Hacker News new | past | comments | ask | show | jobs | submit login
Google Fights Back (stratechery.com)
423 points by denzil_correa 47 days ago | hide | past | web | favorite | 461 comments

Google owns my soul. Their boxes know when I sleep, when I wake, how much I exercise, what I listen to, my innermost thoughts, my chats with loved ones, what I watched on Netflix last night, what my company does, the flu I have at the moment, what the hypochondriac in me looks up in the middle of the night, what I buy, whom I call, what I spend money on, where I spend it...

I nominally pay for these services, but I suspect it makes me a vassal instead of a serf. Google consumes. Google contemplates. Google cognates. Google knows. Google sees me while I will never get to see it.

At face value, as long as Google is Google, everything is okay but what happens when google is Google no more? When it goes to join the great corporate farm in the sky? What happens to the exabytes of data they’ll have gathered by then? Who will own it once Google is Google no more? What will happen to our lives once the data changes hands a decade or four from now?

Are there any contingency plans for the largest dataset on Earth? Do we get to know these plans?

Who the fuck owns MySpace now?

Say what you will about Apple (and I’ve said a lot), at least I know where we stand. I have switched to iOS and I recommend that you should do the same. At the very least, Google will no longer know when you sleep.

Google is already not Google.

The "Don't Be Evil" corporation that valued open source rather than open-washing, that valued openstandards over "oops, we didn't mean to break that for you!" isn't here anymore.

The company that bends over backwards, much farther than the law requires, to enable the surveillance state.

I despise Apple. Especially on mobile. No SDCards, no headphone jack, walled garden app stores. Ugh ugh ugh.

I have applications that does E2E for contacts and calendars that I'll have to find an iOS solution for.

I loathe the notch.

But my next phone will be an iPhone.

Google collects so much absurd amount of data - that all the Proton-mail, DuckduckGo, Wire/Signal, Firefox (loaded with adblocking and tracking plugins) apps in the world can't keep you totally from it as long as you're on Android. You disable things, you opt out of stuff and it just keeps on collecting anyways.

And i don't believe for a second the data they're allowing you to "autodelete" genuinely gets deleted. It just gets removed from your view.

I fully switched from Android to iOS when iPhone X came out in November 2017.

I realised in the next months that the perceived "freedom to tinker" on Android is something hugely overrated. I could achieve almost everything I wanted on my iPhone -- it just took a bit of time to find the proper apps. Later Apple added the Shortcuts which is a very solid automation app.

Many Android users also lament the lack of a visible filesystem but that's a huge plus in my eyes. What are Android apps doing with that? You guessed it, scan your internal storage and SD card and upload them feck knows where (and this has been proven by many advanced Android users). iOS' sandboxing is not a bug. It's a feature which I appreciate a lot.

I'll not shy away from the fact: there are areas that I miss from Android. For example, I could have inspected WiFi strength signal with an Android phone and I cannot with a non-jailbroken iPhone.

Again though, as a guy who used Android phones for 4.5 years before switching to an iPhone, I found that the uncomfortable feeling of switching to an entirely new (and supposedly more "locked down") ecosystem is mostly an illusion created by our brain's unwillingness to endure big changes. You get over it very quickly. Don't trust your brain on these matters, it floods you with non-truisms to avoid cognitive shock.

P.S. I too loathe the notch. So after 15 months with the iPhone X I switched to iPhone 8 Plus. Easily the best phone on the planet to this day (plus a bigger screen and a slightly bigger battery). Now I dread the day the device will no longer be sold.

I don't know if it falls under "freedom to tinker", but having a microSD slot saved my vacation once (well, the pictures of it anyway). We were out at a children's amusement park in the mountains with poor service, so just moving things to the cloud wasn't an option. Deleting apps from my phone to pick up space is of course an option, but also a silly one. Swapping out the microSD card, however, was simple and I just got back to taking pictures and videos.

I went iPhone -> Android -> Windows -> Android. I'd really like to get back to an iPhone for privacy reasons, but the storage situation really doesn't work for my family. Traditionally, it's been a low capacity entry model and then ~$100 to upgrade to each new tier, paying Apple's wildly inflated markup. The pricing is also way out of line with our budget. I was really hoping for a new SE model for my wife.

I'm fairly happy with my Galaxy S9+ now, but I really miss a lot about Windows 10 Mobile. I'll never forgive Google for doing everything in its power to make sure another mobile platform didn't become viable.

I understand (also upvoted).

This is why I bought the 256GB versions (although your photo archives might be even bigger).

Not sure what I can recommend but in any case I'd probably get a professional camera with 400GB SD card. :D I mean, if you guys like to make long videos during a time outside, why not?

I agree Apple's proposition has cracks by the way. Not arguing that.

As for W10 Mobile, yep -- I sold my Lumia 1520 the summer of 2017 and my heart is still broken. :( This system had so much potential! And I have never found a phone whose form factor and feel to the touch that I like so much as the Lumia 1520 and the Lumia 950 XL.

I finally gave in and moved back to Android. My wife wanted my Lumia 950 XL and she loves it. She's not going to be pleased when she needs to move to something else. That dedicated camera button is an incredibly nice feature.

As for photos, I wouldn't say I take hundreds of gigabytes. The point is I don't want to have an anxiety attack over running out of space where I have low coverage. I can get a 512 GB microSD card for $100 and smaller capacities for much less. That let's me have my apps, offline music, offline maps, photos, 1080p videos, and so on. But, thanks for the suggestions nonetheless.

Well, I am not a religious technological ecosystem zealot and you'll get no hate from me.

Use what serves you best. I recognise that your scenario isn't well-served by Apple. Of course you'll switch.

Same boat here. I'm not with Android because I think the OS is better or because I hate privacy. It's a matter of cost (I think I paid $650 net for my S9+) and lack of hardware options.

I'm preaching to the choir, but it sucks that the only two viable options these days require such huge trade-offs. And that the premium for privacy is so much greater than what typical Android hardware costs.

I'm glad you've been able to find a trade-off that works for you. I'm hoping something changes in this duopoly system we have.

Cost is rarely a concern unless you are barely making ends meet. iPhone's cost per year is actually lower than most Android flagships, if you factor in how quicker are the Android phones to start breaking down and/or lose their system software update window. So IMO Apple has the upper hand in terms of amortised cost (albeit not by much if you look at the insane prices of the iPhone XS/Max).

I completely agree we shouldn't have to make the big trade-offs between the duopoly. But truth be told, if Microsoft failed to gain ground as a third smartphone vendor, what hope does anybody else have? They were sabotaged by Google at every turn and let's face it, if your mobile OS cannot have YouTube that means at least 80% of the smartphone populace will write you off as useless. If not 95% even.

I also haven't found the perfect setup yet. Pondering investing heavily in a 10Gbps router + 10Gbps switch + NAS with 25TB as a start. I have loads of videos and can't pay iCloud for them. So things are still shaping up.

Overall though, I am really happy with my choice. Serves me well in 98% of the time.

Thank you for the kind words. Right back at you. :)

>Cost is rarely a concern unless you are barely making ends meet.

Well then 40% of American households are concerned: https://money.cnn.com/2018/05/22/pf/emergency-expenses-house...

I'm a former ios user (9 years, from my 3GS in 2009 to my 6S which I used until 2018) that switched to Android last year mostly out of cost. Apple crossed a threshold I'm unwilling to follow.

Now I have a moto x4 that was just $300 so I'm not terrified to take it running/hiking with me in case I trip or fall or otherwise break/drop/lose the phone. It takes an SD card so I don't have to pay inflated rates for memory during purchase, the one chance you get. And on top of it I'm on a cheaper carrier (not strictly Apple's fault).

I can fully relate to the part of "not being terrified of breaking the phone". That's a peace of mind I didn't have for a long time and I still miss it.

That being said, don't most US households get carrier-financed phones?

I’m not sure but most iPhone users i know have Applecare so this is only an issue for those who thinks the price is too high

I think you overestimate how much free capital the average person has. Even in my case, where I could afford an iPhone with max storage (to assuage my previously stated concerns), I'd have a really hard time justifying it. We budget pretty diligently, so we'd have to justify to ourselves why paying a premium to Apple is a better use of our capital than anything else. I came really close to buying an iPhone 8+ about a year back, but the Samsung Galaxy S9+ beat it out hardware-wise and was considerably cheaper.

I'll grant you that Apple providing better software support for their phones was a huge advantage. And their stance on privacy is leagues apart from Google's. So, I could work out the math on that iPhone 8+ and call it roughly breakeven. I typically keep a phone for 3 years, so the per annum cost was roughly the same. But, for that money I likely wasn't going to be happy and that factors in. I just wasn't going to have what I want out of a phone and I'd have to console myself with having an intangible benefit of better privacy. I care about privacy, but trying to be honest with myself, that likely wasn't going to make me feel better about paying $200 extra because Apple doesn't think I need a microSD slot.

My wife has a completely different hang-up. She gets very nervous about carrying around a fragile $800+ device. And she'd lose her mind if she misplaced such an expensive device. Prior to inheriting my Lumia 950 XL, she had a Lumia 640 she loved and only paid $30 for. So, she was never going to be happy with an iPhone 8 either. If Apple had refreshed the SE device, we may very well have made the switch to iOS. But, they want to sit at the high-end of the market -- as is their right -- and so we decided to self-select out.

All of this is a really long-winded way of saying that affordability isn't the only concern when it comes to making a purchase. For all its other faults, the Android ecosystem provides many options to suit people's budgets and comfort zones. And yet again, I have to lament the demise of Windows 10 Mobile because it really offered the best of both worlds there.

> I think you overestimate how much free capital the average person has.

I most certainly do, but as mentioned in a sibling comment, don't most US households use carrier-financed phones? That's like, $20 - $50 extra a month?

The 3 years usage period is kind of surprising to me because it clashes with my anecdotal evidence somewhat -- I've known 20+ people holding on to iPhones for 5-6 years. But I am pretty sure the median you gave is more accurate so in that case the cost per annum might indeed be equal to Android flagships (or larger).

> paying $200 extra because Apple doesn't think I need a microSD slot.

I now dearly regret not keeping the link but there was a research showing that the SD controller introduces lag in the entire system (in the case of SoCs anyway). However, nowadays that probably can be solved. Likely nobody in Apple tried though. So there's not only Apple not thinking you might need a microSD. There seem to be other factors in the equation. iPhones are known to be fast and Apple doesn't want to risk losing that no matter what -- would be my guess.

> She gets very nervous about carrying around a fragile $800+ device.

As I mentioned in the other sibling comment here, I really miss the days I didn't have to care if I dropped my phone. Sadly I don't think these days are ever coming back. :(

I personally am unwilling to sacrifice privacy and smooth operation (most budget Androids lag like hell) -- because I consume a lot of reading and video and audio material on my phone and replacing light amounts of anxiety (that most of the time I can put under control) with severe annoyances on a daily basis is a bad trade for me.

Of course, we aren't trying to convince each other, I am aware. We're sharing use cases and I am grateful that you oblige.

