There's never any ackonowledgement in these paternalistic, patronising, PR-driven "articles" that someone, namely the computer owner, could actually modify the OS to be more secure. Any modification is presumed a security loss.
Yet, for example, this OS is trying to phone home to Google literally every few seconds if the owner takes control of DNS. Maybe the owner does not want the OS to keep trying to make requests for /generate_204 or /gen_204 to various Google domains to try to determine whether the owner is online or offline. Maybe it's none of Google's business. Maybe the computer owner knows when the computer is online and when it is offline because she is the one controlling that. Thus, the owner gets a message "You are offline." even when she is online. Poorly considered heuristic.
Unless it's doing what the computer owner wants, then Google's software is, for that owner, "malware". Google presumes no one should tamper with this malware. Google has assumed the computer owner "trusts" Google. Let it run. Anyone who modifies it is a "malicious" baddie. Except Google.
All this for the purpose of providing advertising services to advertisers, not "security" to ad targets. There is no such thing as "free" security. And this is what Google purports to provide.
Ultimately, the computer owner makes the call what is and what is not "malware". Google, like other so-called "tech" companies, has appointed itself the default decision-maker on an issue on which it has no granted authority. If the computer does not belong to Google, then it is not Google's decision to make.
>>More specifically, the new Android safety measure uses public cryptographic logs—digital bookkeeping systems—to show what a Pixel installation should look like. Entries can be appended to these logs when new software is released, but they can't be changed or deleted. In other words, any unauthorized edits are going to stand out.
The logs use what's known as a Merkle tree to maintain the integrity of the records within them, a cryptographic structure that speeds up the process of checking large amounts of data for any tampering. The approach means that much smaller portions of data can be analyzed to identify whether or not any changes have been made.<<
Yet, for example, this OS is trying to phone home to Google literally every few seconds if the owner takes control of DNS. Maybe the owner does not want the OS to keep trying to make requests for /generate_204 or /gen_204 to various Google domains to try to determine whether the owner is online or offline. Maybe it's none of Google's business. Maybe the computer owner knows when the computer is online and when it is offline because she is the one controlling that. Thus, the owner gets a message "You are offline." even when she is online. Poorly considered heuristic.
Unless it's doing what the computer owner wants, then Google's software is, for that owner, "malware". Google presumes no one should tamper with this malware. Google has assumed the computer owner "trusts" Google. Let it run. Anyone who modifies it is a "malicious" baddie. Except Google.
All this for the purpose of providing advertising services to advertisers, not "security" to ad targets. There is no such thing as "free" security. And this is what Google purports to provide.
Ultimately, the computer owner makes the call what is and what is not "malware". Google, like other so-called "tech" companies, has appointed itself the default decision-maker on an issue on which it has no granted authority. If the computer does not belong to Google, then it is not Google's decision to make.