[HN Gopher] Google collects 20 times more telemetry from Android...
___________________________________________________________________
Google collects 20 times more telemetry from Android devices than
Apple from iOS
Author : gormandizer
Score : 407 points
Date : 2021-03-30 19:32 UTC (3 hours ago)
(HTM) web link (therecord.media)
(TXT) w3m dump (therecord.media)
| PieUser wrote:
| and microsoft probably collects 200X from windows...
| nixass wrote:
| Google - if you're explaining you're losing
| teraflop wrote:
| "20X more telemetry", in terms of data usage, is a pretty
| meaningless statistic on its own (unless it's large enough to
| affect your mobile data cap or something).
|
| For instance, I would consider it a much bigger privacy violation
| for my phone to transmit my exact location every hour than my
| current CPU usage every 10 seconds.
| swiley wrote:
| Sending telemetry can get expensive: in situations where
| bandwidth/throughput is restricted people often get picky about
| giving PCs with Windows installed internet access because of
| this. It can be bad even in normal situations: My girlfriend's
| laptop has so much broken telemetry crap between Microsoft and
| HP that her applications actually get pushed into swap (or
| whatever it's called on Windows.)
| wmichelin wrote:
| Sending telemetry _poorly_ can get expensive. A good client
| can aggregate, even compress locally, and publish telemetry
| in batches. Let's not rule out telemetry entirely because of
| bad implementations.
|
| I'd say the moral of the story here is that Microsoft and HP
| just write shitty software.
| kllrnohj wrote:
| Which Apple is apparently doing - they send location, local IP,
| and nearby wifi mac addresses even when you're not logged in.
| Similarly Apple is collecting more data types than Google
| according to the research paper.
| threeseed wrote:
| Please provide evidence of this because Apple's official
| documentation says otherwise:
|
| https://support.apple.com/en-us/HT203033
|
| They do send nearly WiFi hotspots for crowd sourcing purposes
| but it is never in conjunction with your local IP address
| (which is an identifying piece of information).
| godelski wrote:
| It's in the article that we're in the thread for. Table
| 1[0]
|
| [0] https://therecord.media/wp-
| content/uploads/2021/03/Telemetry...
| rOOb85 wrote:
| Did you read the OP article? The researchers clearly
| outline what apple is phoning home. They even made a nice
| clean table showing what apple and google are sending back
| to themselves.
| threeseed wrote:
| I read the article and it's wrong.
|
| Apple does not explicitly "send" the user's IP address.
| It naturally is accessible on their end as a result of
| the TCP/IP protocol. But Apple has made quite clear that
| it does not use that information in any way.
| PurpleFoxy wrote:
| The wifi thing is fine/good IMO. It allows everyone to get
| their location without gps. It's what let's devices with no
| gps like the MacBook and ipad to get their current
| location. Google does the exact same thing although they
| used street view cars for the initial dataset.
| drewmol wrote:
| Allowing wifi mac addresses, ssids, bssids, etc. of leased
| equipment in combination with subscriber address/goelocation
| to be shared or otherwise disclosed to third party
| affiliates, partners, agencies is a requirement included in
| the fine print of some residential ISP's agreement terms I've
| read, fwiw.
|
| I assumed that this probably is implemented as a 'non-public'
| goelocation service api as well raw data sharing agreements
| in some cases, but I'd doubt the data 'processors' and
| 'controllers' are known to anyone outside those parties.
| [deleted]
| kuratkull wrote:
| I was also surprised by the emphasis on "20x more data" aspect.
| The table on kinds-of-data sent was showing Apple in a much
| more negative light.
| ed25519FUUU wrote:
| This is precisely why I always choose to use the mobile version
| of a site/app _rather_ than the app if it 's available.
|
| Safari has great adblocking. Also, the mobile version of a site
| is typically a superior UX compared to apps because the controls
| are consistent. It's usually faster, and best of all, it's _MUCH_
| easier to block all of the tracking.
| mustaflex wrote:
| I went to visit an apartment to rent with a friend. While waiting
| for the owner my friend was reading the names on the mailbox, and
| read the "x" out loud said "this person is probably Romanian". I
| when I was home I had notification if I knew this "x" person. All
| this time my phone was in my pocket. It is just creepy and I'm
| going to change my pixel 2 as soon as I can for an Iphone.
| hindsightbias wrote:
| You are the Product.
|
| It's always interesting how Android is given the benefit of the
| doubt on intent and that never happens with iOS.
| aasasd wrote:
| I'm waiting for a traffic analysis to turn up that Google gathers
| location, wifi APs and cell towers even when all possible consent
| is revoked. Because, with Google's greed, no way I'm believing
| that they would give that up, and I'm not turning the location
| service on.
|
| Reminder that Google literally provides a location database for
| US cops, who are getting bulk data on people simply being in some
| place at some time and doing nothing wrong:
| https://www.nytimes.com/2019/04/13/technology/google-sensorv...
| Meanwhile other countries want to make Google store that data on
| their territory when it's about their citizens.
| laurensr wrote:
| Could an admin please adjust the typo in the title? Goolgle ->
| Google
| judge2020 wrote:
| The OP can also edit the title for a period of time after
| submission.
| dltj wrote:
| In addition to size of the data transmission being a poor measure
| of privacy implications (XML versus JSON anyone?), this paragraph
| is nonsense: "The University of Dublin professor says that this
| expansive data collection raises at least two major concerns.
| First, that the telemetry can be used to link physical devices to
| personal details, data that both companies are most likely
| exploiting for advertising purposes."
|
| Apple doesn't have an advertising business, nor does it share
| that information with advertisers.
| Rebelgecko wrote:
| Apple supposedly makes billions every year from ad revenue. Not
| a core part of their business but still nothing to sneeze at
|
| In addition to https://searchads.apple.com there's ads in the
| stock and news apps.
| [deleted]
| mankyd wrote:
| Not mentioned in the headline: When the user is _not_ logged in,
| iOS collects "location" whereas Android does not.
|
| I am actually a little surprised that iOS would gather this
| information. What use would it serve?
| titzer wrote:
| > When the user is _not_ logged in, iOS collects "location"
| whereas Android does not.
|
| This may be only _technically_ true. It 's not Android, it's
| Google Play Services, which collects "anonymized", high-
| accuracy[1] location data _constantly_.
|
| [1] Yeah, that's actually a contradiction-in-terms. There is no
| such thing as anonymized, high-accuracy location data.
| twobitshifter wrote:
| It doesn't seem like they actually "collect" this information
| with any identifier and only use it for limited strict
| purposes. This is unlike google who can pop up a map of
| everywhere you've been minute by minute over the last 5 years.
| I guess that's only when you're logged in to your google
| account, but that's 99% of Android phones.
| the_dune_13 wrote:
| Find my iphone?
| scep12 wrote:
| This is for logged-out. I believe find-my-iphone is only for
| users logged into their iCloud accounts.
| oarsinsync wrote:
| You are correct, Find My ... only works if you're signed in
| with an Apple ID to iCloud.
| simonh wrote:
| You really expect the headline to list out arbitrary specific
| examples?
| onedognight wrote:
| Find My Phone? It is a choice to enroll in this, and it's
| mighty convenient when you lose or get your phone stolen.
| jayd16 wrote:
| That works when you're not logged in?
| neura wrote:
| Can you even imagine? Lost your phone? Did you make sure
| that you were logged in before you lost it? Did the thief
| reset the phone and log you out? Oh, guess you can't find
| your phone now. Sorry.
| [deleted]
| dnh44 wrote:
| Once you're signed in you stay signed in and you can't
| sign out without authenticating. Resetting the phone
| doesn't bypass this.
| ocdtrekkie wrote:
| One of the services Apple generally provides is that a
| phone is locked to a given Apple ID, such that if you wipe
| it, it still knows it belongs to a given owner, and you
| need to unlock that for someone else to activate it. It
| wouldn't be unreasonable to suggest Apple would want Find
| My iPhone to work even after it's reset.
|
| That being said, my theory is in another comment.
| nielsbot wrote:
| Yes, when your phone is locked, but only if you've logged
| the phone into your iCloud account.
| mankyd wrote:
| Presumably it could wait until someone actually asks for the
| phone's location in that case. No need to report the location
| if no one's asked for it.
| judge2020 wrote:
| No, it's the location it uses to report to Apple Maps for the
| purposes of improving traffic.
| aaplthrowaway44 wrote:
| Much, much more than traffic, though that is useful. The
| anonymized probe data is used to refine business driveways
| inferred from satellite imagery, for example. That's why
| suddenly Maps can often route you to the correct parking
| lot instead of a nearby curb. Think about it: if you know a
| phone is navigating to Safeway, where the user _stops_
| navigation is potentially interesting in aggregate and
| divulges almost nothing except the average parking
| preference of an iOS user.
|
| Source: Worked on that. One example of hundreds.
| jayd16 wrote:
| Might be for crowd sourcing open wifi location data.
| livre wrote:
| > When the user is _not_ logged in
|
| Does this matter? How many people do you know that aren't
| logged in on their phones? It is literally one the first things
| Android asks you to do even before showing you the main screen.
| kuratkull wrote:
| I also found this to be an almost useless case to examine.
| The number of people not-logged-in must be infinitesimal.
| PurpleFoxy wrote:
| I didn't think iOS even lets you past the welcome screen
| without signing in.
| oarsinsync wrote:
| iOS setup encourages you to sign in or create an account if
| necessary. Skipping is also an option.