Thanks. It's been a nice a discussion. I don't often get to engage in this sort of discourse, so it's been a fun thread.

You can easily connect an iPhone to a computer and copy the pics off of it. You don’t need to swap an SD card around

Carrying a laptop around with me everywhere I go is a wildly impractical solution. The situation I mentioned was at an amusement park, while on vacation.

The problem isn't that I'm using the device wrong. The problem is the device isn't fit for purpose.

large onboard storage is no replacement for being able to swap out cards.

especially in the case of a phone failure to boot.

I only met techies who cared about continuing to use a phone if they could only boot from their SD card. Regular people don't know about the option.

So consider that this niche feature you find useful is of almost no consequence to anybody.

Additionally, iPhones and Samsung devices have really durable internal storage. Almost always the battery craps out first.

It's not about trying to boot off the micro-SD card, it is being able to just pop out the card, and get all the data that was stored on it.

Well sure but most smartphones -- both iPhones and Androids -- do periodic automatic cloud backups.

The ability to do offline salvaging does not seem like such a big selling point to me.

I disable cloud updates for privacy reasons and bc backups of that size would cost more money than my own solution

As for offline salvaging, do you realize how many phones have had bugs that resulted in boot problems in the last 10 years?

I do, but I am not sure what can I do -- Androids are no longer an option for me because Google is way too obvious and they collect everything they can, 24/7. It's too much.

As for privacy, I would disable cloud sync and backups as well. But eventually came to the sad conclusion that I have a lot more going on in my life and I cannot sacrifice even more of my preciously little free time to self-manage all my data -- not to mention this would require a moderate investment in my own NAS / 10Gbps switch / 10Gbps router and end-to-end encrypted backups to 1-2 VPS-es.

I get where you are coming from, I do. But I had to make a choice between an actual life and paranoia. I settled for a "mostly ok" solution and a bit more of a personal life and free time.

If privacy and offline-first own personal data get commoditised, I'll be the first to switch away from cloud (and thus Apple).

Some Samsung devices have removable batteries, which if replaced with new ones, can add some more life to it.

I use my DSLR to shoot pictures in RAW and still don't fill ~10GB of space in a full vacation. Granted different people have different needs - but anything over 32GB seems to work fine for me.

I have the OS taking up space, games that now take up 1+ GB, some offline music, and offline maps so I can use the GPS in rural areas. All of that eats up a sizable portion of that 32 GB. Add in photos and 1080p video and it doesn't take long to fill up. If 32 GB works great for you, awesome. But I didn't make my story up :-)

Now my phone has 64 GB based storage and I'm still in the same situation because everything has bloated to fill the available space. microSD is a really cheap and incredibly effective solution to the problem. Certainly much cheaper than buying a new phone so you can get more storage.

Not doubting you at all. Also, I recently bought a 128GB iPad and copy my pictures to it - from phone and camera (using the SDCard adapter for iPad). It works great for me. iPads are cheaper and last quite a bit.

Maybe HD video is the major culprit. I imagine that might fill up space pretty quick on a vacation, depending on how someone likes to record.

>Many Android users also lament the lack of a visible filesystem but that's a huge plus in my eyes

That's awful in my eyes. What's more is my inability to browse that file system without a third party application when i want to simply move files to my computer.

The only reason I'm even contemplating the move to iOS, is b/c I have a android based, digital audio player that has 2 SDcard slots that I keep disconnected from Wifi (and it does n't have a 4G connection at all).

If my music was still on my phone, I simply would not move to iOS over this singular issue. You're talking 250-400GB of files, not including my downloads, my pictures, my Keepass databases, my SSH keys, my certs file for my VPN, and files that I don't want the OS to index and put in some general library.

It stills seem ridiculously daunting to let go of. Because I use it extensively. Daily - even without my music on there.

>ou guessed it, scan your internal storage and SD card and upload them feck knows where (and this has been proven by many advanced Android users)

Except only the apps I trust are allowed storage access.

Android Q is adding scoped storage and it's more or less the end of a visible file system. Even the existing file manager apps will have trouble to show files without special permissions.

Key word is "permissions", right? Meaning apps that don't wish to scare users with permissions will adopt the new API, but existing filesystem access should continue to function. Otherwise this would be crippling to some users and apps and I doubt it would go over well.

That sounds like the right way to do it. I would love a file browser that has no network permissions but special file permissions, and my network capable apps to have no extra file permissions beyond their own needs.

They are crippling it some way I am a heavy user of calibre companion app on Android. A library type app that you use to open books in the readers of your choice. But according to the dev of calibre companion opening the book into a reader of your choice will break

Not judging or criticising but you seem to have arrived at the right time to setup a home VPN with a [ten] gigabit grade router + switch, and put a NAS behind them. (And can then use them anywhere from the outside world as well.)

As mentioned in a sibling comment, Apple's proposition has cracks and that's unequivocally true. Your usage sounds like an outlier case.

In my case, I have tons and TONS of videos (800GB at this point) so I am pondering the home NAS + 10Gbps router + 10Gbps switch setup. And yeah, I can't use Apple's iCloud for my videos.

You can get 10Gbps upstream where you live? And actually afford it? Wow...

That's not the case almost anywhere though. And you won't be able to access your own stuff without internet either. That's would be very annoying for music, imo.

The far Eastern Europe (Bulgaria where I live, and Romania) has one of the best internet connections in the world. ;)

In my case I am on 1Gbps ingress/egress for ~43 EUR a month and could negotiate a deal for a datacenter level of a link (10Gbps) but I don't want to.

The reason I'll go for 10Gbps router and a 10Gbps switch is because if you put a NAS in your home network then the gigabit speeds will never be achieved again (various reasons, including LAN chatter). And also because I'll buy a 10Gbps-enabled machine and would like to be able to work with the data on my NAS with 1.25GB/s.

To each their own but this is quite a bit overkill. I’m running a gig connection (with only 40mbps ingress) with a 16TB NAS setup and it serves all my needs. People in this thread are complaining about the Apple premium but then you see people talking about buying multiple thousand USD NAS setups to get around having to use cloud storage.

Eh, both things don't contradict each other. Many are willing to spend money to get away from corporate lock-in and I get that motivation. I want to partially do that myself since all my videos would cost quite a lot in cloud hosting costs (not to mention the snail speeds of backup!).

I agree that my planned setup is an overkill but I am setting myself up for such a tech overkill setup in all my work endeavours because I want to have a peace of mind for about 10 years -- if at all possible.

I don't think any of us will soon need more than 1.25GB/s ingress/egress anytime soon (unless of course our games are rendered on the cloud and streamed directly to our PCs). And since I am sick and tired of eternal tinkering, I want to go for an ultimate endgame, or at least one that can last me some years in the future.

What kind of router would you get? 10 gigabit options seems very expensive.

Ubiquiti or Mikrotik. No more than $400 last I checked. Per device though, so router + switch could go up to $800 - $1000.

Quite an investment I admit. But it's long-term. I don't anticipate changing that setup for like 10 years.

Ubiquitys cheapest router that can do 10 G is the edgerouter infinity which cost a lot more than 400 usd.

Hm, now I can't find the link. Probably was mistaken. Or I was looking at a severe discount on a reseller website. Can't remember.

Now you mention it, the only thing I really do with my filesystem on Android is organize my audio collection. What audio player do you have?

Android 9 has a native FS browser.

I agree, I made the switch a few years ago when I couldn't find a single good Android phone that wasn't huge (and yes, I tried the Sony Z3 Compact, it had way too many issues). The iPhone SE had just come out with flagship specs and one of the best cameras on the market, so I made the jump. It was painful for a while but now I'm sure I'd feel the same pain switching back.

My main complaint about iOS is text entry. Both the keyboard and voice input are incredibly bad compared to Android, even compared to Android of 3 years ago. I still struggle to type accurately or voicetype without having to make a ton of corrections. And there are better 3rd party keyboards (including GBoard) but they tend to be slow and awkward due to iOS limitations, plus then you lose voice typing completely which is not acceptable to me. If I could have an iPhone with the native Android keyboard and voice typing I'd be super happy.

Oh I agree on the text input completely. Google's keyboard on Android is like a mind reader when you do swipe/gesture typing. If there's one thing I miss dearly in Android to this day it's exactly that.

iPhone has the Google keyboard in the app store. I use Swype keyboard though.

I know and use it. But it's much less precise than its Android counterpart due to Apple not giving it the exact touch sensor readings. As a result, it's not that good. :(

On iOS, 3rd party keyboards block access to the voice typing function which is a dealbreaker for me. At least on my iPhone SE, it takes so long to switch between a 3rd party keyboard and the iOS keyboard to use voice typing that it's too painful to be worth it.

On iPhone X it is still there.

Does it upload everything you type to Google? "For your convenience" and "to improve our services", of course. It'd be ironic to switch to iPhone for privacy but keylog yourself in the process.

No, it doesn't. Third party keyboards have two levels of access and they come pre-installed with the much more limited one (no access to internet whatsoever, no matter if you're on WiFi or 3G/4G).

Doesn't stop Google's keyboard to periodically pester you to give it full access "to get the full experience" (or something along the lines) but if you don't, it will never get or send a single byte to Google's servers.

Trust me, I researched. I too didn't want the huge irony you mentioned to hit me. And it doesn't.

> plus then you lose voice typing completely which is not acceptable to me

I use GBoard on iOS, and on the iPhone XS with iOS12, you can still use the native voice typing while using GBoard

Android just announced a move away from the traditional visible file system as well.

The best part is the equivalent Android APIs have terrible performance and stability.

Android has been steadily moving away from both being open and supporting power users, with stuff like Doze relying on GCM, nerfing WiFi control, disabling getting BT mac addresses (and not even letting apps ask for permission)

It turns out being able to replace a users lock screen with a full page ad is not a good thing.

> Many Android users also lament the lack of a visible filesystem but that's a huge plus in my eyes.

iCloud is accessible as a "filesystem" on iOS. It's a decent compromise that doubles as a dropbox replacement

And the file browser app lets me get just about everything I need to in and out of music production apps. E.g samples and rendered songs.

No need to jailbreak. Just dial 3001#12345# for field mode and enjoy the stats!

Note that HN formatting ate the single asterisk before and after. You'll need to enter them as well.

Do you know how to get the same field test data on an iPad where there is no dialer?

Nice! Had no idea. Thank you.

> I realised in the next months that the perceived "freedom to tinker" on Android is something hugely overrated.

I've never really wanted to tinker much with my smartphone. I want it to do a handful of simple tasks (calls, texts, maps, music, light web browsing), and otherwise get out of the way.

Similarly, I switched to Mac OS X awhile back after years on Linux and BSD, because I realized that I would never want to tinker with (the source code of) my web browser or word processor, and there was a whole tinker-friendly Unix system sitting right next door. Pace, Stallman, but I don't need the freedom to tinker everywhere.

While I admire people like Richard Stallman and Sir Tim Berners-Lee, IMO they fail to understand that most people simply don't care -- they have a life, job, family and stuff they like to do in their free time and they want technology to enable them and save them time, not get in the way and take their free time.

