amount of funding can fix this, at least for all use cases where apps communicate via google services between phone and app HQ. The average bank is not going to send data between bank and user via microg-operated pipes instead of google-operated pipes because 0.1% of their users don't like google.
The average banking app doesn't communicate via google-operated pipes. Basically the only thing I've seen baking apps do via Google (and I've reverse-engineered quite a few) is the SafetyNet check to ensure their bullshit policy about modified devices. Well, that and notifications, but microG already emulates that library and uses Google's servers afaik.
If a phone manufacturer started shipping Android phones without GApps and they got popular enough, developers would start being more careful with relying on Google Services. We saw this with Huawei - their phones are reall popular where I live and after tons of complaints from huawei users, a bunch of companies fixed their apps to gracefully handle the lack of Google Play Services.
It doesn't much matter how good they are, since you can't buy them (their products are usually out of stock for months at a time; right now, they are in pre-sales etc).
I like what they are doing, but it is definitely not mainstream products.
When Mozilla was trying to get their OS for mobile phones, I think they stepped in too early. Right now it's probably a better time for an alternative.
The second step only happens for a small select group of "things." There are myriad apps, people and organizations that Google has blindly banned with no recourse or reasonable appeal that we will never hear about.
The bigger point is the system is clearly broken, but how in the world can you fix it?
The problem is really just a matter of scale and the unwillingness of Google to sacrifice any of it's margins.
There are plenty of other companies that have many more humans in the chain where problems like these eventually get resolved once proper appeals are conducted or someone physically walks into a business and participates in whatever verification method is required.
The idea that Google is somehow special is laughable. Compared to some other industries that are directly consumer facing the number of apps and developers is actually small.
Also, they're not doing it without pay. They're taking a 30% cut from an industry approaching a trillion dollars in annual revenue. Again, the idea they can't solve this problem if they were willing to spend the money is absurd.
I've declared Android is malware then:
The whole point of an OS is to run code for the user but Google has turned it into an additive adware delivery platform.
i hope one day someone hacks google and puts all their servers offline and puts a text saying: this service is not inline with our guidelines. Even if it's for 1 day, just to give them a small taste of their own non-sense. If you buy something, it should be yours to control. If i buy a plate, you dont get to decide what food i eat. The phone space is currently completely controlled by 2 giants... it's sad.
On one side I'm being bombarded with news about Google's anticompetitive greedy practices and disregard for customers. On the other side I'm being bombarded with news about Apple's anticompetitive greedy practices and disregard for customers.
Damned if you do, damned if you don't. Which to choose? About ready to just burn all of my electronics and live in a damn cabin.
Assigned CVE-2021-1000040 for this issue because a minimum DroidScript can no longer get updates out to users. They may also be doing bad things, as claimed by Google, but either way the ecosystem will start to get stale and security issues can't be easily fixed right now.
"The Register asked Google to explain why DroidScript was removed and whether it's possible the policy violation allegations might have been made in error. We've not heard back."
Since Google lacks any form of human feedback or customer service the only approach is to bring out pitchforks as soon as possible. Otherwise no clarity will ever be provided.
> Maybe they think the ability to execute arbitrary code is too powerful of a feature?
Yes, probably.
But maybe they can act and speak like humans, maybe even make a phone call before just deleting without notice a well established 7 years old app with more than 100k users, cancelling all revenue from user's subscriptions, and all that while sending bot-like mails just saying that they can't give more information about why they are killing an organisation.
I think this is really serious. A respected business is going to be shut down, real people are going to be fired and Google isn't even able to answer to an email asking why it's happening ?
Trying to see it from Googles point of view though. Perhaps there is a useful distinction to be made between end-user apps, and apps and functionality targeting developers. There is developer tooling to be found outside the Play store. Far away from the general audience and the risk of causing them security issues.
I can't say I agree with it, and Droidscript could well be a godsend to somebody making good use of it.
There should be an avalanche of truly malicious apps and related dev malpractice they could root out from their platform before this.
It could even be. Maybe Google found out they were hijacked in some way and the app contained malware. The main issue if that Google refuses to let publishers know the reason for bans and take-downs.
This presents a component which Droidscript developers can use to display AdMob ads in their apps. AdMob appears to be a Google property.
Some interesting quotes:
> The AdView shows advertisement banners from the popular AdMob platform.
> Ads are not touchable when running in the DroidScript IDE.
So there's a confirmed experience where actual ads are displayed in a non-standard way? Any guesses if this violates Google's ad fraud policy?
> Warning: Don't repeatedly click on your own ads unless you are using a valid testId, or Google may suspend your Admob account!
So it's the responsibility of individual users to correctly configure their ads to avoid committing click fraud (accidental or otherwise).
I can see how Google might come to the conclusion that Droidscript has built a platform for committing click fraud, whether that's their intention or not.
This seems incongruent with the wording in the original post:
> they ask you for a "complete analysis of your traffic or other reasons that may have led to invalid activity in your appeal". Well, we had no idea what could have caused this and couldn't think of anything we could do
Really? No idea?
Edit to add: I get that there's a larger debate here around the general fight over device ownership and access to general purpose computing. I'm side-stepping that because I don't have much to add. What I do believe is that this particular piece is hardly concrete enough to bolster the case against Google.
I hate when using euphemism slides into flat out lying like this. They are not "unable" to reinstate the account, in fact they are the only party able to reinstate the account, that's why the account holder was contacting them instead of someone else. They are "unwilling" to reinstate the account.
I know it's all just bullshit but it bothers me anyway.