| ocdtrekkie wrote:
| It's possible this is referring to this feature:
| https://krebsonsecurity.com/2019/12/apple-explains-mysteriou...
|
| Generally speaking, Apple is drastically better about location
| services privacy. For instance, Apple Maps does not tie any
| location data nor direction requests to your Apple ID, and
| regularly rotates identifiers for devices used by the service:
| https://support.apple.com/en-us/HT212039
| 6gvONxR4sf7o wrote:
| That link is returning "429 Too Many Requests." What feature
| is it you're referring to?
| ocdtrekkie wrote:
| There's an Ultra Wideband radio in the iPhone 11 and newer
| that isn't legal to use in all countries. Apple uses a
| location request sometimes just to determine if the device
| can legally run that radio or not.
| 6gvONxR4sf7o wrote:
| Thanks!
| fapjacks wrote:
| It's nice of you to accept Apple's calling it "radio" but
| UWB is radar technology. Newer iPhones have radar built
| into them to make their location tracking more precise.
| Most people don't understand (or can't understand) the
| details, which is why the semantic load of calling UWB
| "radar" instead of "radio" is important for conveying its
| intended purpose.
| doctor_eval wrote:
| The RA in RADAR stands for RAdio. It's like saying "light
| pointer" instead of "laser pointer". For most people the
| distinction is irrelevant.
| mankyd wrote:
| If that's the case, they wouldn't need to report the
| location back to themselves, would they? The phone would
| simply check its coordinates, and turn it on or off.
| avianlyric wrote:
| I don't think anyone is saying that iOS does report back
| to Apple (and I don't think there is any evidence that
| iOS does this).
|
| The original concern was caused because iOS would still
| activate location services and display the icon during
| these checks, even if you had turned location services
| off completely in settings.
| mankyd wrote:
| That is exactly what the article is talking about.
| avianlyric wrote:
| I'm not sure which article your looking at, but neither
| the OP article, or the Kerbs article suggests that Apple
| is collecting location data derived from location
| services on a phone and sending it back to the
| mothership.
|
| The OP article suggests that IP data from the uploads
| could be used to estimate location, and their table has a
| "location" column. But that column seems to be
| referencing the fact that iOS reports when location
| services are turned on and off, rather than a specific
| location derived from the phones sensors.
|
| This is of course ignoring opt-in telemetry which is used
| to improve maps etc. Which obviously involves sending
| your location back to Apple.
| troysk wrote:
| There is a typo in the title. It should be Google and not
| Goolgle.
| ocdtrekkie wrote:
| " Modern cars regularly send basic data about vehicle components,
| their safety status and service schedules to car manufacturers,
| and mobile phones work in very similar ways." -Google
|
| This is a beautiful quote because it is an example of one
| industry's bad behavior leading to another industry's bad
| behavior, upon which the first industry then users the second's
| similarity to justify themselves. Cars only started doing this
| because phones made it normal. It's wrong in both cases.
|
| It's similar to when Apple defended it's 30% store cut by
| claiming it's an "industry standard"... specifically, an industry
| standard _that Apple established_.
| AlexandrB wrote:
| This may be pedantic, but Steam was collecting its 30% long
| before the App Store opened. Thought maybe that was inspired by
| Apple's cut of music revenues in the iTunes Store.
| astrange wrote:
| Older app stores and especially physical retail collected a
| lot more than 30%.
| grishka wrote:
| You pay 30% for all the hosting and listing and payment
| processing. But then you aren't _required_ to use Steam to
| distribute your game -- you could as well set up your own
| website. There 's nothing preventing you. There's no
| predatory code signing on desktop OSes.
|
| On the other hand, you can't sideload apps onto iOS devices.
| You _HAVE_ to go through Apple. You either publish on the app
| store, or you don 't have an iOS app. That's different.
| That's very different. That's antitrust-can't-happen-sooner
| different.
| threeseed wrote:
| You can side load apps onto your iOS devices.
|
| You just need to publish on the store in order to sell to
| other users.
| ajconway wrote:
| You can temporarily install your apps on your own device.
| They expire after 7 days, and you can't have more than 10
| such apps installed simultaneously.
| grishka wrote:
| No you can't. Literally the only situation when you don't
| have to sign your app with an Apple-issued certificate is
| when the device is jailbroken and has signature
| enforcement disabled.
|
| You're probably referring to one of these things:
|
| - You can install any app on your own device. This
| requires an Apple ID (but no $99 membership) and a
| certificate that Xcode automatically gets from Apple. The
| certificate is valid for 7 days, after which the app no
| longer launches. The bundle ID of the app also has to be
| globally unique.
|
| - There's "enterprise" distribution that requires a
| developer ID and a certificate. Subject to terms of use.
| Apple can revoke it at any time. Sometimes Apple turns a
| blind eye to the misuse of this, but, again, it can and
| does revoke these certificates remotely disabling any
| apps signed with them.
| jodrellblank wrote:
| You aren't _required_ to use the Apple store to distribute
| your product. You can sell to Android users and desktop
| /laptop users.
|
| > " _That 's different. That's very different_
|
| Is it? Why is it? You can't sell software to run on Kindle
| Paperwhite even though it's a full computer inside. What's
| the specific difference between that and iOS, other than
| "Apple's ecosystem and customers are desirable, so I want
| to use it" and "I don't want to pay for it"?
| threeseed wrote:
| There is no difference.
|
| Just like I can't run third party, unapproved apps on a
| Tesla, SNES, Gameboy, Samsung TV etc. Or even every
| website that has a marketplace and supports plugins e.g.
| Shopify.
| pessimizer wrote:
| Your argument rests on the strange assumption that people
| who are against IOS restricting apps on the iPhone would
| for some reason support Amazon's restrictions on Kindle
| apps.
| yellow_postit wrote:
| I can also easily load PDFs and other formats to a Kindle
| even if I didn't go through the Amazon store.
| threeseed wrote:
| And you can load content and view websites on your iPhone
| as well.
|
| We are talking about apps.
| grishka wrote:
| > You aren't required to use the Apple store to
| distribute your product. You can sell to Android users
| and desktop/laptop users.
|
| You aren't making much sense. You won't have any
| semblance of adoption if you don't have presence on iOS.
| Except maybe in India where iOS market share is tiny.
|
| > You can't sell software to run on Kindle Paperwhite
| even though it's a full computer inside.
|
| It's an appliance. It's marketed as a device to serve one
| purpose -- read books. Amazon isn't making apps for it
| either, as far as the user is concerned, there's no
| notion of application software on these things.
|
| By the way, washing machines and microwaves also have a
| full computer in them -- there's CPU, RAM, and ROM. Yes,
| tiny and underpowered. Probably not quite powerful enough
| to run Doom. Computers nonetheless, technically.
|
| Yet no one raises any objections about not being able to
| run arbitrary code on them. Precisely because of the
| marketing and expectations.
|
| > What's the specific difference between that and iOS
|
| iPhones and iPads _are_ marketed as general-purpose
| computing devices. They are not appliances by any stretch
| of imagination. Yet they are crippled because Apple has
| knowingly and deliberately put in a limitation so they
| only run code that was signed by Apple. This limits their
| general-purposefulness. This forces developers who don 't
| _want or need_ the hosting and listing still go through
| the app store.
| jodrellblank wrote:
| Apple devices aren't _crippled_ by it, they 're
| _improved_ by it. By curation and restriction. Users don
| 't buy Apple gear to pay the lowest possible price for
| software, or to sideload software, users buy Apple to get
| something that works. The whole point is that Apple is
| selling an Apple experience, not an overwhelming flood of
| "fix it yourself" freeware. Users who want that can get
| it elsewhere, they shouldn't be forced to suffer it on
| iOS as well. Taking the restrictions away isn't an
| improvement. They aren't mandatory restrictions until
| using iOS is mandatory, and it isn't.
|
| This is like a restaurant demanding smart shoes for
| customers, and you complaining that it's anti-
| competitively hurting your sneaker business and the
| restaurant should be forced to change. Customers going
| there are going there knowing the dress code applies to
| them and others, forcibly blocking that removes part of
| their reason for going there at all.
|
| > " _You aren 't making much sense. You won't have any
| semblance of adoption if you don't have presence on
| iOS._"
|
| That is the sense, you aren't required to have any
| semblance of adoption. Apple is successful by building a
| curated, restricted, "exclusive" (by perception if not
| fact) experience. You want access to the customers and
| their money, without upholding the reasons the customers
| are using that platform.
|
| > " _Yet no one raises any objections about not being
| able to run arbitrary code on them. Precisely because of
| the marketing and expectations._ "
|
| Now you aren't making sense. Apple never marketed or set
| expectations that you could sideload apps on iPhone or
| iOS, did they?
|
| > " _By the way, washing machines and microwaves also
| have a full computer in them -- there 's CPU, RAM, and
| ROM. Yes, tiny and underpowered. Probably not quite
| powerful enough to run Doom. Computers nonetheless,
| technically._"
|
| So you're going after Bosch for anti-competitively not
| allowing you to sell software that runs on their washing
| machines, and not allowing owners to sideload? Because
| this is all about anti-competitive, you said? No
| obviously you aren't doing that, which calls into
| question your claimed reasons. You can easily list your
| app on Apple's store and compete, what it's about is you
| want more money. Which is fine in its own way, until you
| try to get some legal mandate for Apple to force me to
| worse platform so you can avoid paying Apple money for
| using Apple's platform and reputation.
