If that's the author's objection, it's like the author never heard of Gmail.
... but I know you were just being facetious. ;)
Honestly, as a developer I don't know if I agree with it or not. If I was in their shoes, it seems like the way to do it. They are honest in what they are doing, but I think its because they know people will forget sooner rather than later.
Furthermore, email was never secure to begin with. E2E encryption has finally been making its way to devices; this is a major setback for the effort.
Are you suggesting the reason they read your email is for search? What about the ads they serve on the promotions tab? What about the fact that it can parse my travel plans and add it to my google calendar? There's a lot more than just search going on.
... unless you're assuming "It's from Google, therefore everybody will be using it next week" or something. And if that happens, maybe people find the ability to have a third party sift their conversation data and integrate it against their other data to solve problems they have to be more useful than anonymity?
I also understand that even by using only Gmail, we too have allowed corporations into our lives but atleast it has not build habits in me of using technology for every single thing.
And people are going to react exactly like they've done before: if the service is worth it, they'll be happy to trade a few bits of privacy about themselves in exchange for the benefits.
Also, I'm not sure the author of this piece understands what encryption is about since he laments that most people don't search with https on. Er... what? If you want Google to search something on your behalf, they have to be able to read the words you type. Encrypting these words so Google can't read them would be comically useless.
Whether you care about privacy or not, I don't see anything "hysteric" about it. Indeed, big companies ARE going to get data on you (and they already have too many).
That said, not caring about privacy seems to me a first world privilege. And only because most people are so boring. Sure, if all you do is work, sleep, buy stuff from Amazon, Whole foods and Costco, go for the occasional holiday, watch some Netflix, rinse and repeat, who even cares if the government has data on you?
Try being an activist of any kind however (even someone like MLK who had tons of enemies at the local and big government level, and volumes of FBI files), rubbing the police the wrong way (e.g. being in some group against police violence etc), or even a regular citizen with some democratic views in any place from Egypt to several shady Latin American "democracies", and see what happens...
>Also, I'm not sure the author of this piece understands what encryption is about since he laments that most people don't search with https on. Er... what? If you want Google to search something on your behalf, they have to be able to read the words you type. Encrypting these words so Google can't read them would be comically useless.
No, but encrypting these words so third parties can't read them would be extremely important (that said, Google has https on by default IIRC).
That's like saying it's not hysterical to say everyone needs Kevlar, because try being a soldier without Kevlar!?
It makes no sense.
People who need to hide things have encrypted options. People who don't, also have options. I don't see the problem.
This viewpoint is tricky. This basically turns encryption use into a big target on a user. If only people who have something to hide use encryption, then everyone using encryption must have something to hide.
Also, your argument makes the assumption that everyone grasps the value of all of their information. Not everyone understands how much of their life can be found out through their Google Maps history.
I prefer to look at it from the perspective of my life not being anyone else's business. If my local MP came up to me and asked me who I'd talked to and where I'd been for the last week, I'd tell them to sit and spin. Why should passive surveillance be any different?
"With M, you are speaking one-on-one with a bot, the bot isn’t monitoring every single thing you say to your friends."
how is that even relevant in this context? you're not comparing Allo to M in isolation, you have to compare it to both M and the Messenger product. in that case, FB is obviously harvesting data from your conversations. even if it is just to train M on how to communicate (a very big if) they would be insane not to.
the author doesn't understand much about the ecosystem as a whole (and considers Allo to be a market leader before launch). lazy reporting, and quite disappointing.
I've noticed over past year that internet security / privacy has become something of a clickbait topic for media outlets with no reputation for writing about it. Usually after reading one paragraph that becomes all too apparent. Sadly that doesn't prevent the headline from becoming mythological truth in internet time.
Even better if there were a law that would require internet service providers to provide such a guarantee for people that want it. Make the tradeoff between a few bits of privacy and the benefits realistic, not "either you surrender your privacy, or live as an Amish".
How about we don't allow companies to monetize any other way than directly? E.g. by having paying customers for their services?
Killing all ad-supported BS will make the internet so much better.
First, it's calculated that a hefty sum of most product purchases is there to cover its advertising campaigns.
If you're rich of course those are peanuts -- what's 10% or 20% more on your groceries and other such purchases? Instead of, say, $40,000 you'll spend $45,000 but no big deal, since you make $1,000,000 per year anyway. But for a poor person, $500 vs $600 is a much bigger deal.