I used Debian as a main driver for several years and lost patience around 2010. Using a MacBook Pro with an external monitor and working to get an iMac Pro with maxed out settings (~14_000 EUR) to have as a main driver for the next 9-10 years.

Customisation and freedom to tinker with the details is great but only when you need it. Not all the time.

They don't fail to understand it. They just realize that if people don't push back, they won't have freedom to tinker even when they need it.

Also, for those believing in free markets: freedom to tinker for you is also the freedom to ask your friend or pay a local professional to tinker on your behalf. It doesn't mean everyone has to be a tinkerer, only that everyone can be. The opposite of that is requiring to go through the official vendor for every little thing you need to tweak.

I don't believe in free markets. I am too much of a realist for that. :)

I ask you what can we realistically do though?

It's very apparent that budget Androids that lag like hell and break down often aren't to the general populace's taste if they have a choice -- in my "poor" country (Bulgaria) people get loans so they can buy the Galaxy S10 or Huawei P30, en masse. Most people I've known in my life buying budget Androids only did so because of money constraints. I only knew 2 people who bought cheap Androids to tinker -- and it was because they loved tinkering with tech more than having sex with their wives, or spending time with their kids, or go jogging.

I already said I am not OK with Apple lobbying against the right to repair.

But I have no recourse as a customer. My iPhone is legitimately saving me time and frustration for a no small amount of leisure and work activities. If it didn't, I'd be using a budget Xiaomi for life. But here we are.

What would you do? Would you sacrifice your free time so you can punish the big evil corporations? And how?

Given that all Androids offer you the "freedom to tinker", you can always shell out for the Galaxy instead of iPhone if that's what you care about. I understand either choice on individual level. Myself, I'm on Galaxy S7 now, previously on S4. Before that, I bought a cheap Android phone and learned the hard way that what you save in money, you'll repay back with interest in mental health. The "death from a thousand cuts" isn't worth it, and I recommend everyone around me too to save up for a better phone instead of taking the cheapest one.

If the only Android phones where the cheap, shitty ones, I'd probably be on an iPhone now.

Seems we are in agreement.

I loved Samsung while I was using Androids but they were starting to lag at the 6-9 months mark, without an exception (I owned 5 of their devices over a course of 4 years). Eventually it pissed me off.

Only Android device I legitimately loved was the Xiaomi Mi 6 (the high-end version with 6GB RAM and 128GB storage). Truthfully a masterpiece!

In the end though, my need for full and easy integration between my mobile devices and laptop (soon a desktop as well) prevailed. I arrived at the conclusion that "tinker at all costs" is not for me. There are plenty of people who do only that, I am passing the torch to them.

I had this argument 10-15 years ago, and agree about the potential for lock-in. But even at the time, I realized that I would rather not build Konqueror, Kate, or the Gimp from source, and would never make a significant change. They had become so complex that learning and keeping up with them enough to contribute would be a part-time job.

The current toss-it-over-the-wall-ware model is good enough. Android and Chromium technically "work" without Google, and their code is online. There are multiple Firefox forks. I don't know about OSS programs for Excel spreadsheets and Word docs, but I'm happy to sacrifice some freedom in order to never have to go down that rabbit-hole.

Yep. We all have jobs to do and free time to enjoy. I am frankly burned out on tinkering and I am pursuing getting better at my workplace plus work on a few hobby projects every now and then. Beyond that I throw my hands in the air and give up. I have a life. And I like it.

"What if"-s and theoreticals don't help any discussion. It's very evident by now that people en masse don't push back. And there are no signs that this is changing as well.

Instead of being hung up "but if the people just do this...", how about we formulate a new strategy based on the facts observed so far?

IMHO open source already does that. Most of the new opensource projects do make ease of use a major point. You see that in frameworks, nearly every framework has a "Get started in 5 mins" and samples. But the problem is that the money has to come from somewhere, so either you get sponsored, sell data, raise pricing or die. Too few people pay for tech stuff, since most of is is free and then we end up in situations like today.

Wish I had your optimism. I used 8 languages in my life actively -- and 3 more as a quick hobby and evaluation of features -- and almost never seen a well-documented AND easy to use library or a framework. Almost every author falls in love with their own idea and convenient abstractions and even if they explain those to somebody else, it still doesn't make sense to a chunk of the programmer users.

Trust me, I'd like some of my ideas to be funded as well. But it doesn't seem to be the world we are living in. :(

Yes same here. I was on ubuntu from 2003-2010 and quit for osx because I didn't have time to tinker and fix basic-level services like audio and display settings. I only recently got ubuntu 16.04 on my desktop (dual boot) and am enjoying it, but I still drive osx on my laptop.

Use https://microg.org/ instead of Google play services

A free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries.

IIRC, there were cases showing this setup to easily break and not have certain apps work (like Google Maps which many people want).

It's cool if you have a weekend's worth of time to burn on such a project and fine-tune everything to your liking. But I don't.

> and supposedly more "locked down") ecosystem

Is it not? Your entire post only argues "It is, but here's why it works for me...". Removing the "freedom to tinker" is taking two steps back from what a computer should be. And smartphones are growing to be the primary computing device for many, so in my mind it's ridiculous to argue them being locked-down a merit. Relying on apps from a walled-garden app store is not a solution even if it works for you or others. Many legitimate apps are banned from the Apple app store entirely, and users cannot install them even if they choose to because iOS prevents installs outside of the app store (unlike Android). I want to run my own code on my own device, freedom to do so is not "hugely overrated".

And as for privacy: what is privacy if its decided for the user and not the other way round? You cannot have true privacy without freedom, you only have Apple's definition of it. Tell Chinese Apple users about privacy, why Apple stores data in China.

And freedom extends to hardware, too. You purchase an iPhone and Apple tells you it's too dangerous for users to fix it themselves, and lobbies against right-to-repair [1]. Do you also consider freedom to repair your own devices overrated?

1. https://news.ycombinator.com/item?id=19791438

You hijack my rather focused and narrow comment and try and broaden it to a much wider set of problems. Not a respectful discussion technique, partner.

Of course we should have the right to repair. And of course many Apple users aren't okay with everything Apple does -- or you thought we were all mindless worshipping drones? No. We buy Apple because it makes the most sense for our needs. That's all there is to it.

But tell me, what choice is there out there if we want alternatives? No, really. Don't give me theoreticals and "if we could only do X...". We have Android and iOS. Nothing else. Sailfish OS is very niche and not everybody likes Sony's 2-3 devices that the OS supports. W10 Mobile is dead. Google and all Android OEMS actively sabotaged any and all open-source efforts -- mostly the ROM community -- mainly by voiding warranties if you touch a single byte in the bootloader. Even the rootless unlocking techniques are attacked on a regular basis. It's a furious battle and the OEMs won.

So don't tell me Android is much better than iOS because it's very obviously not. Historical factual records show that Google is very keen on the walled garden idea as well -- and I hope you are aware of the Google Play Services situation and that "the vanilla Android" (AOSP) gets less and less useful with each release and that more and more functionality is sucked into the proprietary, closed-source, binary blob that's Google Play Services.


Again, what other choice of mobile ecosystems do we have?

Android's supposed increased freedom is periodically strangled away (normal file system is soon going to be a thing of the past, for example). Looks like a pretty classical bait and switch, don't you think?

Oh, and the ability to side-load apps is only useful for the 0.2% of the populace that are tech-savvy users. For everybody else it's a huge security risk.

I understand you're not OK with what Apple does -- trust me, I hate their guts for some of their policies as well. We really don't have a choice nowadays though. Apple just seems like the lesser evil compared to Google.

I didn't hijack anything, I bring up RtR and privacy in response to the comment chain here saying "choose iOS, choose Apple, choose privacy". I directly address your post.

Now if you aimed your comment to be narrow then why broadly disregard the fact of Apple's ecosystem and related concerns as simply "supposedly" and freedom as "overrated"? There is nothing "supposed" about iOS being locked down, and "just find it on the App store" isn't viable alternative to the freedom Android offers. Neither is the contrast in the two platforms an "illusion" to merely adapt to.

> what choice is there out there if we want alternatives?

What Google does with Android remains a worry for the future, but the current-day choice simply from a matter of freedom and privacy is a LineageOS-supported device, preferably one requiring the least amount of blobs, alongside F-Droid. No Playstore and related frameworks installed. No accounts, no perpetual sign in and tracking, unlike Apple requiring you to be signed in with Apple ID even if you don't use their cloud services or just to install an app. If you must use apps that depend on Play Services, install MicroG and use Yalp. You have near full control of your device, which extends privacy since you can root, install low-level firewalls, and edit system-level files like hosts. Notice that this ecosystem is more Unix-like as opposed to just one big Apple ecosystem. You can decide yourself instead of Apple making choices for you.

With Apple, you only have one vendor, but with Android you have many choices you can make. Headphone jack? Too bad. Since iOS comes with Apple hardware, you have to discuss the two alongside each other. And for me, even ignoring the lock-down of iOS, I refuse to support Apple and vendor lock-in.

> For everybody else it's a huge security risk

Think-of-the-children fallacy. This always ignores the fact you can have the best of both - those none-the-wiser can continue using official means of installation. It also ignores the other side of the coin, developers wishing to offer programs but not interested in dealing with the Apple ecosystem - both them and users are out of luck in that case, and this can happen even if you're already on the app store if Apple decides to take down your app or developer account for whatever reason.

> I realised in the next months that the perceived "freedom to tinker" on Android is something hugely overrated. I could achieve almost everything I wanted on my iPhone

There is a counter argument which says that the only reason you can do those things is because the existence of open source Android forced Apple to do it or be uncompetitive with Android's features.

My primary objection to Apple is one of principle: giving up your right to code software that is hostile to the interests of a platform owner is massive loss of freedom. As Stallman put it, "Apple made it cool to go to jail".

> And i don't believe for a second the data they're allowing you to "autodelete" genuinely gets deleted. It just gets removed from your view.

While "deleted" might take a while (eventual consistency FTW), any company with a presence in the EU has a lot to lose if such a scheme (beyond what they declare, eg. "31 days to recover your account") ever sees the light of day.

Even then I would still fear that data having already been transformed into something else and using word play to disassociate with the original set of data.

edit: I've been subjected to Google's dark patterns for so many years that I doubt I will ever trust this company to be honest with me.

Legal action requires you to be able to prove they still hold the data.

If they only use it for something where other factors affect the outcome (ad targeting, etc) they can still keep your data forever while hiding behind plausible deniability the other factors provide them (from outside, there’s no way to prove that a particular ad was served to you because of your data instead of another factor they use as input for the algorithm).

There are a lot of mouths to keep shut on the inside. If anyone responsible for building the fake delete tool spoke out, Google would be in trouble.

If people couldn’t be unethical at scale then Facebook wouldn’t exist at all and yet it does, so I’m sure the same would be possible at Google.

That's different. People can easily be unethical at scale when incentives align. What they almost never can be is coordinated at scale against the individual incentives - whether for good or bad.