| heavyset_go wrote:
| I could walk into Best Buy and buy the game I want off the
| shelf. I have no such option if I want to buy an iOS app from
| a store or the developers themselves.
|
| Steam also don't engage in anti-competitive behavior and
| prevent billions of people from using alternative game
| distribution methods like Apple does.
|
| What we need is real competition in the mobile app
| distribution market to determine whether or not that 30% is
| actually fair, efficient and competitive. As it stands, there
| is no competition in mobile app distribution.
| simonh wrote:
| That's simply not true, Android outsells iOS, it has
| multiple App Stores and allows sideloading. Plenty of
| phones come with 2 or 3 different app stores from the
| network, vendor and Google. The fact is consumers like app
| stores, they like consolidation because it makes it simpler
| for them and a lot of them like the benefits they get from
| a walled garden. Developers like consolidation too, which
| is why they have converged on the Play Store en masse on
| Android. These things benefit them, and the vast, vast
| majority appreciate those benefits more than they
| appreciate the benefits of managing multiple competing
| stores and side loading downloaded APKs.
|
| You can't magic those preferences away. Even if you forced
| iOS to become an Android clone with multiple app stores and
| sideloading you can't force people to like those things.
| You'd just be giving an extra option to a very small subset
| of techies who have Android now to do that on already
| anyway. The market has spoken and it likes nice simple well
| managed choices because that's what the people want.
|
| Why is it that Apple have to make the solution a small
| subset of people want. Why is that their problem to solve?
|
| Maybe these stores converged on 30% because it's a nice
| round number and a roughly 1:2 split makes intuitive sense.
| Consoles, music stores, Steam, mobile app stores, they've
| all circled around about that number for a very long time.
| Some have tried around 20/80 to grab market share but it
| never worked, Nintendo tried 35/65 for a while before going
| to 30/70. In the end it's natural that competitive forces
| will tend to a convergence.
| amelius wrote:
| > Why is it that Apple have to make the solution a small
| subset of people want. Why is that their problem to
| solve?
|
| Because otherwise they are a populist company.
|
| Imagine a company making clothes in sizes S..XL, but not
| XXL. Don't you think a company owes it to society to also
| offer the XXL size?
|
| Instead of thinking "what is better for us?", a company
| should think "what is better for our customers?"
| heavyset_go wrote:
| > _That 's simply not true, Android outsells iOS, it has
| multiple App Stores and allows sideloading._
|
| It's very true. Google acts in an anticompetitive manner
| to prevent competition in the mobile app distribution
| market, as well.
|
| Google prevents mobile app distribution competitors from
| competing with the Play Store on feature parity because
| because user installable 3rd party mobile app stores
| cannot implement automatic upgrades, background
| installation of apps, or batch installs of apps like the
| Play Store can.
|
| Also, iOS has 60% of the market in the US[1], which is
| the highest in the world. Apple's App Store is
| responsible for 100% more app store revenue than the Play
| Store[2].
|
| [2] https://www.businessofapps.com/data/app-revenues/
|
| [1] https://deviceatlas.com/blog/android-v-ios-market-
| share
| adamsvystun wrote:
| And just to be complete, there is little preventing other
| people from creating their own Steam (many do) or not using
| Steam at all (developers can publish their apps directly to
| users). This is not the case with the App store.
| addicted wrote:
| Steam charges that amount because it brought a customer to
| you.
|
| If I did my own marketing to gamers and they downloaded the
| game from my website I would have to pay 0% to any
| intermediary.
| beforeolives wrote:
| The more concerning thing about the car data is that the
| manafacturers resell it to third parties and those third
| parties have the right to resell it again. It's a mess.
|
| As a comparison, I don't know if much of Google's data ever
| leaves Google.
| marshmallow_12 wrote:
| i'm getting the impression that iot providers have far, far
| lower privacy standards vs dedicated tech providers. This to
| me indicates that they don't take the internet capability of
| their kettles/cars seriously enough. It's just a gimmick.
| This is not a constructive way to advance iot.
| xnx wrote:
| Every data broker out there says a prayer every night that
| we (as a society) continue to focus our attention on Google
| (an absolute saint by comparison) and ignore what phone
| companies, cable companies, browser extensions, gaming
| apps, smart tvs, etc. etc. do with our data.
| Spooky23 wrote:
| It's way worse. Google is the pioneer in that type of
| analytics.
|
| Apple took the existing model and automated it. They didn't
| invent it, it's been around since RCA/Victor. Retail takes
| bigger cuts (Walmart used to get 60% from AV vendors).
| Enterprise software resellers and distributors take a similar
| share to Apple, and do other shenanigans as a financing
| mechanism. When you hear about "shipments" that's what that
| means.
| wmichelin wrote:
| I disagree that telemetry is inherently bad. As product
| engineers, telemetry is often our only visibility into whether
| or not a system is functioning healthily. How else can you
| detect difficult-to-spot bugs in production?
| jstanley wrote:
| > our only visibility into whether or not a system is
| functioning healthily.
|
| Your problem here is viewing the end user's setup as part of
| _your_ system.
|
| It's the user's private system -- why should you have any
| visibility into how it is functioning?
| minsc__and__boo wrote:
| They said _a_ system, not _their_ system.
|
| Car computers report telemetry to mechanics, and given that
| digitization allows for economies of scale, this isn't that
| different.
| mlindner wrote:
| Once upon a time fixing bugs in production didn't happen
| because the product got all the bugs out before production.
| If it had bugs in production, the product failed.
| shard wrote:
| You used the phrase "once upon a time", a common opening
| for fairy tales, which seems apropos for describing a
| magical land where products achieved a 100% bug detection
| rate before release. I suppose this might have been true 50
| years ago, at the dawn of the electronic calculator, but
| that is now an age of legend...
| tracker1 wrote:
| When that was true, several decades ago, products generally
| had upwards of 2 years of design/architecture/engineering
| effort and definitions prior to another 3-5 years of
| development.
|
| It still (sometimes) happens for medical, aerospace and
| other transportation software that interfaces with hardware
| where safety is a concern.
| kuratkull wrote:
| As a software engineer I disagree. You are saying that you
| want to collect my personal information so you can fix your
| bugs. I don't see it being a valuable trade. I'll just find
| someone who can fix their bugs without tracking me.
| babypuncher wrote:
| Personal information is a bit nebulous. Do we consider the
| list of function calls in a stack trace "personal
| information"?
| slg wrote:
| >You are saying that you want to collect my personal
| information so you can fix your bugs.
|
| How do you define personal information? Let's use Chrome as
| an example. Recording what website I visit is clearly
| personal information. What about recording how many tabs I
| have open, how much RAM each tab is using, and when each
| tab was last viewed? Is that personal information to you? I
| personally don't value keeping that private and it is
| probably a valuable piece of information that could help
| the developers improve what has been one of the biggest
| user complaints about Chrome since almost its release.
|
| I think that is generally OP's point. Each piece of data
| exists on a spectrum in value for both the user and the
| developer. Data should be kept private when it has value to
| the user. There is little harm in sharing the data with the
| developer when the user would deem it low value and the
| developer would deem it high value.
| kuratkull wrote:
| It's pretty easy to understand what information is
| technically static and could be used to track you. Number
| of tabs: low possible range and pretty variable, even for
| tab hoarders, so it's low entropy information. Amount of
| RAM used in each open tab: that should be statistically
| significant and I'm pretty sure could be used to identify
| people if there are enough tabs open for a long enough
| period. When each tab was viewed: every (not-)clicked tab
| is a bit of information, you don't need much to narrow
| down a person. Interesting reading on de-anonymizing
| people on seemingly anonymized data:
| https://www.wired.com/2007/12/why-anonymous-data-
| sometimes-i...
| sneak wrote:
| Telemetry isn't okay simply because it can't be used to
| track someone. The number of tabs I have open isn't
| identifiable information, but it's still _my_ private
| information, and should not leave my computer without my
| advance consent. Using my computer hardware to transmit
| my usage activity (even my _unidentifiable_ usage
| activity) without my consent is a dick move.
|
| My usage data is mine, as is my hardware and network
| connection.
| totaldex wrote:
| +1 to this. As long as proper privacy concerns are addressed
| and the data gathering is imperceptible to the product
| experience, telemetry signals are immensely valuable for
| improving the product in a variety of ways.
| kuratkull wrote:
| Many users care more about their privacy than your product.
| dtx1 wrote:
| So why does $product need to send telemetry data via google?
| Why can highly complex software that runs most of the worlds
| internet infrastructure (linux) work without telemetry? Why
| is telemetry not opt-in or relies on reports in situation
| where a bug causes an issue like firefox crash reports? I'd
| rather have privacy and buggy software then bug free software
| in exchange for no privacy at all
| oarsinsync wrote:
| > I'd rather have privacy and buggy software then bug free
| software in exchange for no privacy at all
|
| Unfortunately, nobody offers bug free software in exchange
| for no privacy. It's still buggy.
| slg wrote:
| >So why does $product need to send telemetry data via
| google?
|
| Because Google is responsible for most of the software on
| said product. Who would be receiving that telemetry data if
| it wasn't Google?
|
| >Why can highly complex software that runs most of the
| worlds internet infrastructure (linux) work without
| telemetry?
|
| First, this is a false premise because it ignores the
| potential that telemetry could help improve this software
| but most Linux distros have decided against it for other
| reasons. Secondly, it ignores that some distros do in fact
| include telemetry.