Second, most people (even if they think otherwise) would buy less stuff, and less pricey stuff, if it weren't for advertising. That's what sells a $2 dollar bottle of water that's basically glorified tap water over a 50 cents one, or even regular tap water. Without ads, it's mostly buying what you need, and based on utility, not rushed purchases because some ad hit some subconscious emotional strings.
Let's put it this way: if you're worth $N dollars to Google, those are $N dollars (and more) that Google ads will get you to spend. Advertisers (and companies getting advertised) are not doing it to lose money.
It will only become worth it once the size of the network reaches a critical mass. It could have all the cool features in the world but still be completely useless if you can't use it to reach your friends.
And the article is not talking about using HTTPS when searching, but rather "Incognito Mode", which dissociates some of your personal data (e.g., Google account) from your searches.
I don't own a car because I fear that the registration systems for licensing and taxes will gather information about me and we know that those government data systems are most vulnerable to attack.
When I travel, it's by bus only - requiring a form of identification at the airport is a front to government spying. Unfortunately, the bus systems are starting to require too much information as well and when this fully happens I'll have to stop traveling by this means too.
Voter registration is unfortunately a front for other malicious activities - such as jury duty, a state-mandated intrusion into my most private information and thoughts - not even bringing up electronic voting - so I stay away from those booths.
I find that just renting an apartment requires too much sharing of my personal information, I try to provide the minimum, but I still find my address on the web and you can see where I live on google street view which is very frustrating.
I don't talk to others and when I do, I don't tell folks anything about me, I'm concerned that they may tell others and pretty soon everyone is going to start showing up at my home and my job and frankly I don't want to answer my door buy their stuff - or worse - they could be hiding violent tendencies.
Today's society makes it extremely difficult to be a nobody. If I could crinkle into a ball and fade away, I would, but, unfortunately, I'm still breathing.
But, this is somewhat worrying: "If I could crinkle into a ball and fade away, I would, but, unfortunately, I'm still breathing."
If that's not a joke, you should probably see somebody about your depression.
There's the rub. For the most part you'll never know, unless it reached epidemic proportions.
"Sorry the apartment's gone" - Google told me you had financial problems 15 years ago.
"" (silence) - We infer from the internet you're gay so won't be offering you a job interview. It's illegal discrimination but can't be proven.
The effects of losing privacy in the scenarios you list are mostly invisible. The chilling effect on having legal but fringe or unpopular views has already been demonstrated.
So there is a downside for many. They just don't realise it.
I suspect there is downside for far more than is generally believed.
How many jobs carry some googling of candidate? Nearly all of them.
You can now discriminate against just about anything you can dscover in search. Politics, religion, "too many" photos of parties, pro or anti any topic. None of these things are the business of an employer or landlord and would never come up pre-google unless you chose to share them in your application.
It's naive to assume none of these occur extensively. Gender discrimination has been illegal for years yet is still widespread.
... what does your point have to do with allo ?
Brendan Eich lost his job due to information stored in a database.
(Oh, and yes one giveaway is "I'm concerned that they may tell others and pretty soon everyone is going to start showing up at my home and my job and frankly I don't...". This coupled with a history of using irony and/or sarcasm and I am sure this is as well.)
This is clearly paranoia. I'm not sure I can take anything from your comment other than you are very paranoid.
"A girl has no name."
If you avoid all that stuff (social interaction, talking to others, owning a car, renting an apartment, traveling by plane, etc) there must be a justification so that what you get out of avoiding it is more important than what you miss not doing them.
What that would that be in this case?
It doesn't sound like it's freedom.
Plus, if your attitude is "unfortunately, I'm still breathing", then how is owing a car or flying by plane or talking to another any worse than that?
Except if this all is Poe's law. In which case, this is a "slippery slope" fallacy which misses the whole point. In which case, if one doesn't have experience with something like a dictatorship, like my country and many others had, it's easy to snark such BS about privacy.
1>how do you handle cellphones?
I found there is few option that you can have LTE network without giving up your identity.
2>how do you handle online payment/shopping such as Amazon?
In 2007, I removed all traces of myself from the internet. Now, if you search me, I don't come up (try it). I likely have google profiles, but I can be sure that none are tied to my real name.