Also maintaining that deleted data is an issue, can't just magically move it to your datacenter in the mountains. someone will notice the movement of data even if it's automated. i suspect google just extracts as much data as possible from the photo, maybe trains an algo or two with the metadata and then deletes

> from outside, there’s no way to prove that a particular ad was served to you because of your data instead of another factor they use as input for the algorithm

Create an account, use it to excessively look for tea pots until you predominantly get ads for tea pots. Store the cookie[0] that encodes your user id. Delete the account.

After the advertised account retention period, try the cookie again in an otherwise squeaky clean session that gives random ads without the cookie:

Tea pots? Something survived.

No tea pots? No targetting.

(and yes, the onus to demonstrate your accusation well enough to convince a DPA is on you, IMHO as it should be)

[0] or whatever bits of data are necessary: try to recreate the tea-pot session after a logout without logging in officially to determine what's necessary.

I don't believe for a second they keep the data at a company of Google's size. But they don't need to anymore if they just feed your data through some neural network training that outputs a black box filled with weights. They can legally show your data is gone but now their model knows that people with similar browsing history, location, etc have a weak signal for tea cups. You'll get the occasional ad for them if their other networks don't filter out all the history for appearing suspicious. Google can bring in a bunch of experts saying how much data they've processed and no one really knows how the ML algorithm learns, etc.

They've improved their model none the less even if you delete your data after the fact.

And that is fine by me. Using my behavioral data to train an underfitting model is very different from actually storing my behavioral data. Sure, the word 'underfitting' does the heavy lifting in my previous sentence. But I don't think that overfitting is even feasible at this scale. Google does not train models that just memorize the habits of 3 billion people. Such a model would be useless.

Unless your behavioural data is enough of an outlier to identify you.

Yes but an outlier will be identified regardless of where s/he chooses to go, the data just reflects that idea

If you're coming from the same device or IP address/range, that's enough of a link.

An anecdote: I stayed with relatives for a few days one time, and my two-year-old niece really liked one particular music video on YouTube, so it got played on their TV box 3-4 times during my visit. Not on my laptop, but I used said laptop on their wifi (not logged into Google products, as I never am). When I got home, YouTube highly recommended that video to me after I watched an unrelated video, when there was no other reason to recommend it (I didn't know the artist, almost never watch music videos, and it wasn't anything all that popular).

I notice a similar behaviour. I don’t have a Google account and don’t keep cookies, so the only way for them to track me is my IP.

My IP seems to be permanently associated with my YouTube habits. They’re even being sneaky about it, as in they’ll give you a default homepage and generic recommendations first, but watching any video similar to the previous viewing habits will bring back not just videos related to that one, but the entire history they’ve collected over the years (some of the topics I watch are completely separate and would never intersect normally, so the only way for them to both come up in suggestions is from previous viewing history).

I didn’t create an account, didn’t agree to any privacy policies, and am blocking any and all cookies just like they advise in their own privacy policy and yet I am still being tracked.

I wonder how they define 'your data'? If I train a neural net to recognize you and predict your behaviors and preferences, are the weights of the network yours, or can I keep them? What if the network covers you and your family? Do I have to retrain my network?

Yes, if the neural net can identify a person, it's covered by the GDPR:

"Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person" (Recital 26).

In which case you need a lawful basis for doing such processing (of which consent is just one possibility). Furthermore, that's considered "profiling" and is subject to extra rules if it can have strong impact on the person's life.

On the other hand, if the data is well mixed with other people's, preventing that recognition, then it has been anonymized, and therefore it's not longer subject to the GDPR (Recital 26). But note that you're still subject to it when you're capturing and using personal data to train that model, even if the model itself is anonymized.

You mean the fines that the board of directors writes off as a cost of business and they never change policy due to them? Those fines?

Not changing policy means escalating fines (those 4% of global revenue maximum are nothing to sneeze at, and so far compliance was the cheaper route) but also, at some point, the inability to operate in the EU.

Even if a company only does the bare minimum required under GDPR, total deletion of data on request is part of that.

But these more severe measures are either 5-10 years away, or never going to happen at all (the latter part is my assumption, not claiming it as a fact).

IMO the corporate board of directors will coast on the situation for as long as possible and only then will we see some changes, don't you agree?

> IMO the corporate board of directors will coast on the situation for as long as possible and only then will we see some changes, don't you agree?

There are a few cases already with fines around 2.8% of revenue, and those fines don't mean the DPA will go away. The expectation is that these fines are paid _and_ the reason for the fine is resolved.

Turnover in the 2.8% case (Taxa 4x35 in Denmark) was from Fall 2018 (start of investigation) to March 2019 (when the DPA reported the incident to the police and "recommended" that fine). Sadly the only follow-ups on the case that I could find are behind paywalls (so I can't read them), but apparently the DPA isn't done with them yet.

It's all a matter of exercising pressure, and it seems that the authorities are willing to do that.

As someone impacted by the GDPR (AAA Game Studio, and all player stats / multiplayer matches getting impacted), backups are exempted:

"The GDPR is open to interpretation, so we asked an EU Member State supervisory authority (CNIL in France) for clarification. CNIL confirmed that you’ll have one month to answer to a removal request, and that you don’t need to delete a backup set in order to remove an individual from it. Organizations will have to clearly explain to the data subject (using clear and plain language) that his or her personal data has been removed from production systems, but a backup copy may remain, but will expire after a certain amount of time (indicate the retention time in your communication with the data subject). Backups should only be used for restoring a technical environment, and data subject personal data should not be processed again after restore (and deleted again). While this adds some complexity, it allows organizations to have some time to re-engineer their data protection processes." https://blog.quantum.com/backup-administrators-the-1-advice-...

You are absolutely correct that following the intent of the GDPR (we don't have access to the user data once they file the request) is of utmost importance. But the prior poster is correct that the data still exists.

Edit: All opinions my own and not that of my employer, etc. etc.

True, but I doubt EU courts could take up a case involving non-EU consumers. So, even though Google compiles in Europe, they don't have to afford the same protection to non-EU users.

> involving non-EU consumers

GDPR covers any interaction of people or organizations in the EU.

So non-EU consumers are covered once they're visiting the EU (citizen of a member state or not), and potentially (untested, not spelled out explicitly) when they use a VPN with an endpoint in the EU (because they're then likely talking to data centers under the control of the European subsidiary).

> they don't have to afford the same protection to non-EU users

Given that "EU user" is murky like that, I'm not sure if any company goes through the trouble of differentiating which action happened from inside or outside the EU beyond raw GDPR blocking that refuse service entirely for accesses from within the EU.

> But my next phone will be an iPhone.

If it pans out, you may want to wait for the Librem 5[1], that's definitely my next phone.

1 - https://puri.sm/products/librem-5

And i don't believe for a second the data they're allowing you to "autodelete" genuinely gets deleted. It just gets removed from your view.

This came many times before and it is incorrect. If you delete your data from google, it is deleted permanently. Deletion of multiple backups takes longer, but eventually it is gone, forever.

Disclaimer: Googler.

It's one thing to compare iOS and Android, but if we're gonna talk about actually buying phones, it's worth looking at some other aspects here. Such as being able to unlock the bootloader on some android phones and potentially run an alternate OS on them. Whether it's just LineageOS, which is essentially a better-tasting Android, or something even more different like Sailfish or postmarketOS. I don't believe there is a similar option or community effort around Apple devices.

> But my next phone will be an iPhone.

I ordered a new old-stock Nexus 5X to run KDE Plasma on. Fuck both Google and Apple. I hope the Purism and Pinephone actually get released as well so we have more real Linux options.

I hate we live in a world with totally non-standard mobile hardware. Back in the day you could wipe Windows and run Linux on nearly anything. Maybe you would only get VESA graphics or text, but it would at least boot.

PostmarketOS is trying to make a dent in it, but we still have huge gaps in hardware support.

I don't understand why no one mentions SailfishOS. It's an alternative that is available right now.

Sure, it's not up to the level of Android and iOS in most respects, but it takes effort to get something like this going. Also from the users. Like Linux 20 years ago.

Developing for it is not a nightmare either.

And it's running Linux so there's advantages as well.

I used it as my daily driver years ago and I've been using it as my daily driver again since six months or so.

I've looked into Sailfish before. Isn't it closed though? (It might have a Linux kernel, but that doesn't mean the rest is open) and as far as I can tell, it's not (easily) available in US markets.

It's not as open as the Librem phone, I think. What do you mean with "open"?

What I meant to indicate is that it is a viable alternative to iOS and Android, available right now. (Except it's hard to get outside Europe, China, Russia and India apparently. I missed that.)

As a lifelong Android user, I'm pretty close to switching to Apple/iOS because of Google's gross surveillance behavior. I used to have the same qualms about the lack of features or components, but I recently began to see those complaints as pedantic.

> But my next phone will be an iPhone.

I'm seriously considering my next phone to be one I build.

The hardware is available - cheap 4G LTE modules that plug right into a Raspberry Pi Zero exist; that and a cheap touchscreen will get you around 90% of the functionality most of us need, hardware-wise. You won't have a camera, or motion sensors. You will have GPS, voice, data, a screen, storage...

Basically everything you need for most purposes. And adding a camera and an IMU isn't that difficult, either.

The difficult part is - as always - the software. But people out there are building those pieces. Quite a bit can be done using plain-old Raspbian and Python on top, because the cellular module is essentially a virtual serial port device, and everything else has simple drivers or is otherwise easy to interface to.

Where I'll probably start, though, is with the idea of a custom "cyberdeck"; I already have most if not all of the parts, I just need to find the time to do it. It's form factor will be close to what the TRS-80 Model 100 was, though the screen will be...well, different. I'm considering a few options; probably a standard 800x600 HDMI screen along with a secondary 128x64 monochrome serial GLCD.

The ultimate thing about the whole project is independence (well, as independent as I can get - still have to pay some piper - aka T-Mobile - but maybe voip over wifi could be done in the future?) - and customization.

I may not have everything I want in the beginning, but what I want may only be a bit of extra coding, a tad bit of soldering, or likely a bit (or a bunch!) of both. I'm honestly tired of the games Google and pals are playing; kicking them to the curb may be the best thing to do.

You may be interested in the Purism Librem 5 [0].

It's made by people who care about software freedom. It doesn't use the common ARM-based SoCs which require proprietary drivers and will be unusable with modern software in a few years. Everything except the cell modem (on a replaceable M.2 card connected over USB) runs 100% free software. The device as a whole runs Linux with Gnome, and Plasma Mobile + others also developing for it. The company contributes back to the OSS software they use/improve.

It doesn't have the form factor of the TRS-80 Model 100, but basically the deal you get with it is that you pay the price of a decently high end smartphone in exchange for a midrange smartphone which is completely controllable by you, as much as a normal Linux desktop, but still offers a 'pretty good' UI out of the box for normal phone usage.

[0]: https://puri.sm/products/librem-5/

> It's made by people who care about software freedom.

How do I know that?

The first I saw about Librem was their original laptop that made clearly overstated claims about its openness. (e.g. claiming a device that used intel CPUs would have completely open firmware). After that I paid no further attention to them.