|
| >Why is telemetry not opt-in
|
| It probably should be when it comes to something that has
| potential to invade privacy, but we have to be realistic
| that practically no one will actively turn on telemetry if
| it is initially set to off. That drastically decreases the
| value of the collected data and it basically turns into
| nothing more than something customer service can tell
| someone to turn on while trying to troubleshoot a specific
| issue.
|
| >or relies on reports in situation where a bug causes an
| issue like firefox crash reports?
|
| Telemetry isn't just about bugs. It is also about guiding
| future development, knowing what features are used, knowing
| the workflow for users, etc. It can provide value beyond
| crash reports.
|
| >I'd rather have privacy and buggy software then bug free
| software in exchange for no privacy at all
|
| This is completely fair. I would generally agree with you
| and bet that most HN readers would too. However this is not
| a binary choice. Not all telemetry is inherently bad. Not
| all loss of privacy is inherently damaging. This is a
| complicated issue that will involve compromises and anyone
| sticking to a complete extreme of it being all bad or all
| good isn't going to offer anything productive to this
| conversation.
| dtx1 wrote:
| > Because Google is responsible for most of the software
| on said product. Who would be receiving that telemetry
| data if it wasn't Google?
|
| Depends, on Android maybe. On my Android Device, not
| really i don't use google software with the exception of
| the core android system without gplay services. On iOS,
| the HTML Based Web, or Desktop Systems, I see no need for
| google to exist. If you need telemetry, run your own damn
| telemtry server instead of feeding the FAANG Privacy
| nightmare even more.
|
| > First, this is a false premise because it ignores the
| potential that telemetry could help improve this software
| but most Linux distros have decided against it for other
| reasons. Secondly, it ignores that some distros do in
| fact include telemetry.
|
| Distros may, Linux itself does not. The fact that the
| majority of Linux Distros work just fine without
| telemetry shows that large scale software developement
| and deployment work just fine without invading peoples
| privacy needlessly.
|
| > It probably should be when it comes to something that
| has potential to invade privacy, but we have to be
| realistic that practically no one will actively turn on
| telemetry if it is initially set to off.
|
| so, if given the fair and free choice everyone will chose
| against telemetry? And that doesn't make you ask yourself
| "are we the baddies?".
|
| > That drastically decreases the value of the collected
| data and it basically turns into nothing more than
| something customer service can tell someone to turn on
| while trying to troubleshoot a specific issue.
|
| So, wheres the problem here? Sounds EXACTLY how a good
| telemetry system should work. If the bugs don't bother
| the users there's no need to invade their privacy to fix
| them, if they do bother them, telemetry can be a tool to
| help them. There's no need to generate "valuable data"
| except to invade peoples privacy.
|
| > Telemetry isn't just about bugs. It is also about
| guiding future development, knowing what features are
| used, knowing the workflow for users, etc. It can provide
| value beyond crash reports.
|
| Why is it any of your effing buisness what my workflow is
| like? If i need a feature i request it. This shit is only
| accepted because the majority of users lack a meaningful
| understanding of the depth of invasion by app and web
| developers into their privacy.
| sneak wrote:
| Telemetry is inherently bad if it's not done with the
| informed, opt-in consent of the end user whose data it's
| (mis)appropriating, oftentimes silently.
|
| There's no issue with opt-in telemetry, where the user says
| "yes, it's okay to track me".
|
| Invisible, silent, always-on telemetry is actually just
| spyware that's been mislabeled.
|
| Ultimately it's not the telemetry that's at issue: it's the
| unethical and selfish behavior of the software/device
| manufacturer.
|
| No sane or reasonable person thinks that an EULA is informed
| consent.
| tobr wrote:
| We're increasing the risk exposure for every user for our own
| trivial convenience. It is inherently bad, just like other
| forms of widespread surveillance that is often motivated by
| some seemingly good cause, like catching terrorists.
| 2OEH8eoCRo0 wrote:
| I honestly don't mind information about crashes being sent as
| long as it is very sanitized and easy to disable- similar to
| how Fedora reports issues.
|
| They send only a list of functions on the stack without any of
| the arguments or data.
|
| Example:
| https://retrace.fedoraproject.org/faf/problems/bthash/?bth=3...
|
| Where Google goes too far is sending everything in the name of
| security or better yet to "serve" the user.
| fiddlerwoaroof wrote:
| IMEI and serial number make sense, I think too: Apple's
| activation lock is a big reason why I bought an iPhone and as
| far as I can tell, it requires interaction with the server on
| every boot to work.
| 2OEH8eoCRo0 wrote:
| I disagree on IMEI. It never changes and is unique.
| rdw wrote:
| The 30% cut was considered very good at the time. It was way
| better than the 50-90% cut that traditional publishers would
| take.
|
| A sibling comment notes that Steam charged 30% at the time
| (though some had better deals) but it's worth noting that Steam
| was not an open platform that anyone could publish on. Much
| like for consoles, to put a game on Steam you had to have a
| preexisting relationship with Valve, or try to develop one with
| no certainty of success. This was also considered a very
| generous cut because getting on Steam was almost a guarantee of
| financial success.
| JKCalhoun wrote:
| It depends of course on how you published.
|
| When I was authoring software (over two decades ago) and a
| company acted as publisher they took 85% of gross.
|
| For author/publisher relationships at that time, this was
| pretty typical (book authors/publishers being the closest
| analog).
|
| Needless to say there was, in addition to the cost of
| creating and shipping floppies, advertising that the
| publisher had to cover.
|
| Apple's 30% cut seemed fair to me when the App Store arrived.
|
| I'm not sure if I would try to ship an iOS app these days
| though. Not because of Apple's cut but because of the race to
| the bottom that was unleashed shortly after the App Store
| gold rush: where now you don't appear to even be able to sell
| a $0.99 app.
| echelon wrote:
| > The 30% cut was considered very good at the time. It was
| way better than the 50-90% cut that traditional publishers
| would take.
|
| Why didn't Steve Jobs go with web distribution of first class
| web apps or allow Flash on his platform? If they truly wanted
| to be remarkable, this would have been the future.
|
| The answer is control.
|
| Apple is a cutthroat business just like any other, and their
| "privacy first" veneer is just a wolf in sheep's clothing.
| They're playing it up as an attack against Google and
| Facebook, meanwhile they still phone home about the apps
| you're running and can shut them off remotely.
|
| Microsoft never taxed software on their platform. Jobs had to
| invent that business model. It flourished like wildflowers
| thanks to him.
| kyralis wrote:
| 'First class web apps' was precisely how you were supposed
| to create apps for the first iPhone; the SDK was thrown
| together over the next year only after the huge demand for
| writing native apps. The iPhone pushed a bunch of device
| access web APIs originally explicitly for this reason.
| sosborn wrote:
| > Why didn't Steve Jobs go with web distribution of first
| class web apps
|
| That was exactly his intent when he announced the iPhone,
| and he got absolutely obliterated by the internet for it.
| babypuncher wrote:
| Not allowing Flash on the iPhone is probably the best thing
| Apple ever did
| echelon wrote:
| Destroying an open, low barrier to entry animation and
| application platform that was used by teenagers to
| develop and share interactive content?
|
| Destroying a way to deliver native-like, cross-platform
| applications without an app store was good?
|
| Jobs did it for control. He didn't want interop between
| Android and iPhone, and he didn't want any web browser
| with enough flexibility to do anything sophisticated.
| notriddle wrote:
| Android had Flash. It stank, and the blame for its
| stinkiness lies entirely on Adobe.
| [deleted]
| mikestew wrote:
| _The 30% cut was considered very good at the time._
|
| No, it wasn't. I'm not going to dig up links, but one could
| pop a web site storefront and Fastspring for payment
| processing (as one example of a company I used) for less than
| 10% (Fastspring would take something like 6-7%, IIRC).
| Discovery has always sucked on Apple's store, so no value-add
| there. In fact, I'd argue that the only value-add one gets
| out of Apple's store is access to their closed garden.
|
| And "50-90%"? Is that in reference to putting software in
| physical boxes and on CompUSA shelves? Because no mobile
| publisher charged 90% before Apple's store came along.
| lallysingh wrote:
| IIRC 50% (60%) was the rate for the app distributor I used
| for selling my PalmOS app. It was digital download, too.
|
| For the Apple case: access to the walled garden is the
| majority of the benefit. But still, setting up payments,
| customer service, chargebacks, fees, etc., is nice to have
| taken care of. 30% nice? Who knows. But more than just the
| raw payment processor overhead, surely.
|
| AFAIK physical boxes are way above 50%.
| addicted wrote:
| There were a couple of stores that were more expensive.
|
| But there's 2 reasons the comparisons aren't valid:
|
| 1) The revolution Apple brought to mobile phones was
| making them personal computers. So the relevant
| comparison really should be with personal computers and I
| doubt any of them had stores that took as much of a cut.
|
| 2) More relevant, the vast majority of such app stores
| which charged 40-50% were optional marketplaces. A
| customer didn't need to go through them to install an app
| on their phone (I believe Palm was like this. I'm pretty
| sure the likes of WinMo allowed many different ways to
| install apps). So if a marketplace was charging 40-70% it
| was entirely for the fact that they were bringing a
| customer to you. If you were able to acquire a customer
| by yourself, you didn't need to pay anyone any cut.
|
| The big problem with Apple's 30% cut has always been that
| they charge you that amount just for having a user, even
| if you did all the work to get that user to use and pay
| for your app. Outside of the maybe 3% credit card fees,
| Apple provides 0 value.