I've been arrested three times, but good luck finding my information in the system, after filing a DMCA takedown notice for violation of my intellectual property rights.
if you're trying to engage in commerce in the modern world, you need to learn trust law. put your assets in trust(s), and retain no personal liability for anything. If your house is owned by another entity that isn't you, and you don't even have a rental contract with that entity, that means you're legally homeless, even though you have both a home and a claim to the property. it's much harder to find you when a Bermuda Trust Corporation owns your home.
I travel by bus and car, though I have an enforced and recognized adverse claim under UNDHR guaranteeing my right to travel unencumbered, which took a bit of a rodeo, but was definitely worth it. "I" am the holder in due course of the New Vehicle Identification Statement (NeVIS) for my car, which means I retain full lawful and equitable title for my property, and do not require a license plate (Steve Jobs did something similar).
With the recent adoption of the UN Declaration on the Rights of Indigenous Persons, second-generation-born-on-American-Soil persons can claim indigenous rights. When it comes to travel, Jay's Treaty makes travel for indigenous people simple; mention it at the border, watch their face light up, and play the Legend of Zelda "secret room" music in your head as you're waved through without more questions.
Citizens have three jobs: Answer your mail, pay the taxes you owe, and Vote. Make sure you reply to all contract offers (those you are obligated to respond to, that is) within 72 hours of receipt. If you get jury duty, inform them that your attendance that day is without prejudice (but attend).
Unfortunately, when it comes to other people, we are definitely in a world of surveillance, which has a chilling effect on other people's ability to stand out from a crowd. The public will punish square pegs that do not fit in round holes, even if they aren't in any way harmful to themselves or others. The best advice I can give is to take a cue from the CIA - Trust, but verify. If someone starts showing signs that they disagree with your lifestyle or political stance, withdraw from having that conversation with them in the future.
Don't crinkle in a ball. Just learn how to survive in a world designed for slavery.
This is also under the assumption that the person in question isn't a sociopath.
> Voter registration is unfortunately a front for other malicious activities - such as jury duty, a state-mandated intrusion into my most private information and thoughts
How can you get to that point and not immediately understand that it's obviously satire?
By having encountered people who express exactly that sentiment and are deadly serious about it.
Which aspect of that statement do you find satirical?
Jury-duty forces someone to have an opinion on record about some contentious topic. By most accounts that is an intrusion into one's private information and thoughts.
Except those are more like "Watch out, Murica. Gummint jerst wants you to register so's they know whar to go when they come to terk yer guns! After, they'll round us up into consarnitration camps 'n' turn us all inter hamburgers ter feed th' lizard folk what runs ever'thin'."
They pay non-Mint silver bullion rounds for all their transactions, and only travel at night, by horse.
Poe's Law applies.
Who are all of its biggest competitors? Messenger sure doesn't do this (does it even have E2E at all?), Skype doesn't, either. Telegram, even if you considered it a big competitor, did they finally enable E2E by default? Or do you still have to open a "secure chat" for e2e? Kakao, WeChat, ... who else?
Honestly, aside from WhatsApp, I can't even think of one which anybody would consider "big".
That's indefensibly different from "All".
EDIT: Cool, I just learned iMessage is encrypted e2e! That's "Two" :)
Didn't know WhatsApp had default e2e encryption. Might install it and check it out. I imagine it sends some sort of personal information back to the facebook mothership, though.
Over the past year, we've been progressively rolling out Signal Protocol support for all WhatsApp communication across all WhatsApp clients. This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.
As of today [2016/4/5], the integration is fully complete.
The client (Whatsapp) can obviously read the data on both sides - and perhaps sent it to Whatsapp servers with e2e as well, so the data is transferred safely to Whatsapp/Facebook, without other eavesdroppers being able to see it :-)
My point is, if you don't trust the company that created it, it doesn't matter what technology is uses.
So who trusts Whatsapp/Facebook with their private data...?
Telegram has 100m users and handles ~15b messages per day  but, similar to Google, is not e2e encrypted.
As of last month , Facebook Messenger and WhatsApp combined had 60b messages per day. Assuming WhatsApp daily messages grew roughly linearly with users, their increase from 700m to 1b users would put them at ~42b out of that 60, leaving 18b for Facebook.