A lot has happened:


For instance, all the firmware is completely open. The BIOS can be flashed by the user. What openness do you feel is lacking?

> Google collects so much absurd amount of data - that all the Proton-mail, DuckduckGo, Wire/Signal, Firefox (loaded with adblocking and tracking plugins) apps in the world can't keep you totally from it as long as you're on Android. You disable things, you opt out of stuff and it just keeps on collecting anyways.

There must be some kind of way outta here.

How about carving out a Google-free chunk of the web, and then only visiting sites for which you're somehow certain there's zero Google in them (no Google Analytics, no DoubleClick, no fonts, none of the other junk they use to track you). Otherwise you'd be slapped in the face by a dire warning akin to those for the expired SSL certificates.

Would that be crazy?

Not crazy, but you would be excluding 85% of the top 100k sites, including stuff like Github. I'd rather just try to block the Google domains themselves.

Well, that's a good start. It even already includes cool stuff like Hacker News and Wikipedia. From there on, site owners need incentives to enter and remain in the "cool" zone. No idea ATM how/if that can be realized but there seem to be enough bright folks out there wanting it to happen.

> I'd rather just try to block the Google domains themselves.

This works to some extent but falls short of really penalizing the site owner for installing the trackers (of course, they probably lose some revenue but that's not enough).

If sites had a rating reflecting how "tracky" they are, then, given a choice, people who care would tend to pick the less tracky one. Benevolent browsers, search engines, and other tools can enable them to make this choice.

> The company that bends over backwards, much farther than the law requires, to enable the surveillance state.

This is the key point. Google came of age during the GWB administration, when the folly of trusting government was more clear than it had been for decades, and under Schmidt's leadership Google became a major defense contractor.

It's impossible to know how much unlawful surveillance has already been done thanks to Google's collaboration/complicity.

How can Google earn back some trust? Implement warrant canaries at the google account level, decline to do business with the Pentagon, and come forward and reveal all of the shady and unethical things the firm has done, and simply ask the public for forgiveness.

How about the Librem 5?

The problem with Libre5/Purism is apps.

A lot of the secure applications I use have a linux app of some sort (DEB, AppImage, Docker) but I fail to see how any of that is going to work on a phone.

I certainly don't see how a docker container would be good for battery life on a phone either

ProtonMail - for example - on Linux, requires a bridge application in order to talk to a IMAP capable email client.

Etesync requires a bridge in the form of a docker image.

Wire has an AppImage that I'm certain won't work well on a mobile screen. Signal has a DEB for Debian based environments and I doubt that'll play nice on mobile too.

The only real way to do a Libre phone is for me to invest entirely in the Libre ecosystem for mail, chat, VPN, everything.

if you've spent time moving your stuff into more secure and diverse sets of applications and services, and what's more - convincing friends and family to communicate with you over those very things, you'll have to migrate once more in order to use this phone.

I would bet money that Firefox doesn't even work on it in a mobile/phone-mode. You'll have to use their stock browser which will probably be based on Epiphany.

FWIW docker apps are just regular processes with some additional data structures on the kernel side. If the process(es) in the container aren't scheduled on a CPU (e.g., blocked or sleeping), the app isn't taking any more resources than any other process(es).

Frankly, a container-based app model sounds kinda nice!

even if it's good on battery, managing it on a phone sounds awful though.

I'd imagine that it could be wrapped up as well as .apks now, so you just see and manage a single icon representing the 'app'.

So much this. Without a ride share app (and a few others) I just can't see going to Librem 5 as much as I would like to.

For Uber, there's https://m.uber.com, works fine on any browser.

My understanding is that you can run Android apps in Linux, but I've never tried it.

It's a shame the Copperhead OS died.

It still reports your movements to your cell provider. Get rid of cell phones if you're worried about privacy.

That is like saying that 'unless its 100% perfect, I may as well send everything to Google and the ad-verse'

People can't simply get rid of their cell phones. At minimum, I need one for work.

If you care about protecting something, leaving one known-exploited exploitable backdoor open is practically as bad as leaving 100 open. "Closing all known backdoors" is a rational compromise. "Closing more backdoors known others are open" is an irrational feelgood measure.

There are things I would miss on iOS (e.g. widgets, dual sim, sdcard, headphone, more RAM) but for example Backup is is so much better on iOS! I fear that my android breaks at some point and I lose some data because there is no proper way to do full system backup. I have to use as much cloud services as possible and it has always been a big pain for me to upgrade to a newer android device. And I remember how straightforward it was and probably is on iOS.

please dont give money to apple. it gives them the illusion of being a good company.

instead: https://puri.sm/products/librem-5/ (i know it's not ready, but it's coming) or https://lineageos.org/

> No SDCards, no headphone jack

> I loathe the notch.

To be fair, each of these either already is or is becoming the norm on Android phones as well (at least, ones at a similar price point iPhones). Several of the top end phones have notches and no headphone jack, and I haven't had an Android phone with an SD card slot for about five years now.

[edits: formatting/typos]

Every phone I've had, my parents have had and my wife has had (since i support them all) has SDcards. Including phones bought this year. They all have various Samsung models right now.

My DAP has 2 slots. (android based)

And it's a god send when your phone decides to boot loop and you can no longer actually get into your phone.

Oh they say - use their cloud services for the low low price of whatever. F- that.

> Google collects so much absurd amount of data - that all the Proton-mail, DuckduckGo, Wire/Signal, Firefox (loaded with adblocking and tracking plugins) apps in the world can't keep you totally from it as long as you're on Android. You disable things, you opt out of stuff and it just keeps on collecting anyways.

Do you really intend this statement in regards to pure AOSP/LineageOS (ie microg)?

Yes Android will always be a product of a surveillance company, rather than being focused on user-centric security. But I would think that microg should be enough to deprivilege Google's backdoors, and generally avoiding stuff from the Play (Yalp) store should shield you from the bulk of OS-facilitated commercial surveillance. If you have information to the contrary, please share!

Obviously given the choice I'd rather run an OS not designed by a surveillance company, but it's awfully hard to find a pocket-sized computer that can. I look forward to PostmarketOS, but I don't think we're anywhere close there.

For me the worst part is that you don't own the pocket-computers (PC/phones) that you buy.... please let me install an OS that I can trust.

there is https://wiki.galliumos.org/Hardware_Compatibility for ChromeOS devices but on many phones, it is currently not possible to install a 3rd party OS, unless you figure out how to root them yourself... and even then, some of its hardware will probably not be compatible because they don't release drivers

I wish a Librem 4 was available (a lot cheaper then the Librem 5)

I feel exactly the same way as you.

Loathe is a strong word. And I loathe everything about Apple and the iPhone.

But I think I'll get an iPhone next. And it's not even because I hate Google or because I don't like Android. I just believe in voting with my dollars. And Apple at least is masquerading as a company that makes a product and wants to sell that. I like the idea of the transaction. I buy my phone and then I own it; I'm done.

With Google, I buy the phone, and the phone owns me.

Rupert Murdoch and criminals own MySpace data.

From Wikipedia:

2013–present: Time Inc. and Meredith Corporation ownership

On February 11, 2016, it was announced that MySpace and its parent company had been bought by Time Inc.[18] Time Inc. was in turn purchased by the Meredith Corporation on January 31, 2018.[20]

In May 2016, the data for almost 360 million MySpace accounts was offered on the "Real Deal" dark market website. The leaked data included email addresses, usernames and weakly encrypted passwords (SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a cryptographic salt[68]).[69] The exact data breach date is unknown, but analysis of the data suggests it was exposed around eight years before being made public, around mid-2008 to early-2009.[70]

On March 18, 2019, it was revealed that MySpace lost all of their user content from 2016 and earlier in "a server migration gone wrong". It was widely reported that over 50 million songs and 12 years worth of content was permanently lost, and there was no backup.[71]

and there was no backup

and there was no backup

and there was no backup


I'd like to believe there were backups but the engineers running the show decided to have an accident and let all that data be at peace.

This already happened to me. Around 14 years ago I created a MySpace musician page and apparently I put in my real birthday. It must have been public although I surely didn't intend it to be, and some sort of large data aggregator site picked it up. Later I deleted my MySpace page but the data aggregator still had my info.

The data site had tools to remove your data, but before I knew my data was even there, Google bought the site sometime around 2011 and shut it down, and added the data to their own system.

Today, if you search my full name on Google, it shows an infobox on the side with my real birthday. Google considers birthdays non-private enough that they won't let me remove it. I'm no celebrity but I get that info box because I had a MySpace musician page once over a decade ago.

My birthday now appears nowhere on the internet except that Google search infobox. MySpace, the original aggregator, all gone - but the data lives on.

We don't have a Right To Be Forgotten law where I live but if we ever get one, I know where I'll be going first.

The blatant disregard for privacy is what bothers me the most.

Like when I started getting push notifications from Android for my credit card payment with my exact balance due, which they could only have gathered by parsing my emails from the bank. It's easy to resolve that by changing the contact info/settings with the bank, but just the fact that engineers at Google thought users would appreciate having their private financial information parsed and stored by Google services is absurd.

It should never have crossed anyone's mind to even do that, let alone advertise it as a feature.

Honestly I love stuff like this. Going into Google Maps and seeing my Airbnb marked out, including dates, or where my train is departing and when, that's dope.

I'm guessing the multiple people telling you they think the feature is useful won't change your mind about "nobody could possibly want this", though.

> which they could only have gathered by parsing my emails from the bank.

You say it as if it's a revelation or discovery, when Google is very upfront about surfacing relevant information and reminders based on your inbox.

On more than one occasion, this feature has helped me take actions on pending work items like payments, renewals and so on.

You don't want Google to show you ads, fair enough. You don't want Google to surface for you (and only you) useful information that helps you organize your life.

It almost sounds like you just want Google to give you hundreds of dollars of compute, storage and service out of the goodness of their hearts.

I think both you and Google would be better off without each other.

Frankly, I'd reverse the question: why are you surprised that people are surprised? You think everybody has time to read the dozens of pages of legalese in Google's privacy policy, which anyway doesn't actually specify in which ways they abuse one's information?

It also sounds like you need to organise your life a bit better. Google's notorious for their screw-ups and service closures, one day you might miss an important payment because they turned off the feature or you end up on the wrong side of an A/B test.

"why are you surprised that people are surprised?"

It'd be surprising if there wasn't a clear or direct causal path about how Google found that information. For example, imagine that you paid for a hotel room somewhere in Thailand by cash, didn't carry your phone with you at the time, didn't log in to any electronic device, and still Google inferred that you stayed there, THAT would be surprising.

On the other hand, literally parsing out an email (AND even linking to it, you can click on the notifs to take you to the relevant email!!!) and showing you the result doesn't in any sense qualify as surprising.

It wouldn't be "surprising" if the mail parsing were done 100% client side, with a 100% certainty that no data is gonna be sent back to the mothership. But since it's done 100% server side I cannot honestly know what they are going to do with that data and knowledge.

>You think everybody has time to read the dozens of pages of legalese in Google's privacy policy, which anyway doesn't actually specify in which ways they abuse one's information?