|
| One may argue (as many Apple folks do) that they charge
| for the frameworks, etc., but that argument is absolutely
| backwards. Apple creates the frameworks and APIs because
| they need the apps, not because the apps need them. If
| Apple was to get rid of its 3rd party APIs and
| frameworks, so there were no 3rd party apps, it's not the
| app developers who would suffer because all those users
| would migrate to Android. It's the iDevices and Apple
| that would basically disappear.
|
| In fact, App developers would be thrilled because now
| they only need to support 1 Operating system.
| Retric wrote:
| 1) That's extremely revisionist thinking, the original
| iPhone didn't allow any third party apps.
|
| The iPhone was never sold as a computer it was very much
| just a better UI on a traditional cellphone.
|
| 2) Again no, most cellphones at the time where extremely
| locked down flip phones. Hell, selling ringtones used to
| be a thing because of how locked down phones where back
| in the day. Look up what kind of a cut musicians got of
| that fad.
| flemhans wrote:
| I remember considering 1-2% to be fair, for the payment
| processing. Publishers were an old-fashioned thing and not
| even considered for the comparison.
| harry8 wrote:
| This is such a nonsense justification.
|
| You want to sell software you wrote to run on an iphone. You
| have zero choice. Apple tax your revenue.
|
| You want to sell software you wrote to run on a pc. Steam is
| not your only choice. I am not defending steam or valve here,
| I've never sold anything using their stuff, nor am I
| suggesting anything other than that their market power over
| pc compared to apple's store over the iphone is not remotely
| comparable.
|
| It actually works against you to suggest apple's iphone
| software store and steam are comparable at all because it's
| so incredibly bogus.
|
| You want to make the case that steam suck too but with loads
| less market power. Go right ahead. We're listening. You don't
| need absolute and total market power to be abusive of it.
| Apple will immediately attempt redefine the market to include
| android or people spending money on coca cola instead of
| apple product to suggest that customers have real choice so
| there is no market power abuse here.
| memetomancer wrote:
| Are you implying that you feel entitled to sell software on
| Apple's tightly controlled consumer devices?
| harry8 wrote:
| I am stating, very clearly, that Apple have massive
| market power that they are abusing. This is known in
| economics circles as "market failure" and across the
| spectrum from Keynsians to Neo-classical economists is
| seen as a compelling case for regulation.
|
| Why are you implying I am saying something different to
| what I /said/.
| babypuncher wrote:
| I think the point is that Steam manages to do just fine
| while charging 30%, on a platform where developers could
| easily choose to self-publish. For small developers, that
| 30% is worth it because the value Steam brings to them is
| worth more than the revenue it takes. The only ones
| choosing to go elsewhere are massive publishers that can
| market their own storefronts, and indie devs taking large
| up front payments from Epic to leave Steam.
|
| I can see both sides of the argument here. It sucks having
| no choice as a developer, and feeling forced pay Apple a
| tax just to get paid for your work. It's especially
| egregious with subscriptions, where Apple doesn't even do
| any of the content delivery. However, as a user, I think it
| would also suck if a huge player like Facebook or Google
| decided to open up their own iOS App Stores, and developers
| started flocking to them as a means to escape Apples
| increasingly strict app privacy rules.
| simonh wrote:
| The situation on Android shows us that consumers like
| consolidation and they like walled gardens and simple
| choices. These things benefit them. Plenty of Android
| phones come with 2 or 3 app stores. One for the carrier,
| one for the vendor and Google Play Store. There plenty are
| others as well, but the market has spoken. Even Epic had to
| fold and move to Play Store. Maybe Google played dirty, but
| I think it's perfectly clear users benefit from
| consolidation. They like the simplicity of having
| everything in one store and when they change devices they
| just set up their Play Store account and there everything
| is. That's a massive advantage to them. Fragmentation is a
| nightmare.
|
| Developers have come to the same conclusion, it's to their
| benefit for the customers to all be on one store with one
| set of policies and features so that's where the majority
| of the apps go.
|
| So what are you going to do, force Apple to become a
| fragmented Android copy with multiple stores and side
| loading that a tiny fraction of techies actually use? Those
| people already have that on Android if they want it.
| Honestly you'd just screw over Apple and a few other people
| over a principle hardly anybody actually cares about or
| benefits from. It certainly wouldn't make any significant
| commercial difference. We ran that experiment and the
| results are in.
|
| The idea that users would all be side loading apps and
| developers would be making far more money having their apps
| spread across 5+ different stores that would compete down
| to lower prices is delusional. If that were the case, why
| has this not happened on Windows or MacOS where side
| loading is actually the default yet Steam, GOG, etc still
| charge 30%? It's crystal clear that's just the split the
| market has converged on through a competitive process.
| After all Steam has competed from day one with a default
| split of nothing for direct downloads from the software
| publisher but has thrived charging 30%. If that's not
| direct market validation I don't know what is.
| esclerofilo wrote:
| Fragmentation and walled gardens are a false dichotomy.
| Steam is actually a great example of this, there are many
| other stores (Humble Bundle, Fanatical, GMG, whatever)
| that sell you Steam keys so you can keep your game
| library in one comfortable place.
| simonh wrote:
| Yes Steam are still perfectly comfortable staying at 30%
| as I said it's clearly a market driven level.
| svara wrote:
| I can't help but feel like having it this way is breaking one
| of the huge reasons that made computers so absurdly exciting
| and enticing in the past.
|
| The fact that there was this wide open field, where, sure,
| maybe you paid Microsoft for the OS, but then the rest was up
| to you. Trade shareware CDs, install stuff from the internet,
| type in code from a book or whatever, it felt like an
| infinite open field of possibilities.
|
| I guess it's normal that the exciting frontier shifts around,
| but I really can't believe that it's somehow a good thing in
| this case.
| alwillis wrote:
| It's a 15% cut for developers who makes less than $1
| million and for most other developers after year 1 on the
| App Store.
| ocdtrekkie wrote:
| This only happened recently after they've had lawsuits
| and antitrust suits and Congressional interest.
| mason55 wrote:
| You can still do all those things on a computer.
|
| And now it's so easy to put up a web app that I'd argue
| barriers are much, much lower than when you had to figure
| out how to get your physical software distributed.
|
| The goals of "keep grandpa from getting his life savings
| stolen by malicious software" and "allow a power user to do
| whatever they want" can literally never be solved by the
| same device. If there's any way to disable protections then
| the scammers will get grandpa to do it. And the market for
| grandpas is much larger than the market for tinkerers.
| fbelzile wrote:
| > You can still do all those things on a computer.
|
| Have you tried to distribute software on macOS out of the
| App Store recently?
| nitrogen wrote:
| _And the market for grandpas is much larger than the
| market for tinkerers._
|
| This kind of thing has become a meme. It's basically
| irrelevant. If the market of tinkerers was big enough 20
| years ago, it's more than big enough now, and the GPU
| shortage kind of proves that. It's also an all-or-nothing
| fallacy -- nobody can protect all financial victims, and
| restricting the tech device market is probably one of the
| least effective ways to try. There are much better
| chokepoints for combatting both malware and fraud than
| the sanitized amusement park experience.
| babypuncher wrote:
| The market for tinkerers is huge. Which is why there is a
| huge selection of computing products out there that cater
| almost exclusively to this market. The question is, why
| should Apple be forced to cater to them as well?
|
| It would be understandable if Apple owned most of the
| computer/smartphone market, but they don't. iPhones make
| up less than 20% of smartphones out in the wild. Nobody
| who wants to avoid Apple is put in a situation where they
| are at a disadvantage, unlike a telephone user in the
| 1970's trying to avoid Bell.
| harry8 wrote:
| "The 30% cut was considered very good at the time."
|
| Let me fix this.
|
| There was a full range of views. Some considered the 30% cut
| to be good at the time, some didn't consider it much at all,
| some considered it to be a criminal abuse of market power. I
| remember commenting myself that microsoft would be crucified
| for attempting to tax everyone who wanted to write software
| for windows 30% of revenue. I don't recall anyone suggesting
| that was a controversial comment.
| insert_coin wrote:
| Let me fix this.
|
| Microsoft did worse, they did charge more than 30% to
| everyone that published software for the xbox.
|
| People with skin in the game, game publishers, game
| developers, mobile app developers for nokia, blackberry,
| samsung, motorola, etc, considered Apple taking "only" 30%
| to be an excellent deal at the time.
|
| Others complained, sure. I too complain Ferrari charges way
| too much for customizing the color of the thread of the
| interior lining, I don't know why they don't seem bothered.
| gumby wrote:
| > It's similar to when Apple defended it's 30% store cut by
| claiming it's an "industry standard"... specifically, an
| industry standard that Apple established.
|
| I thought Apple chose that figure as game developers were
| already used to it from consoles and Steam.
| geerlingguy wrote:
| It goes back much further than that--the mobile phone 'app'
| market was a lot worse (50%? And not a fun developer process)
| and was pretty poorly saturated by Java-based games and
| lightweight apps.
|
| It all depends on what software / 'app' stores we're
| comparing to.
| grishka wrote:
| > cars regularly send basic data
|
| I'm still terrified by the fact that some cars now apparently
| have network interfaces for some reason.
| retube wrote:
| Got a courtesy call from BMW the other day to let me know my
| brake fluid needed changing and would I like an appointment
| made at my nearest garage?