So there are at least ~40b e2e encrypted messages flying around thanks to WhatsApp, with likely at least 20b (assuming iMessage is bigger than Telegram, which seems reasonable) more from iMessage, putting the e2e encrypted count around the ~60b ballpark.
Telegram and Facebook together would be ~30b and I seriously doubt Skype IM is competitive but KakaoTalk is ~150m users, around the same size as Telegram and WeChat is around 600m users .
So the unencrypted messages definitely have far more volume and users than encrypted but the encrypted platforms are still the largest around. The article said "all of its biggest competitors" and given that Google doesn't operate in China (ruling out WeChat), I think that's a reasonable choice of words, although it's really hard to say thanks to iMessage's lack of transparency.
In practice, I weep for a third party that has to read the dumb shit I chat about.
If we do succeed in building a hell where a preference for Metallica in 1997 is grounds for any sort of consequences at all, I'm not going to blame my past self for foolishly broadcasting that preference, I'm going to blame my current self for cowardly compliance with the hell machine.
I don't care if the NSA sees my communications. There's no real chance of them thinking I'm a terrorist. I emphatically do care if the NSA sees the communications of the next Malcolm X or Mohandas Gandhi or Harriet Tubman. Or worse, if that person is so afraid of surveillance a priori that they don't bother becoming an activist at all.
If you become a 'troublemaker', then retroactive trawling can reveal things that you may have done that are 'illegal', but wouldn't be enforced against a normal person in normal circumstances.
People that are worried about the NSA (hopefully!) aren't making their choices based on this dude's article, which is actually premised on it being important to protect your boring stuff from teh Google.
I weep for my future, because there is a growing majority of people who give out their dumb shit data to everyone who makes a fancy app with smart AI to tell them where to spend money a second faster.
You can always extract important words from a "block" of chat messages, and feed that into your advertising engine, while keeping the exact sequence of your words and messages encrypted.
Now if the AI bots require the exact sequence of your words to do NLP processing, then yea, you're SOL until the mobile devices become powerful enough to do that processing locally on the device.
Well this is the first bits of that. That means some code somewhere has to read what you are saying. Then it helps you. The trade off seems clear to me.
And ultimately I do trust Google. The US government less so, but the solution to that isn't with encryption and crippling technology, but expanding privacy rights in the 21st century. Look forward not backwards.
Opt-in end-to-end encryption is an anti-feature.
Google Plus started being integrated into the search results, Picasa, Youtube comments, Android app reviews, and every other place they could think of, basically making it the default Google authentication.
They eventually de-integrated Plus after tons of user complaints (and possibly seeing how horrible the product itself was).
If you don't want the features, then don't use them, but saying not to use the tool because you'll want the features that will take away privacy makes no sense.
My bot can just continuously post variations on "Here is a belief, validate it!", "Accept this high status social posturing as true!", "My worldview has been questioned. Outrage! Let us form a mob and bully the outsider into silence!", "I have performed a meaningless I-am-a-good-person ritual, please reassure me that although my employment is based on doing harm to people I am still a good person". And other bots can respond with messages of vague support/retweets/likes/whatever.
Since we seem determined to allow others to control and influence our private conversations let's at least get something out of it.
I'm not worried that my intimate conversations will be replaced by bots. I am interested in automating my "yep" and "haha" responses to things I couldn't care two shakes about.
Since I still use Google and, to a lesser extent, Facebook products, they have lots of data on me already but these kind of products still give me pause as I think about what could happen. If my experience is like many others, that could make it harder for these types of new products to find the adoption had all the NSA stuff not been revealed.
From a marketing perspective, it could be a really interesting study into the impact of a brand violating the customer's trust and the government's role in forcing the behavior.
> Allo is fundamentally different in this way than Hangouts or Gchat.
So either Google can merge Hangouts/Gchat into Allo, and this Vice author gets upset, or Google debuts 'yet another chat app' but then everyone's confused/annoyed there's so many chat apps from Google.
Alternatively make opting into incognito mode super obvious and easy as well (but in a way that preserves security) and allow an easy option to always keep it the default, too.
And if Allo is going to be the AI-enhanced messenger from Google, then why not make Hangouts fully e2e encrypted like Facebook made Whatsapp?! Unless they plan to kill Hangouts soon? But I doubt that's even a medium-term plan.
I think Hangouts is here to stay for at least another 5 years, unless they intentionally deprecate it in favor of Allo like they did with Gtalk. However going by the current reception of Allo, that also seems unlikely at the moment.
I plan on moving to Allo myself from Hangouts and the only reason for doing that is the end-to-end encryption of Allo, considering Hangouts has none. So if they want more people like me to switch from Hangouts to Allo, then they'd better strengthen not weaken the Incognito mode (not just security wise, but usability wise as well).
Hopefully in the next 5 years we'll see AI-accelerators embedded into smartphone SoCs, so that most of the AI assistance that Allo can do now can be done locally, but I don't expect Google to push too hard in that direction, so someone else would have to take the lead (probably Apple, and I think they've already started doing stuff like that).
Also, this is somewhat wrong:
> However, turning off location history means you have to type in your full home address every time you want directions home.
You can set your home location in Google Maps, so then you won't have to use it as a "remembered location" through the location history system. I also think the starred locations will be saved similarly, and not through location history. So go ahead and turn off your location history.
Of course that means it is just Google policy protecting the messages internally and it probably isn't resistant to a warrant, but the messages are protected from other access.
This is what stood out for me when watching the Google IO talk. It's about as encrypted as sending a plaintext email from one GMail user to another. Which is to say it's not "encrypted" in any meaningful interpretation of the term: Google has the plaintext, Google can change what systems access the plaintext and how; which includes complying with warrants - but also "becoming evil", if they find they have a business need to do so in the future.
It is nice that they at least provide some e2e encryption, but it's hardly much of a selling point of the service.
The idea is, our conversations that are not public, are private. Even if we're discussing some boring grocery list and not a top secret plan to take over the world.
That's a cute slogan, but I can't see any meaningful sense relevant to the present discussion in which it is true.
Then you have to balance how current the data is and storage and so on against the elaborate privacy protection. Google knowing that some person is near some intersection probably isn't much different than Google knowing some person is in NYC. Fresh results about the intersection will naturally be faster to return than fresh results for a larger area that then have to be filtered down on the device.
I guess this is a good reason to add POIs to OpenStreetMap.
I just wonder if today phones are powerful enough to process texts locally and not disclose the raw unprocessed data to the third parties.
Wasn't planning on it. The people I communicate with use either Hangouts or iMessage. I don't have room for YAMS (Yet Another Messaging Service).
Google now has what? half doesn't ways to send messages? This time next year, how many will they have shutdown? I'm not moving until Hangouts is one of the victims.
What's the solution? Instead of writing "Don't use X," write "Use Y." Don't use X, on its own, isn't actionable advice. Use Y can be.
Frankly, about duo (the video chat app), I don't want the other side to see me without picking up... seriously what? I'm probably not their target demographic though with these apps.
Supposedly this should provide more privacy. Email is a different story. Even hosting your own does not solve much. You could host yourself and use GPG but even this does not solve the problem with the metadata.
Docs chat (Didn't think of that one, did you?)
Jibe RCS client (rumored)
All of these have different underlying technologies and are aimed at different partners and competitors.
OK, reach and permanence are far greater with internet chat than with voice. But what we really need to teach our children is to be careful... full stop.
I like Google's suggested short reply options in Inbox, and look forward to the convenience of Allo's bot tech. I also applaud Google for providing a simple and easy way to switch to a private channel if it is needed - surely that is something to celebrate instead of denigrate?
Edit: Small grammar fixes.
> but how many people use Incognito for every search?
and then later:
> Likewise, it’s smart to turn off location history in Google Maps because once Google has that data, it's out of your control.
By providing inputs to either service mentioned (Google Search or Google Maps), you are already providing them with your "private data". That's the entire point: you give Google a set of keywords, and it gives you answers. If you didn't want Google to know what you're looking for, why would you tell them?
"set the fox to guard the henhouse"
It is not that Google is evil, or anything. Quite the opposite, it is probably as good as a corporation can get in that respect.
But they do have a vested interested to learn as much as possible about the users, so they can sell ads, so they can still continue offer amazing products and drive innovation.
Having said that, I would, and do, trust them with all my private data. Things that I would trust only to good friends.
However, if I really wanted something to be absolutely private, Google would not be my first stop. A combination for GnuPG and TOR, maybe, but not Google for sure.
If you care about privacy, you should not visit Vice.com.
"If you care about privacy, you should not use Google."
lol, it had to be said.