No, but I do think that everyone who gets a service for free should by default assume they don't have much privacy. That is not a huge burden to assume.

It is increasingly difficult to not use one of these "free" email services because of their aggressive blocking of any autonomously operated email servers.

Has Fastmail ever been blocked?

I've used a paid email provider since before Gmail existed. They've not been blocked.

I know there are the occasional posts on HN about Gmail blocking their servers, but I doubt it's anywhere close to the norm.

Wait, so you trust them to store the email, and parse it for something like spam detection, but not for some smarter feature? What specifically are you concerned about that is a problem with this and not with them having the email in the first place? Sounds like you shouldn't be using Gmail at all tbh.

You trust snail mail carriers not to read your mail.

The digital equivalent of the envelope is encryption - the carrier is allowed to see the outside but not the inside. The function of encryption is lack of comprehension - the carrier still knows the exact encrypted bytes of your mail, but cannot comprehend it. We generally accept that this is already a useful proxy for privacy.

Imagine a mail protocol that somehow lets you encrypt everything but the part necessary for spam identification. The carrier is able to apply some algorithm to determine whether it's spam, but no other information. I'll assume everyone thinks this sounds good (though impossible). Because encryption is just lack of comprehension, an algorithm that is only capable of parsing an "is spam" feature from email has the same level of privacy as this hypothetical. But an algorithm that is capable of parsing "your credit card payment is overdue" is able to comprehend something else, which is a different level of privacy.

(Of course, encryption is better than "They're not running anything that can parse this," because it says "Nobody can parse this.")

My mail carrier can't read my mail because I'm in the US and there are laws against it. There are certainly mail carriers in the world that can and do read mail.

The answer here is privacy laws and auditability.

That is a philosophically incoherent model of privacy. The singularity notwithstanding, computers cannot “comprehend” anything. Spam filtering and credit statement parsing are no different. It’s all just ones and zeros being shuffled around.

Everything is just bits of energy being shuffled around. There is no value in seeing computers as being unable to comprehend things, when comprehension is little more than maintaining an internal model of some processes. And computers do that.

Plaintext is also an internal model. The bare fact that they have your emails means they already have an “internal model” of your financial statements before any parsing is done.

> What specifically are you concerned about that is a problem with this and not with them having the email in the first place?

That they use millions of computing-dollars to extract this information and store it.

Supposedly spam detection does not need to understand the numbers in your bank emails. Supposedly it needs mostly information about you previous contacts and spammy patterns from the rest of the internet.

The point being that you cannot misuse the information you do not have. Google is very good at thinking of a lot of this kind of quality of life functionality, they do not seem to realize how creepy and disconcerting they can be.

Actually I want to make a slightly different point. The problem is that "intelligent" systems are unpredictable. In the future google could wrongly decide that your business is inconvenient blacklist you from searches. Maybe it got that idea from your name being mentioned in relation to some extreme stuff and unified you with ISIS.

Computers cannot “understand” anything. You are inappropriately anthropomorphizing an algorithm. There is no epistemological difference between spam filtering and credit card statement parsing. Either way it’s just a cpu pushing around ones and zeroes.

Yes there is, whatever information google extract form an email during spam detection need not be associated with your profile. That is not the case for financial data.

> Either way it’s just a cpu pushing around ones and zeroes.

What is even this supposed to mean? also the information "kill on sight" on your profile of a terrorist association is just one bit, do not worry about that. The fact that they are digital does not mean that the data won't affect your life nor that human or machine will take complex decision based on them.

I think I'm not understanding if you really answered the question you quoted - what specifically is the concern with having that information extracted? Is it just "it feels creepy"?

My point is that they already have the information, so any potential misuse or abuse is possible regardless of what types of parsing they're doing. It might just be inconvenient.

One example is holiday photos: I am ok with stranger taking photos with me in the background. I am not ok with someone spending a lot of effort going around collecting all the photo with me in the background trying to build a personal profile on me.

There is also a security issue, I trust google to keep my email secure, I trust less google to keep my profile metadata secure as selling it is its main business model.

>What specifically are you concerned about that is a problem with this and not with them having the email in the first place

My issue is that federal law regulates what information my bank can share with 3rd parties and allows me to opt out. The ethical thing to do is at least hold oneself to a similar standard. If I had worked on those projects I would have made it policy to ignore emails from healthcare providers and financial institutions outright, since there is far more harm that can be done than good.

I have no problem with data collection when it's done responsibly. But I get the feeling that most developers/engineers working on these features have warped senses of ethics and don't consider the large scale implication of what they're doing, or if they do they just ignore it. Either way, it's the blatant disregard for privacy that bothers me.

But I get the feeling that most developers/engineers working on these features have warped senses of ethics

Nonsense. It's a totally reasonable ethical viewpoint to assume that a user who opts in to their financial institution to send their data to Gmail has opted into Gmail reading that email and trying to provide awesome features on top of it. It's not like Google keeps it a secret when it does this kind of stuff. This is the bread and butter what Google is, and anyone not interested in that kind of thing should choose another email alternative.

Google taking privacy seriously means they treat the data you share with them with respect. In this situation it is you, as a person who does not trust Google, who is apparently not taking privacy seriously when you opt into sending them your financial records.

Do you think customers have absolutely no responsibility over what applications and services they choose to use?

I realize the downvotes will come... But also take the time to let me know what I'm getting wrong.

I'm a user. I appreciate it. It's puzzling that you think it's such a deeply unpopular feature. Third party bill reminders isn't a taboo or unexplored territory.

I don't think it's a deeply unpopular feature, I think it's deeply unethical the way it was presented to me as a user. And it's not the reminder that bothers me. It's that I don't trust Google not to share the data they extract from my private communications.

Financial information in particular can be used against you by a number of parties, and it's been used to discriminate against people in the past. When it comes to the collection of that data by scanning private communications, the ethical alarm bells should have been ringing, and the fact they collect that data should be disclosed and be opt-in (or opt-out).

If it's a matter of "if you don't pay for the product you are the product" that's not true - I did pay a lot of money for their product (I own a Pixel device), and if they offered an email product that I could pay for with the solace that it wouldn't be reading my emails, I would.

> I don't think it's a deeply unpopular feature

And yet

> just the fact that engineers at Google thought users would appreciate having their private financial information parsed and stored by Google services is absurd.

> It should never have crossed anyone's mind to even do that, let alone advertise it as a feature.

That was an awfully quick turnaround from "I can't believe anyone would ever think this would be useful" to "I don't think it's unpopular".

Almost like your initial position was absurd on its face, so once challenged you had to immediately back up to a softer, more defensible one.

Apologies for poorly wording things. My point wasn't on the feature, but the culture that allowed the feature to be created.

That's why I started by saying the disregard for privacy troubles me, and provided an example of a feature that was created out of that disregard, in my opinion.

Maybe I shouldn't have said it's absurd that they would find people liking the feature, but that it's absurd they consider it ethical to scrape private financial information and then present it as a nifty notification, and even more absurd that users don't see an issue with it.

Even many people who are aware of what's going on, who are having the thing done to them, are fine with it, which is a pretty good argument against, "I can't believe anyone would think this is ethical". Apparently a large portion of the target demographic thinks it is, indeed, ethical.

> even more absurd that users don't see an issue with it

I don't see it as absurd, for the same reasons I've elaborated on elsewhere in the thread: the benefits are concrete and current, while the harms are nebulous/potential/abstract.

> deeply unethical the way it was presented to me as a user

How was it presented to you in a way that you found deeply unethical? As I understand it shows up as a soft notification on your phone.

It is unethical, or at the very least, unsettling the way it is presented. I am actually in awe at how many folks - especially HN folks - are ok with this.

Years ago, I looked at my Google dashboard. They knew when i filed for taxes, how much was owed/reimbursed, my medical history. NONE of which I consented to Google using.

Google is constantly eroding the expectation of privacy we have wrt to our emails (and probably other things that are expected to stay private, if you are on android), and this bothers me on a fundamental level. And additionally, we have constructed a world for ourselves such that not using these services to not expose private information is practically not an option anymore.

I am a mixture of shocked and saddened that the HN crowd (at least so far, hudging from the comments) thinks it is a-OK for this to happen.

> NONE of which I consented to Google using.

And that is where you are wrong. You DID consent to this use of the information in your email when you signed up with Google as your email provider. They don't exactly make any secret of the fact that the emails in your account will be data-mined, both for the various assistant features they offer and for their own business purposes, including marketing.

It is not Google's fault that you failed to consider the obvious implications of that consent.

> And additionally, we have constructed a world for ourselves such that not using these services to not expose private information is practically not an option anymore.

You have plenty of options. There are email providers other than Google, and means of communication other than email. Encryption is also widely available for those motivated enough to use it.

> You DID consent to this use of the information in your email when you signed up with Google as your email provider.

No, I (not the original poster) didn't. I signed up with a Gmail account years before any of this existed, and I never would have guessed they would do what the original poster is concerned about. At no point was I informed that this type of stuff would start happening. I figured it out by reading a lot of tech news that the average person does not. As such, I've moved away from Gmail, but there are probably millions of people who aren't OK with it, but don't know it's happening.

> I signed up with a Gmail account years before any of this existed, and I never would have guessed they would do what the original poster is concerned about.

Whether or not you realized how the information could be used, you did consent for Google to have that information by choosing them as your email provider. Anyone with a modicum of understanding of how email works would realize that the content of any unencrypted email is readily available to the entity which receives and stores the email, along with the sender's email provider and the operators of any services it might pass through prior to final delivery. If anything this is even more obvious with webmail services. The only reason people are upset at Google here is that Google is more up-front than the average free email provider about the extent of the information they have and how it can be used. They didn't have to reveal what they know or provide controls over it or use it to offer services for their users' benefit. Sure, they also use it for advertising—but that was always part of the deal, since long before any of these other features existed. Yet it's these aspects that benefit the user that people seem to complain about the most, because it highlights aspects of the relationship they wouldn't otherwise have bothered to consider.

Actually, it was not always part of the deal. Back when i signed up for the service, it was still in private beta. They had a cheesy little counter with how much space you were granted (1GB to start with). Terms of Sevice were an afterthought, and sure as hell there was not a clause to sift through your mail. I remember when they put that clause in their ToS finally a few years later and it was a HUGE deal.

And look where we are now. Not only is it expected (!!) but people are telling us to suck it up, this is how it’s always been (it wasn’t) and it’s our own fault because we didn’t read the ToS. When did this become the norm, and when did it even become acceptable??

I signed up with gmail back when it was by invite only, around 2003. So you’re absolutely right.

> There are email providers other than Google, and means of communication other than email. Encryption is also widely available for those motivated enough to use it.

One more point I’m concerned about is that Google is changing the standard of what is acceptable for an email provider, to read your emails and use them how they see fit. This is something people casually gloss over. Would you be equally as upset if UPS or FedEx looked inside your packages and then bombard you with adverts, or sell the data to someone else?

> Would you be equally as upset if UPS or FedEx looked inside your packages ... ?