|
| I get that there are privacy concerns, but also that's pretty
| cool. It also has GPS and will automatically alert BNW if air
| bags are deployed. Has saved lives.
| grishka wrote:
| > Got a courtesy call from BMW the other day to let me know
| my brake fluid needed changing and would I like an
| appointment made at my nearest garage?
|
| That's only marginally better than it popping up an alert
| on the dashboard, which many modern cars most probably do
| anyway, but imo it feels like something of a privacy
| invasion.
|
| > It also has GPS and will automatically alert BNW if air
| bags are deployed. Has saved lives.
|
| Aren't there systems that automatically call an emergency
| number and send GPS coordinates when they detect a crash? I
| think I read somewhere that some countries are even going
| to mandate them on new cars.
|
| (Disclaimer: I'm not much into cars. I do have a driving
| license, but I don't own a car and don't drive very often.)
| wmichelin wrote:
| Ideally some of that data can be aggregated and acted upon
| locally to the car computer, so that once an arbitrary car
| manufacturer closes shop, you can still retain the value
| provided by that telemetry.
|
| Sending it off to their servers and having them manually
| call you up is nice, but I'd hate for that to suddenly go
| away because of some business that is outside of your
| control as a consumer.
| kuratkull wrote:
| We can save a lot of lives if we monitor
| everyone/everything. I'm sure there was very little early
| death in the Matrix universe.
| minsc__and__boo wrote:
| Except there was a lot of death, hence the line about
| rejecting uptopia. Also robots used human brains as
| batteries (or processors, in the original script) which
| is not quiet the same.
| charcircuit wrote:
| Telemetry allows people to make better decisions. It's not a
| bad practice. Information deserves to be free.
| tchalla wrote:
| > It's similar to when Apple defended it's 30% store cut by
| claiming it's an "industry standard"... specifically, an
| industry standard that Apple established.
|
| Apple established a standard for the Apple app store. There was
| a lot of complaint about "Apple Tax" and Apple merely pointed
| out that it wasn't a "Apple Tax". Sure, Apple started it but
| others which are not even connected to the Apple ecosystem
| simply followed. They could have not decided to but they did
| (Re:Table 1) [0]. Microsoft, Samsung, Google and Amazon all
| have the same 30% tax. Heck, even commission rates for Xbox,
| Playstation, Nintendo have the same rate (Re : Table 2). I am
| sure Apple is not forcing them to have those rates.
|
| Somehow, this conversation turns into an "Apple" vs rest
| conversation. There's no conversation had upon the charges on a
| digital distribution store. I'd say - let's have that
| conversation and come up with a number. Currently, the number
| is decided in a "free market". I would be open to come up to an
| alternate number. Most arguments against the 30% is that it is
| too high. Well, every penny that goes out from the developer's
| pocket is too high. The cost of an iPhone might be too high.
| Something, being too high is not an argument to not have that
| rate.
|
| [0]
| https://www.analysisgroup.com/globalassets/insights/publishi...
| heavyset_go wrote:
| > _There 's no conversation had upon the charges on a digital
| distribution store. I'd say - let's have that conversation
| and come up with a number. Currently, the number is decided
| in a "free market"._
|
| There is no competition in the mobile app distribution
| market. Apple and Google have a duopoly on mobile app
| distribution, and they behave like a cartel when it comes to
| price fixing.
|
| For over a decade now, consumers and developers _could have_
| benefited from real competition in the mobile app
| distribution market. Real competition between companies means
| that consumers can benefit from increased efficiencies and
| reductions in cost when it comes to distributing mobile apps.
|
| Instead, Apple and Google have kept a stranglehold on the
| mobile app distribution market, and it took over a decade and
| the threat of regulation before Apple chose to lower costs to
| developers _somewhat_.
|
| How can anyone know what prices are "industry standard" or
| "too high" when it comes to mobile app distribution if there
| is no real competition in that market, just a cartel
| consisting of two trillion dollar companies controlling
| mobile app distribution for nearly 13 years?
| tchalla wrote:
| I agree - there's no competition. What's your solution to
| change in the law that will create competition?
| issamehh wrote:
| I have an android phone and there is one clear difference: I
| can go elsewhere to get apps other than the official channel.
| For Microsoft I can go as far as installing a whole different
| OS on the device. You can do neither with iPhones. Sure, you
| can buy a different phone but it isn't as simple as that
| [deleted]
| clairity wrote:
| this is a classic example of how companies collude without
| direct communication. it's a type of game theoretic outcome
| that's actually taught in business school - how to read your
| competitor's intentions from public information (like pricing
| intentions) and legally act and counter-communicate publicly
| your own intentions to not compete (in many cases by not
| lowering price).
|
| this can practically only happen in oligarchic markets (those
| controlled by a few large players) who can safely assume a
| smaller competitor won't undercut them. unfortunately, most
| major markets in the US are oligarchic, if not downright
| monopolized (e.g., cellular service).
| tchalla wrote:
| > this is a classic example of how companies collude
| without direct communication.
|
| In that case, let's have that conversation as a society and
| as a government. "Are companies listed in Table 1 and 2 in
| collusion as defined by current law?".
|
| In most of the Apple 30% conversations, the conversations
| seem to be about an instance (Apple) instead of an object
| (Digital Store Tax, Collusion etc). Lets set the frame and
| be clear about the conversation we want to have regardless
| of the business we talk. We can use Apple, Microsoft et al
| as examples to make the point. We shouldn't replace them
| with the overarching discussion.
| clairity wrote:
| as i understand it, by not communicating directly,
| companies avoid the most damning potential evidence that
| they are colluding. it's theoretically possible to still
| determine that their behavior is collusive, but quite
| difficult in practice.
|
| i personally think anti-trust/anti-monopoly regulations
| should be tightened by an order of magnitude or so. any
| market that exhibits such extended, obviously inflated
| profit margins needs to be sliced up more finely. any
| market participant with more than ~10% market share
| should be scrutinized closely. piercing the corporate
| veil should be the norm with any anticompetitive
| infraction (as well as embezzlement, insider trading, and
| other such executive crimes).
|
| in short, make markets fair (not just 'free').
|
| and in turn, that should allocate capital more
| efficiently throughout the economy, rather than letting
| it accumulate inefficiently in fewer and fewer hands.
| tchalla wrote:
| > in short, make markets fair (not just 'free').
|
| I'm all for it. What's your concrete proposal to change
| in the current law for digital store distribution "tax"?
| kuratkull wrote:
| "Fair" and "free" are almost opposite values in regards
| to markets, what you want is not "free", you want
| regulation. Fairness means you got to oppress a party in
| favor of another party.
| clairity wrote:
| a fair market is one that is devoid of coercive influence
| by any market participant, almost diametrically opposed
| to oppressiveness. whereas in a "free" market, oppression
| is the expected steady-state, because it inherently
| invites manipulation to produce advantage, as with any
| game (in the academic sense) without rules. try playing
| basketball without rules and see what happens.
| kuratkull wrote:
| It seems you are making up words. "Fair market" doesn't
| even seem to be a thing - not surprised really.
| tchalla wrote:
| You are hitting the nail on the head. Most times, people
| are looking for utopian solutions. In a large market
| where people have different incentives, non-dominating
| solutions do not exist. There are options and
| implications. We get to choose from what we have (with
| implications) not some ideal situation we have dreamt in
| our mind. Currently, everyone wants to have their cake,
| eat it and the cherry on the top. Later even complain
| about the cherry not being sweet.
| rurp wrote:
| This is a great comment. It drives me crazy how often
| people take concepts that apply to an idealized free market
| and apply them to an area that's controlled by a small
| number of entrenched behemoths. Very little of the tech
| industry these days operates like an Econ 101 free
| marketplace.
| flemhans wrote:
| It even polluted into other markets, like Wolt.com taking a
| 30% (!!) cut of food delivered using their platform. On top
| of the actual delivery charges.
|
| I remember thinking that Just-Eat.com were criminals for
| taking 10%.
|
| Hungry.dk takes 1-2%.
| Jommi wrote:
| You're comparing apples and oranges.
|
| You're most likely not being fair with what services these
| platforms provide, or how they structure their fees.
|
| Wolt and other companies like UberEats or Postmates are
| food discovery, delivery and PoS platforms (and more). They
| don't operate on any single commission model.
|
| (Ofc one could argue this pricing complexity is intentional
| so that comparing is more difficult)
| beastman82 wrote:
| It's called the "tu quoque" logical fallacy
| TYPE_FASTER wrote:
| I read Steven Levy's book "Hackers" recently. One interesting
| insight was that developers for Sierra On-line and other early
| publishers had deals for the developer to get a 30% royalty on
| the games they wrote, with Sierra collecting 70% as the
| publisher. Over time, as there was some market saturation in
| the early 80s, this number decreased.
| dralley wrote:
| >Cars only started doing this because phones made it normal.
| It's wrong in both cases.
|
| I don't know that this is true, planes have been doing it for
| quite some time now, although obviously they existing in a
| totally different bracket of price and complexity.
| wunderflix wrote:
| I seriously don't mean this in an offensive way. But isn't
| bringing Apple now into this, "Whataboutism" in disguise?
| swiley wrote:
| >cars regularly send basic data
|
| My car doesn't and I absolutely would never buy one that does
| even if that meant walking/taking the bus.
| fapjacks wrote:
| Which makes it weird that we accept this bullshit from our
| phones, considering that you have your phone with you whether
| you're driving or walking or taking the bus.
| chasil wrote:
| I don't accept it on my phone either.
|
| My Oneplus runs Lineage, and I explicitly omitted Google
| services.
|
| I had previously run the MicroG rewrap of Lineage, but the
| maintainer dropped maintenance for six months, so I found
| ways to do without the GMS emulation.
| oarsinsync wrote:
| Alas, your cell carrier can and probably is still
| tracking everywhere you go, as well as who you call /
| text / calls you / texts you, and sniffing your packets
| unless you VPN
| fapjacks wrote:
| I also use microG on my phone.
| swiley wrote:
| I think it's because you have to pay money to access the
| cell network; You need an identety to clear billing with.
| Until we have enough spectrum for WiFi to have longer
| ranges you will never be able to use a portable device with
| internet access like cell phones have without being
| tracked. The extra data exfiltrated from our devices is
| often only a little more precise than what the carriers in
| many places are already selling.
| harry8 wrote:
| Every week there's a story here on HN that makes me mourn the
| demise of the Nokia N900. Still the best smartphone ever made by
| a massive margin.
|
| I hope both those things are made obsolete by stories of
| smartphones that work well and are vastly more trustworthy than
| Google and Apple. The longer it takes, the harder it gets.
| Whatsapp/Signal ports are now hard requirements for much of the
| population. :S
| mmacvicarprett wrote:
| Why do they need IMEI for? and mac addresses of close networks
| (besides location).
|
| When the user gives consent for PII like IMEI, location, networks
| mac addresses?
|
| I wonder if both companies might be breaching the Children's
| Online Privacy Protection Rule ("COPPA").
| chiefalchemist wrote:
| It's a long often too verbose read by "The Age of Surveillance
| Capitalism" is unforgiving in its detailing of the past, and
| relentless in its fear of what the future likely holds.
|
| Most people seem to say "oh I know they're collecting data."
| Unfortunately they don't - likely can't - grasp the depth and
| breadth. And the motive? Most will never make it that far.
|
| The Age of Surveillance Capitalism rips off the bandaid, one
| greepy greedy power move at a time.
|
| https://www.wnycstudios.org/podcasts/otm/segments/living-und...
| nojito wrote:
| Most of the info Apple sends shouldn't be considered telemetry
| though.
|
| The hardware info is used to make sure that blacklisted/stolen
| devices are rendered inoperable.
|
| The other requests are simply due to used apps...it seems the
| researcher is unclear about many aspects of iOS. i.e. typing a
| url into Safari kicks off to find links, apps, etc. that will be
| the logical next step for a "search"
|
| He also doesn't understand the difference between Siri the voice
| assistant and Siri the platform.
|
| tldr; Google vacuums everything it can...Apple is the exact
| opposite.
| williesleg wrote:
| It's all about the data. Even here. They track who posts what,
| when, and from where.
| aboringusername wrote:
| I mean at this point it's obvious if you're using a digital
| device data is going to be collected, that's part of society and
| living in the 21st century; could be your toothbrush, fridge,
| washing machine, car...All these devices generate data that is
| going to be collected.
|
| It's also changing how crime is investigated; Google can be asked
| for a list of smartphones in an area at a given time, can be used
| to collect evidence or information (were you in this building on
| this floor at this time?). Carrying a smartphone can implicate
| you (or not) and you can be photographed by anyone at any moment
| regardless of your "rights".
|
| I think people need to understand you are responsible for what
| you do on a computer; your clicks, searches, taps, installed app
| list, and basically everything is being recorded regardless of
| consent (which appears to be an illusion these days).
|
| This is neither shocking nor unexpected. Humans generate data,
| data is going to be collected and used.
|
| That's not going to change any time soon. Some thought Google
| would introduce a similar privacy feature to Apple's tracking
| consent but I lol'd at anyone who believed that.
| grawprog wrote:
| >I think people need to understand you are responsible for what
| you do on a computer; your clicks, searches, taps, installed
| app list, and basically everything is being recorded regardless
| of consent (which appears to be an illusion these days).
|
| While I agree with this in principle, I've never really
| understood why we forgive poor user behaviour when it comes to
| computers when we don't do the same with basically any other
| tool humans regularly use, despite the negative consequences
| being comparable, I don't think it's reasonable to expect
| people to just quietly accept 'tracking's just the way it is,
| deal with it.'
|
| That doesn't come down to poor user behaviour in that case, it
| comes down to malicious behaviour by device manufacturers and
| software developers in the name of profit.
|
| It's all well and good to expect users to take steps to deal
| with that behaviour, but it shouldn't just be accepted that,
| 'that's just the way it is.' And companies should be held
| accountable for at least the deceit that surrounds it.
|
| Just being honest and open about it all would be a start. At
| least then you could make the excuse 'oh well the user should
| have tried harder to not be tracked.' Because they have a fair
| chance of knowing where and how they're being tracked.
|
| This current system of deceit and bullshit is the problem.
| IAmEveryone wrote:
| The point of the comparison made in the headline here is
| exactly that one does not need to expect the worse from
| everyone and therefore stop caring and complaining.
| 1vuio0pswjnm7 wrote:
| As users, we are assured that telemetry is only for the purpose
| of "improving products and services", "improving user
| experience", etc. If one company is collecting 20x as much as
| another, all else being equal, one would expect that this would
| be reflected in the quality of the product/service/experience.
|
| Of course, Google's service is to advertisers, first and
| foremost. Users generally do not pay for what they receive from
| Google. Perhaps Google's paying customers, advertisers, are the
| ones seeing the improvement in the quality of service as a direct
| or indirect result of telemetry.
| darkwizard42 wrote:
| I don't think this is necessarily true. I believe that Google
| Maps navigation and location accuracy is significantly better
| on Android than iOS (no claim on 20x...but anectdatally better)
|
| Google Maps getting more precise telemetry data is actually so
| useful in improving the navigation experience in tricky
| intersections, overlapping roads, or low bandwidth areas where
| GPS signal and service can be spotty. I can speak from
| experience that friends with Android phones experience less
| jumpiness in their GPS location, less errors in navigation, and
| less of that pesky "You've Arrived" notification triggering
| when still far away from the destination.
| andrewzah wrote:
| Also anecdotally speaking, conversely, I used to use
| Waze/Google Maps, and nowadays just use Apple Maps. The
| latter has been more than sufficient in my day to day
| travels. I can't think of any errors in navigation.
| ProfessorLayton wrote:
| YMMV, but as much as I like Apple Maps and use it as much as I
| can, for the more complex/unknown routes I definitely rely more
| on Google Maps to get it right. I don't know if telemetry is
| the cause for the better service, but it is noticeably better
| for me.
|
| Separately, I'm also a google customer as I run an Ad campaign
| for a small business (skilled labor), and the dollars spent on
| search ads are extremely efficient with an incredible ROI. Even
| with CACs in the 10s of dollars, with the size of the contracts
| being signed it typically costs much less than .5% of the
| total.
| wruza wrote:
| You bet they are improving. I don't know any big vendor who is
| _worse_ than google in ux. Another question is, where is the
| good old "hiring few hundred users from different groups and
| watching what they do with a test device" instead of spying on
| millions of the same kind.
| swiley wrote:
| If telemetry is used for improving services then why does every
| project who's UI decisions are based on telemetry[1]
| consistently rebuild their UIs in less usable and less user
| friendly ways?
|
| [1] Pretty much anything from Mozilla or Google, Reddit, lots
| of others.
| butz wrote:
| Power users turn off telemetry and skew data?
| jmull wrote:
| I'd be interested to learn more. E.g, to what extent is the data
| anonymized?
|
| I also want to know what the data is used for and how long it is
| stored for, but I suppose those are very tough questions for an
| external researcher to test.
| yuhong wrote:
| I wrote about CompatTelRunner because of the CPU time it
| consumes, which even MS employees like Billy O'Neal complain
| about: https://en.wikipedia.org/wiki/Draft:Desktop_Analytics
| papaf wrote:
| Smartphones are personal tracking devices that also allow you to
| browse the web and make phone calls.
| swiley wrote:
| I've always thought of them as "endpoints for deploying
| cooperate software into your life" but this is also a pretty
| good description.
| bilal4hmed wrote:
| Seems like the answer is to use just iOS and apple products if
| you care about privacy.
| sloshnmosh wrote:
| Might I suggest Lineage OS. Very little if any data is sent out
| from my testing.
| danielrhodes wrote:
| Data collection is what companies do when they have no empathy.
| It's like an ivory tower effect where you don't interact with
| customers day to day or don't know what they want, so you try to
| use data to fill in the (large) gap. I could come up with
| countless examples of amazing products where nobody was using
| data to justify their decisions.
| ConceptJunkie wrote:
| That's because the user of the service or device is not the
| customer.
| grifball wrote:
| I only skimmed the paper, but I think the title extracts and
| confuses a small part of the paper: "Google collects around 20
| times more handset data than Apple" They didn't intend to say
| that google collects 20x more data than apple in total, which is
| what the use of the term "devices" kinda leads us to think. The
| paper seemed to be equally critical of both and this article made
| it into an attack on google.
|
| Idk which device is worse, but this article title is a bit
| misleading. Why not just quote the paper directly?
| davidkellis wrote:
| What are the best alternatives to iOS and Android? Is it
| reasonable to consider the hardware itself "safe", given that the
| software tracks and calls home about every single thing it does?
| What are the alternatives?
| fapjacks wrote:
| As mentioned in sibling comment, there are no alternative, but
| I use microG, which is an open source Google Play Services (the
| core vehicle of most of this fuckery) shim that allows you to
| use apps that require Google Play Services (like Uber or Tinder
| or whatever) without actually having to install any binary
| blobs from Google. The future is so stupid.
| metalliqaz wrote:
| There are no practical alternatives.
|
| If you're serious enough to use impractical solutions, you
| probably want a non-google Android distro:
| https://en.wikipedia.org/wiki/List_of_custom_Android_distrib...
| FearlessNebula wrote:
| The hardware itself is insecure in 99% of modern phones because
| the modem has its own tiny CPU with access to the main CPU and
| memory. I have no evidence that anyone does use this to collect
| your data, but somebody totally could. Desktop processors have
| something similar called the Intel Management Engine or AMD
| Ryzen has the PSP
| npteljes wrote:
| There's /e/ OS for one. Debatable how far you get from the
| Google ecosystem, since it's an AOSP fork, but I think it's a
| fine middle ground of functionality and practical privacy.
| swebs wrote:
| Manjaro Phosh edition on the Pinephone is pretty good these
| days. There's still a lot of work to be done, but it works just
| fine as a phone.
| Mediterraneo10 wrote:
| None of the distributions on the PinePhone work well for all
| the things that people use that little computer in their
| pocket (which is no longer just a phone) for. For maps, for
| instance, all of the PinePhone's choices are little more than
| lightweight tech demos compared to, say, OSMAnd on Android.
| There is no official Signal client, no powerful browser
| beyond the clunky Desktop-Firefox-for-Postmarket-OS hack,
| etc.
|
| It is unlikely that "all the work that would need to be done"
| to make the PinePhone as useful as an Android phone (even
| with pure libre software) will even get done. The problem is
| that the PinePhone is just too underpowered in CPU and RAM,
| comparable to devices from many years ago. Plus, the
| PinePhone dev community just doesn't appear to be large and
| motivated enough to cover all the bases of e.g. battery
| optimization that the corporate mobile developers have done.
| swebs wrote:
| Well it can make calls, transfer data over cellular
| networks, and access a web browser. For some people, that's
| all they need. For maps, I use Nextcloud Maps through
| Firefox. You can also use Google Maps that way or whatever
| OSM provider. It comes with a Telegram client and Matrix
| client.
|
| >no powerful browser beyond the clunky Desktop-Firefox-for-
| Postmarket-OS hack, etc.
|
| I don't really know what you mean by this. It's the exact
| same Firefox that's in desktop Linux. You can install all
| the add-ons and such. Do note that Manjaro is not
| PostmarketOS.
|
| The biggest problems are the weak CPU as you've mentioned,
| and the fact that the entire OS is in a very alpha (or even
| pre-alpha) state right now.
| Mediterraneo10 wrote:
| > For some people, that's all they need.
|
| History tells us that when you have a device that does a
| few things that only for a tiny minority of people -
| within already a tiny minority of nerds - are "all that
| they need", and the dev community is so small, there is
| no future to the device. For someone who was around in
| the OpenMoko and Nokia N900 days, it is hard not to see
| the PinePhone as a stillborn device, which will never
| progress beyond "pre-alpha" state. A year after I got my
| PinePhone, it remains just as disappointing an experience
| as in the beginning.
|
| > You can also use Google Maps that way or whatever OSM
| provider.
|
| Browsing Google Maps is a joke on the PinePhone's weak
| processor. And again, OSM on the PinePhone is vastly
| inferior to the OSM choices on Android. Merely showing
| OSM tiles does not a good map app make.
|
| > It's the exact same Firefox that's in desktop Linux
|
| And that is the problem. Desktop Firefox was never
| designed to work at those screen dimensions. Many
| features of the Firefox UI do not actually work on the
| PinePhone. (They might possibly work if you dock the
| PinePhone with a monitor and mouse - I haven't checked -
| but they don't work on the PinePhone as a phone.)
| jeffbee wrote:
| A lot of this reveals the way that Google itself perceives
| Android devices, and also ChromeOS devices to a lesser extent, to
| be inside their infrastructure. Years ago Google SRE wanted to
| extend observability beyond their edge so that there could be an
| SRE team responsible for the performance of first-party mobile
| applications. So, there's an SRE team at Google with a dashboard
| that shows them Google search latency from Google app v42 and v43
| which is deployed to 1% of clients. This is why there is so much
| telemetry.
|
| Another big thing about Android is anti-abuse, keeping people
| from running ad click fraud in apps running on emulators. That is
| the whole DroidGuard thing that the paper mentions and doesn't
| explore further. It is a device-specific virtual machine and
| bytecode for the virtual machine which is intended to
| authenticate it as a real device, not an emulator.
|
| Anyway check out this slide deck for how Google SRE views mobile
| as being in their world:
| https://www.usenix.org/sites/default/files/conference/protec...
|
| PS that team is called MISRE, pronounced "misery" and some of the
| founders of that team migrated from "SAD SRE" make of that what
| you will.
| ocdtrekkie wrote:
| > A lot of this reveals the way that Google itself perceives
| Android devices, and also ChromeOS devices to a lesser extent,
| to be inside their infrastructure.
|
| This quote should be more than enough to justify legally
| separating Google from ownership of both platforms. It is a
| similar problem we're seeing Tesla now extend to it's _cars_.
| Regardless of who legally owns the device, the company 's
| employees feel entitled to data from it and de facto ownership
| of it. In most cases collecting data that the actual owner of
| the device is unable to see or utilize themselves.
| relax88 wrote:
| Here I am still waiting for my Purism Librem 5 I ordered in 2019
| while google continues to suck up my data.
|
| Any day now...
| einpoklum wrote:
| "Google and Apple both collect a lot more telemetry from devices
| with Android/iOS respectively devices then they should be; with
| Google outdoing Apple."
|
| There, fixed that title for you.
| metalliqaz wrote:
| How to fully disable Google location tracking on your smartphone:
|
| https://www.androidpolice.com/2019/10/08/how-to-fully-disabl...
|
| How to disable personalized ads on Android:
|
| https://www.androidguys.com/tips-tools/how-to-disable-person...
| cma wrote:
| > Note that if you clear your cache, you will lose your opt-out
| setting." Tap OK to continue and implement the change.
|
| Which cache is that talking about, the browser, or some system
| level thing? Doesn't clearing your cache break some of their
| fingerprinting and tracking stuff (timing side channels, etc.)?
| Seems kind of egregious to have clearing that simultaneously
| opt you back in.
| aboringusername wrote:
| PSA: This does NOT stop Google tracking your smartphones
| location. If you think taking these steps means Google's
| blissfully unaware of where your smartphone is located is
| denying themselves reality, there are many, many ways to track
| where a handset is at any given moment (IP address, cellular
| tower location, with 5G it can be even more precise).
|
| I'd be shocked if after turning off all the settings on my
| phone it was impossible to track its location via some
| capability somewhere.
| qwertox wrote:
| Last week my Pixel started to display an overlay with closed
| captions of the audio flowing through the device.
|
| It listens in on any audio and transcribes it. Probably handy for
| podcasts, but other things are just scary.
|
| Maybe it's OK if Google does it, I don't really know. I dislike
| it, it concerns me. The device would have a transcription of
| audio conversations I have through apps like WhatsApp. Or it
| could do something useful like transcribe podcasts and hand the
| transcription over to the owners, so that they can publish it
| along with their podcasts, without Google needing to dedicate
| their servers to it.
|
| But if companies like Xiaomi get this feature for free on Android
| 15 or 16, I know what they will use this tech for. I know what
| Facebook would use this tech for, and I wouldn't be surprised if
| they finally start to sell a cheap but powerful Android device.
|
| With offline transcription the "your device is recording me" will
| get so much harder to detect, as no audio will get streamed. It
| will become so easy to listen for keywords like "lawnmower" and
| count their occurrences or their proximity to phrases like "need
| to buy", or "is pregnant" and stuff like that.
|
| I don't want my devices to do this.
| esrauch wrote:
| The live transcription behavior is enabled by a button at the
| bottom of the volume control toggle. If it transcribes even if
| that button is off that seems a lot more concerning.
|
| I don't think transcribing on device and then uploading would
| make any sense: for something like podcasts they could just do
| serverside transcription (they already do for youtube videos at
| least).
| Zhenya wrote:
| 1) press volume down
|
| 2) you should see the volume dialog with a box with squiggly
| lines in it at the bottom of the volume slider
|
| 3) press that to turn it off
| qwertox wrote:
| Thanks to both of you.
| tytso wrote:
| When you enabled the Live Caption (similarly to how folks told
| you to disable it --- on my phone it was turned off by default)
| the following informational screen should have been displayed:
|
| "Live Caption detects speech on your device and automatically
| generates captions.
|
| When speech is captioned, this feature uses additional battery.
| All audio and captions are processed locally and never leave
| the device. Currently available in English only."
|
| So note that Google does _not_ get a copy of the audio stream.
| It stays local to your device only. I don 't know about you,
| but seems like a really handy feature to me, especially for
| those who might have hearing difficulties.
| jariel wrote:
| Both Google and Apple forbid health agencies around the world
| wanting to install apps to store similar data for the purposes of
| pandemic data and suppression - which is understandable that many
| governments would use it for all sorts of nefarious reasons, but
| it's also rather hypocritical that they can infer that 'we can
| use it for whatever because quality. And advertising'.
___________________________________________________________________
(page generated 2021-03-30 23:00 UTC)