Those packages are sealed. Emails are not, unless the content is encrypted, in which case Google wouldn't have access either. UPS and FedEx are welcome to what information they can glean from the outside of the package. It wouldn't surprise me to learn that packages are routinely X-rayed or subjected to other non-invasive scans, either. Certainly packages crossing an international border are frequently opened and searched by Customs, whatever the carrier and sender might prefer.

More to the point, when you send a package with UPS or FedEx that is a paid service carried out under the terms of a pre-agreed contract. The conditions under which a package may be opened, and how any information about the package may be used, are dictated by that contract. Email is a much less formal system relying on anonymous intermediaries; neither the sender nor the recipient is paying for secure end-to-end delivery. Frankly, there is no reason to assume any email is truly private. You have no idea how many distinct parties may have access to it before it's delivered to its final destination. That's true even if you run your own mail server, let alone relying on a free service offered by an advertising company.

One last thing. Do you really think Google is setting precedent here, "changing the standard of what is acceptable"? Businesses offering free email services to the public have always data-mined users' emails for advertising purposes. Google is just more up-front about it, and more inclined to use at least some of that data-mining to provide add-on services of actual value to most users.

Some people appreciate the convenience of an automated valet, and use opsec to have their sensitive conversations on secure channels. It's not any more secure to store all your data on a webmail server that doesn't provide the Assistant stuff -- they can still leak or sell that data.

> but just the fact that engineers at Google thought users would appreciate having their private financial information parsed and stored by Google services is absurd.

Counterpoint: I find this feature super useful. (and I know a lot of other people who do as well).

> push notifications from Android for my credit card payment with my exact balance due

Or "you have been served with a summons to appear at... See transportation options" (beta soon?). When a company has so completely lost sight of what its customers see as creepy that it advertises creepiness as a feature, it has lost its way.

Can't we make the same argument about Apple. What happens when apple stops being apple, when they don't have the smart phone dominance and decides to venture back into Ads. Or who owns apple when someone else has to.

I understand why anyone would want ios now but your argument is about the future.

The point the parent is making is that Apple doesn’t have your data in the first place, therefore if things go south, or they become nefarious, you’ll have to give them your data first.

Umm Multiple apple services collect data on your usage like Google does. They don't use this data for Ads Personalization but they do have the data.

[Citation needed] mate.

Meanwhile take a moment and review Apple's stance on privacy and security before you continue [1] [2] [3].

[1] https://www.apple.com/privacy/manage-your-privacy/

[2] https://www.apple.com/privacy/approach-to-privacy/

[3] https://www.apple.com/business/site/docs/iOS_Security_Guide....

> Umm Multiple apple services collect data on your usage like Google does. They don't use this data for Ads Personalization but they do have the data.

Provide a source. Apple is pretty transparent in its iCloud security overview[1] and iOS Privacy Whitepaper[2].

[1]: https://support.apple.com/en-us/HT202303

[2]: https://www.apple.com/business/site/docs/iOS_Security_Guide....

I'd rather like to have the "source" of iOS/iCloud client and verify if they behave as they claim.

Sure...but currently Apple is (seemingly) more privacy focused than Gಠ۾ಠgle.

It seems totally ridiculous to put pie in the sky faith and trust in one trillion dollar globalist publicly traded corporation over another.

Your point is well taken, but 100 years will anyone care that you had the flu on May 7 2019?

>Who the fuck owns MySpace now?

It's all deleted. https://www.theverge.com/2019/3/18/18271023/myspace-music-vi...

> but 100 years will anyone care that you had the flu on May 7 2019

My future health care provider might. Maybe they’ll spike rates by figuring out how often I’m ill using this data.

Maybe I will marry a congressman someday and the sext that I sent today to my BF will be used to blackmail us.

Maybe 30 years from now, people will be able to use my youthful indiscretions as leverage.

Maybe I won’t get certain jobs because of where I’ve been or whom I’ve accidentally been close to in the location data.

Maybe my sleeping habits will lead to higher life insurance rates.

Russia and private actors have already personally targeted millions of people using highly directed ads to move an election using publicly available data. Imagine what they could do with Google’s data. Target congressional aides? Target the POTUS’ mistress (or mister)?

In the hands of a Caesar or a Napoleon that data is the power to reshape the Earth, smite your enemies, eviscerate any obstacles and remake the holder into an invincible demi-god.

It's all true, but to protect yourself from all that, you're going to have to keep your data away from Apple as well (i.e no iCloud drive/photos/calendar/mail, etc)

Not running algorithms for ad targeting doesn't make the data any more secure. Only end-to-end encryption does.

This has always seemed pretty straightforward to me, so I simply don't store things that need to stay private on other people's machines. If I want to keep it private then I keep it to myself, and that's that. If I put it out into the world, I assume it's out there to be seen, and it doesn't really matter what privacy guarantees people claim to make today because policies may always change tomorrow.

I do make one exception to this, in that I have a long-standing business arrangement with a company that manages my mail and web server, but I am paying them for a specific service which they have been completely reliable about providing, so I feel generally comfortable with that.

I feel badly for people who haven't had the advantage of growing up with all this stuff and are therefore having to learn these lessons the hard way. Lots of painful experiences out there.

I have a feeling such privacy-conscious decisions will eventually have consequences, akin to the social-ranking systems from that episode of Black Mirror, or in China[0], where in both instances various forms of punishment are dealt to those not contributing "positive" data to the cloud.

It seems like there aren't very many people who really care about privacy... and they would be easy to single out and punish.

On that note, enjoy your semblance of privacy now... while you still can!

[0]: https://www.businessinsider.de/video-china-train-warns-citiz...

This has always seemed pretty straightforward to me, so I simply don't store things that need to stay private on other people's machines

But what's the definition of "other peoples' machines?"

If you run Windows 10, it's not really your machine. You don't have full control over it, do you? It updates and reboots when Microsoft tells it to, not when you tell it to.

If you use a smartphone, that's not your machine, either. If you can't read and write every byte of storage from the baseband processor to the video chipset, but the company who sold you the phone can, then that means it's their machine, and not yours.

If you use a Linux box or a Mac, I hope you never plug an Ethernet cable into it, because that effectively turns your machine into a dumb terminal on a system that isn't yours, just as the Oracle (Corporation) foretold.

"Keeping it to yourself" gets a little less practical every year, it seems.

Yeah, it's a challenge, all right. No, I don't use Windows - not at all. I'm aware of the issues with baseband processors, and therefore make very limited use of phones; I know that basically everything I do is, or could be, snooped on. I try to manage the risk of using the phone as a communication device by using Signal, but I understand it's not a panacea. I'm currently using a BlackBerry KeyOne, because I really like the keyboard, and because they actually seem to put some effort into device security. Every little bit helps, eh?

My devices all connect to a wifi router at home that I bought and configured myself, which bridges to my ISP's modem. Has it been hacked...? Well, I hope not. I do the best I can. My laptops have all been ThinkPads running Linux, for years. I love the maintainability, and the fact that I can turn off wifi with a physical switch is a nice bonus. I'd like to try out a Purism laptop someday, if I can ever afford it.

I take comfort in the fact that nobody really cares what I am doing and I am not worth the effort of a focused attack. If I ever got involved in politics or activism, I might manage my risks differently. It is frustrating for me that the world continues to drift further away from the way I'd prefer it to be, in this arena, but my desires are extreme, so I suppose that's to be expected.

I thought that stuff was all encrypted, and Apple couldn't see it?

It is encrypted (except email) but Apple has the keys for the stuff I listed: https://support.apple.com/en-gb/HT202303

Also, in China Apple handed over iCloud operations to a government owned company, including the keys.

I don’t see Apple having access to keys there. Could you point it out? CTRL+F for “key” came up with 7 results but nothing to suggest Apple holds them and can decrypt. Apologies.

There's a section about half way down that lists all end-to-end encrypted data (keychain, health, payment data, ...).

By implication, all other data is not end-to-end encrypted. That includes iCloud drive, photos, calendar, contacts and mail.

Also one big deal is how Apple handles key distribution. They absolutely could MitM that connection to get access to the user's keychain and the UI doesn't really give the user any feasible way to detect that Apple has added their own key instead of just the key for your other device that Apple doesn't control. It's "end to end encrypted" but if you just handwave away key distribution and leave that up to Apple, what's the point other than a marketing gimmick?

Are we reading the same support article? https://support.apple.com/en-gb/HT202303

Specifically listed as encrypted in transit and on server:

- iCloud Drive

- Photos

- Calendar

- Contacts

Only mail is not according to this support article.

Edit: I see the omission now. These things are not listed under the end-to-end section.

Yes, exactly, so that data is encrypted on the server using a key that is in Apple's possession.

It _is_ encrypted, Apple cannot see it. The parent comment is mistaken

I'm afraid you are mistaken: https://support.apple.com/en-gb/HT202303

Reading that article, the confusion is easy to explain and looks intentional.

It reads "For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information" and then immediate shows a giant table of data that is NOT end-to-end encrypted, but not labelled as such -- it's only inferrable by its omissions from the next section of the document.

I agree. It doesn't look like Apple was particularly keen on letting people know that they can actually read most data that people consider private.

>Apple cannot see it.

How can you be sure? End to end encryption is not a guarantee when you're inputting your key into a closed source client to store and retrieve the data.

Especially given that key distribution is totally up to Apple and the end user has no practical way to verify that the key for "My iMac" is really the same key that's actually used by your iMac.

Yea, it's interesting how many comments are flat out wrong

or can't seem to differentiate between what Google does now ...vs what might happen with Apple in the future.

If you think that I am flat out wrong then please provide evidence. In this particular case it is you and Dig1t who are flat out wrong if you claim that Apple cannot see the iCloud data I specifically listed.

Also, I didn't say anything about what Apple might or might not do in the future. I made a distinction between worries about ad targeting and security issues that come with storing data in the cloud without end-to-end encryption.

Maybe they'll lower your rates by figuring out how often you're ill. Similarly with life insurance. Or they might not change.

Maybe someone will try to blackmail you and your congressman husband, but both of you will just shrug, because no one cares at all about nudes. Not even you, after a few more decades of information wanting to be free and becoming free and public.

Maybe it's better that you didn't get those jobs and you find something else. With all the extra data out there, maybe there'll be a service that'll match you up with doing something you really want to do that fulfills your soul instead of sucks it.

Why do you suppose that with more information election manipulation will be one-sided in favor of certain manipulators over other manipulators or even suppressors? I'm told FB does a great job suppressing all kinds of data from spreading, I don't imagine they'll get worse at it. We also have all the other manipulators manipulating in exactly the opposite direction as any particular manipulator you want to call out. Seems like a wash.

Your concerns all boil down to big maybes about mildly increased financial burden and people increasing their sensitivity to private info being exposed despite decades of trends implying the opposite. In the hands of a Caesar, this isn't the power to reshape the Earth at all, especially when it's never going to be in the hands of one entity.

That's a whole lot a Maybe that's drastically at odds with millenia of human nature and human history.

drastically at odds with Corporate nature and Corporate history.

>this isn't the power to reshape the Earth at all

Then why are there so many tech companies obsessed with "changing the world"?

None of your rebuttal did anything to negate the fact that big data can be and is used as a weapon the likes of which the world has never seen before.

These would be big problem, but even worse is that you wouldn't know if they know.

Like getting ghosted after a job interview. You will have _no idea_ what caused the rejection. Or, as to your examples, you will have no idea if and/or why you're getting charged more.

> > but 100 years will anyone care that you had the flu on May 7 2019

> My future health care provider might. Maybe they’ll spike rates by figuring out how often I’m ill using this data.

You seem to be perhaps a little too optimistic about your life expectancy.

A charitable reading would be the coming decades.

If I’m truly lucky, it could be a century. It’s something I try to work for. I have 2X chromosomes, am nominally healthy with CR and replicating the best anti-aging treatments of our time (retinoids for skin, exercise, nicotinamide riboside etc). Barring the unforeseen, my genes and efforts will probably lead to an extremely long healthy life span.

I wasn’t really making a criticism, just a light-hearted joke. I had to do a double take when I read that part of the response. Best of luck to living past 100, if you do I am sure I will be long gone.

I hope not :(

From your HN comments, it feels like the world would be a poorer and darker place without you in it. People like you make a life worth living and a long one worth striving for. If we all take care of our health (with a little chemical help along the way) maybe we’ll all get to see what’s next together? :)

Thanks for the kind words. My family history a pretty high risk of stroke, heart attacks, cancer, etc. but I would be open to defying the odds, if that’s going to happen.

Modern interventions like nicotinamide riboside and caloric restriction have evidence behind them and work. There are communities dedicated to this. There’s an entire world of people (and quacks) out there who can help along with your doctor. It’s worth a shot.

also a lot of work done by sens organization on age related illness and plans to reverse much of it assuming they get funding.

100 years will anyone care that you had the flu on May 7 2019?

Epidemiologists? Researchers? Academics? Governments trying to model future disease response based on historical trends?

Just off the top of my head.

In this case I say let them have it.

> It's all deleted.

They deleted 12 years of music uploads, not everything. Username, email, bio, friends, etc. still exists somewhere, but who owns it? What do they intend to do with it?

> What do they intend to do with it?

Reveal my Top 8 when I run for congress?

Hope your Top-8 doesn't include someone who becomes a persona non grata (or religion non grata, or race non grata...) in the future.

If you zoom far enough into the future nothing really matters. We still care about now and what happens in our lifetimes. I don’t want to miss out on a great job 10 years from now, or miss insurance coverage at anytime in my future because of Google even if i don’t care how much of this data will be around 100 years from now

If it's, say, 10 instead of 100 years and something more serious than a flu, insurance companies or future employers for instance might care?

You think Apple is less evil than Google?

Remember that Apple has been cracked by the FBI, has proprietary connectors, and charges more than anyone.

I couldn't disagree more. Apple is horrible to customers and developers.

Apple got a ton of flak for adopting USB-C way before anyone else, which is the opposite of proprietary.

I also don't see how "being cracked by the FBI" makes one evil, in fact I think resisting the FBI in the first place makes them good.

Why are people downvoting your comment here? You are 100% correct. Apple also made significant contributions to the development of USB-C and have the best implementation of USB-C with Thunderbolt 3 in their products bar none.

Yes, the iPhone still ships with Lightning connectors. But Lightning was revolutionary in a world full of phenomenally shitty Micro-USB connectors. It's really not a big deal, and Apple will move to USB-C for sure eventually.

Right completely ignore what Google did for USB-C ? And what one google engineer Benson Leung did for USB-C cables ?

Why the need for such a petulant and childish response? Did I say that Google and Benson didn't contribute to USB-C? No. Neither did I phrase it as if Apple was the only contributor.

So what's with the defensiveness?

You mean the Apple that has designed all their hardware and software to not spy on you?

You mean the Apple that takes IoT security seriously that involves a certification process versus Google who just killed off their Nest ecosystem?

You mean the Apple that stood up to the FBI?

Sure proprietary connectors are on some of their products, but it sounds like you consider USB-C proprietary now? Apple has moved a number of their devices to USB-C and that will probably only go up overtime.

Apple has physical retail presence, which makes purchases, repairs, and other interactions easy for customers.

Apple isn't perfect, but I don't think you're looking at the same Apple everyone else is.

So proprietary that I'm charging my Lenovo with an Apple power brick.

I was pretty surprised when I charged by Pixel with an Apple charger and the MacBook power brick. I knew they used USB C but wrongly assumed they'd not work.

Remember that Apple didn't help the FBI in breaking it. Apple stood up to the FBI. The FBI later went to an Israeli firm to crack it.

> "I nominally pay for these services..."

you give them all that valuable personal and private data and then also pay them? why are you so resigned to this? the tradeoff for knowing everything about you gives you what, a few less taps on your phone?

people ignored or minimized it then, but their direction was abundantly clear by 2004 or so: search -> adwords -> adsense -> gmail ---> all-your-data-everywhere (gmail seemed cool at the time until the realization of where all this was going). how is it that so many people are just now waking up to the dangers of google (and facebook, incidentally)?

Is it really that hard to understand? What's the concrete harm so far?

I've been using Google for a couple decades, and I can't really articulate a specific way that I've been harmed. Yes, I realize that there's the potential for harm from a leak or something like that, but it's hardly surprising that the abstract notion of possible harm isn't super compelling to the average user when they're currently getting useful services for "free".

The 'concrete harm' part comes into play when a corporation or nation-state weaponizes this data in order to sell you a product, influence your thoughts on a political matter, or otherwise manipulate you.

If you're of the opinion that this is not problematic on a fabric-of-society level, could you please explain why?

you're rationalizing, i.e., looking the other way to avoid cognitive dissonance. but part of why we have such big brains is to anticipate the future, not simply accept events as they occur. what might the future you say? should we ignore that gas leak in the kitchen because it hasn't killed anyone yet?

it's important to expose this kind of mis-rationalization, especially when tiny individual harms accumulate otherwise silently to become population-level dangers (e.g., measles).

This word, I don't think it means what you think it means.

> should we ignore that gas leak in the kitchen because it hasn't killed anyone yet?

No, but it's hard to see how using personal data to sell ads is going to cause a harm anywhere near as bad as a person dying.

> "...using personal data to sell ads..."

again with the misdirection. look the other way if you like, but you're letting google choose the information you access and believe (even with ads). if you don't understand the power therein, maybe you should study more of your namesake.

It's not misdirection, nor is it looking the other way; I simply don't have a problem with it. You seem to have a bit of trouble with language there.

There's no current concrete harm, and the potential for serious harm just looks unlikely to occur.

>it's hard to see how using personal data to sell ads is going to cause a harm anywhere near as bad as a person dying

No need for imagination, simply read history:


That's a fair point, but it falls flat with me personally the same way arguments about gun control and the potential to use guns in revolutions against autocratic regimes fall flat with me: it just seems incredibly unlikely in this day and age, at least in developed countries.

Like, the US once rounded up Japanese people and put them in camps. Using your same reasoning, one could argue that the government collecting any data on race/ethnicity anywhere -- like, say, on the census -- is a slippery slope to interning racial minorities again. And yet, almost nobody really cares in practice, because almost nobody thinks there's a realistic chance of that happening again.

Governments have also, at times, discriminated against people for their sexuality, or gender, so should the government never be allowed to gather any information on those attributes?

>it just seems incredibly unlikely in this day and age, at least in developed countries.

This opinion wouldn't be quite as naive if there was some magical boundary that keeps digital information solely in the hands of benevolent rulers in developed countries, but there's not.

>Governments have also, at times, discriminated against people for their sexuality, or gender, so should the government never be allowed to gather any information on those attributes?

That's somewhat like how some gun rights advocates say it's futile to ban guns because you can just kill people with knives, so why don't we ban knives too?

We're talking about virtually total information awareness which is far more powerful, problematic, and discriminate than knowledge of superficial attributes such as race and gender.


To be fair, none of that involved selling ads.

It involved the mass collection of personal information (what Google does in order to sell ads), which was then weaponized and used for purposes other than originally implied

You could say the same thing about the US census, and yet hardly anybody seems to object to it, despite the government having interned a whole race of people in its history.

If something is convenient for people and saves them time, they are willing to close their eyes about lost privacy. Until it directly bites them of course -- which won't happen to most of us.

It's just how we tick. And a lot of marketing strategies are based on those specifics.

Indeed, the contract we sign is not “do I trust Google,” it is “do I trust Google in perpetuity.”

I can think of many, many outcomes wherein Google’s collected data is more valuable for uses other than “helpful”.

Well, as of right now, you can choose to delete your data, so it's not necessarily perpetual.

Of course, absent something like GDPR, it's possible in the future Google could change their minds about that.

Curious. What do you think happens when Apple goes under?

Isn't that the whole argument? If Apple goes under, they can't sell off data they didn't collect?

I'm comfortable with what Google knows about me, and I'm very willing to give them all this information for the technology and convenience they provide. Apple's AI isn't competitive at this time.

I love Google. I bought an Oppo phone. But all my data goes through their app - even when i switch off their SMS feature that data still goes through their app and i guess they intercept it and send it to a dial home server. And I'd rather my data goes to Google. So when I can afford a Google Pixel - gonna buy one

But anyone who thinks he's wrong - Remember into whose hands Java fell.

Sun was a colossal screw up, though. IBM is still around, making billions. As is Microsoft.

Google will probably bury me.

Speaking of MySpace, I noticed in yesterday's keynote that Google controlled the end-to-end (E2E) user experience for their demos to work flawlessly.

The value proposition to Developers was not very clear, but I imagine a few bad 3rd party apps could severely harm the E2E Google experience.

Existential crises aside, I would really prefer to have a phone that I can program as directly and extensively as a raspberry pi.

"Google is already not Google."

The minute their CEO went all-in on a US Presidential election well, that ol' Rubicon got crossed.

I also prefer the value proposition of the Apple ecosystem - I give Apple money and they give me stuff -the point of the article is that Apple’s business model puts their products out of reach for most of the world.

its not that people can't see truth due to intelligence. the ability to see truth has requires only average levels of g. rather, the ability is bestowed as a gift. the gift is in the form of trauma through which the actual state of things forcefully injects itself into one's consciousness uprooting the foundations of self and inserting itself. and until death, it stays.

> what happens when google is Google no more?

Google already have many, many advertising partners to whom they gladly provide your location and other data. But they anonymize it, so you are safe ;)

Generally, Google sells ads against your data, they don't sell the data itself.

How can I buy anonymized location data? Is there a landing page for that service?

This is a lie.

> But they anonymize it, so you are safe

For now...

There is a contingency: GDPR. Use my data in ways I don't agree with and you are breaking the law. Best we can do in a world where information wants to and will be free, imo.

Consent is one legal basis for use of data under GDPR, but there are others.

Research use is one but you have to show that re-consenting is an unreasonable effort. Research use comes with a obligation to make sure data is anonymous and results have to be made public (for the common good).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact