[HN Gopher] Windows 11, Amazon, and Uncomfortable Questions
___________________________________________________________________
Windows 11, Amazon, and Uncomfortable Questions
Author : ingve
Score : 383 points
Date : 2021-06-27 14:47 UTC (8 hours ago)
(HTM) web link (commonsware.com)
(TXT) w3m dump (commonsware.com)
| deadalus wrote:
| First thing to do after installing Windows 11 : Disable Telemetry
| encryptluks2 wrote:
| It is near impossible. There are probably in excess of 30 or
| more group policy settings that would be needed to try to
| disable it. Even something as simple as signing into the
| Microsoft Store seems to enable additional telemetry like
| sending app launches to your Microsoft account history.
| shadilay wrote:
| Did you check your firewall logs to see if it actually disabled
| it?
| SQueeeeeL wrote:
| We live in a hell world if we need to take extra steps to NOT
| be spied by your operating system
| lazide wrote:
| Already here - I've had windows 10 auto updates re-enable it
| at least 3 times over the years. I've given up frankly. It's
| really crazy they get away with it.
| sneak wrote:
| I use WPD to block and disable it all. There's a lot more
| than a few settings to change.
| qwertox wrote:
| Thank you for mentioning this program. I didn't know it
| exists, and I just downloaded it and ran it, and
| everything was set to enabled. I thought I had opted out
| of spying when I upgraded Windows 7 to 10.
| jptech wrote:
| Can all of it be disabled? Can you point to how?
| marderfarker2 wrote:
| Windows 10 still respects the Group Policy on Windows
| Update . If you're on Home edition, there's a powershell
| script that can enable gpedit for you.
| Jonnax wrote:
| Then don't use Windows.
|
| If you aren't happy with Apple's telemetry, then use Linux.
|
| If you aren't happy with bug reporting tools remove it.
| beebeepka wrote:
| Indeed. Regular people I get but developers voluntarily
| using it make no sense. But UI, but telemetry, but appl...
| As if there are no viable options out there
| SQueeeeeL wrote:
| I'm glad the standard we hold ourselves to is to just not
| use shitty products that spy on their users instead of
| expecting/requiring them to be better
| Jonnax wrote:
| Their QA process is based around their telemetry.
|
| They're not going to change it.
|
| Also exaggerating by saying "spy on their users" is just
| misrepresentative.
|
| And muddies the water when discussing actual spying on
| users computers.
| qwertox wrote:
| It's also an exaggeration to say that they have QA
| process. They keep shipping faulty updates again and
| again.
| [deleted]
| darksaints wrote:
| And then update your software because you need security
| updates. And then disable telemetry again. And then update your
| software again. And then disable telemetry again. And then
| update software again. And then disable telemetry again. And
| then install Linux and never install Windows ever again.
| marderfarker2 wrote:
| I have since relegated to totally disabling Windows update
| due to this. As a bonus, my PC stays the same way, goes to
| sleep and stays asleep as expected without new unexpected
| features clogging my desktop every month.
| dhruvdh wrote:
| I've rarely ever seen any discussion of Windows Telemetry
| actually discuss how it violates their privacy.
|
| Is it not possible that the telemetry exists only to collect
| data on how to improve software? Do we know it's being used for
| advertising?
| johannes1234321 wrote:
| There are other risks than advertising/privacy. They can for
| instance analyse what applications from other vendors are
| frequently used and build in alternatives.
| rovr138 wrote:
| Do we know it's not? Is it illegal for them to switch to
| using it for advertising in the future?
|
| What I know is that they collect huge amounts of data and we
| don't have protections on how that can be used.
| bogwog wrote:
| And what that means is that it comes down to trust. And
| anyone who trusts Microsoft (or any of the tech giants) is
| naive or uninformed/ignorant.
| criddell wrote:
| Unwanted surveillance is itself something that many of us
| object to. For example, I run uBlock Origin to reduce
| tracking, not because I think ads are evil.
| Bancakes wrote:
| If you want your software improved, open source it, and
| people will post gitlab issues. We all saw what happened with
| MS Calculator. It was a successful experiment.
| p_j_w wrote:
| They will never do this in areas where that would threaten
| their vendor lock-in.
| tomjen3 wrote:
| Even if that was the case, and that there was no way to use
| the data to harm me, and it wouldn't be used to make a bland
| user experience, why take the risk?
| wintermutestwin wrote:
| It has become quite clear that user data is the goldrush that
| the majority of the world's biggest tech companies are
| feverishly mining. Whether they sell it today (advertising)
| or not is the smallest concern compared to a myriad of
| society-harming ways that it could be used in the future. A
| company like MS could sit on your data for a decade and then
| decide that can get away with far more data abuse than they
| could today. It seems like a good bet that the ways that our
| data can be used will continue to expand. We probably can
| just watch the tea leaves of China to see what our data use
| future looks like. How long will it be until we have a social
| credit system like China's?
|
| >actually discuss how it violates their privacy
|
| The privacy violation is the collection itself.
| akagusu wrote:
| Uncomfortable questions nobody asks because everybody is afraid
| of the answers.
| varispeed wrote:
| Or they are worried losing sponsorships. Every company seems to
| be moving towards walled garden rent seeking data harvesting
| business model, so if they start asking question, they may
| start hitting the bottom line of many businesses.
| akagusu wrote:
| You are right about companies looking for rent seeking. Rent
| seeking is a global trend unfortunately, and I'm pretty sure
| this trend will end bad for us.
| varispeed wrote:
| Small anecdote: I needed a software suite for work and the
| cost was around $2800. I took a bank loan as I thought I
| could pay ~$300 a month until it is paid off and I didn't
| want to spent this much at once. I bought it. Few months
| later the company decided to embrace subscription model and
| you no longer find perpetual license on their site. That
| wouldn't be the end of the world, until my licenses started
| acted funny few months later (showing I don't have a
| license for some parts of the suite I paid for). The
| support said that they no longer support the version of
| software I have and they can only advice me to buy a
| subscription. They said they'll give me few months free for
| inconvenience.
|
| I was shocked!
| moksly wrote:
| It's been an interesting decade to be an Enterprise Organisation
| that's been happy with Microsoft for more than 30 years.
|
| We went into the cloud before Azure was a thing. AWS was a thing
| on the US when we did it, but back then no one in the Danish
| public service would've put our data into an American cloud. We
| instead rented iron instead of buying it, which sort of amounts
| to the same thing except it isn't in your basement, but in
| someone else's. Perfectly fine when the business case is there,
| which it was, and it helped us immensely for the world of today
| since we began getting everything virtual back then. Anyway, a
| decade later and now the move is going toward Azure (it could
| just as easily be AWS if Amazon had Office365) but it's not like
| we want to move away from Microsoft as such. Yes we are idealists
| who want more open source in the public sector, but we're also
| realists who have a staff of 30 to deal with the IT needs of
| 10.000 employees, some of which can't tell support if the device
| they need help for is an iOS or Android device. We also don't pay
| our IT staff enough to hire equal level talent for Linux systems,
| because that talent mass is just so much smaller.
|
| Getting back to my point though. Over the years we've gone from
| using different Kanban and planning tools to using Microsoft
| teams and planner. We've gone from using different document
| sharing systems (and the strict control over these) to using
| OneDrive for business. We've gone from using Cisco software
| phones to using Skype for Business and teams. We've gone from
| using dreambroker to using the video tools in windows and teams
| for presentation. We've gone from having different ways of
| running the scripts that maintain our org data, and BI tools that
| present them, to using azure services and powerbi. We started our
| using Softomotive as our Robotics platform and became the leading
| public sector organisation with it, and Microsoft just bought it.
| The list goes on.
|
| In short, we've gone from buying software from 30 different
| countries to simply using what Microsoft is now supplying through
| its platforms. We know it's maybe not the best strategy, but it's
| hard to defend not doing it when it's both cheaper, easier for
| the organisation and what our IT staff wants because it gives
| them CVS that can be used almost every where.
|
| Maybe this is just Microsoft being very good at spotting trends
| in the European public sector, but they are just so much better
| at it than agencies like Gartner, Deloitte, E&Y and even their
| competitors in the form of IBM and Amazon. Although as far as
| legalisation goes, Amazon has them beat by a lot despite starting
| slow.
| zahrc wrote:
| Add CRM and ERP Systems as well, Dynamcis365 grants incredible
| bang for buck.
| mistrial9 wrote:
| thank you for this detailed response -- I was on a team in the
| USA for a science company, under "transition" from plural,
| diverse vendors and stacks, to all Microsoft. It was in
| preparation for the sale of the entire company. Somehow
| management and the finance people together, in a locked room,
| decided that changing to one-hundred percent Microsoft stack
| was the move.
|
| The engineers that carefully built large, performant, working
| science software on a dozen platforms, where almost always
| against the change. One of the founders and a Senior Scientist,
| would talk and talk, and in fact had moved to Microsoft stack
| personally also.
|
| It was entirely obvious that the contrast between plural
| vendors, with plural engineering, was weighted against a single
| mono-culture of software and OS, and that decision makers went
| for the latter.
| qwertox wrote:
| Finally I can start _buying free apps_ again, which will
| needlessly spam my Amazon shopping history.
|
| Other than that, I'm so happy that my Fire HD 8 bricked itself,
| and the Fire 7 is about to take its last breath, because there is
| absolutely nothing which I managed to like about Fire OS. Never
| again, and I hope that MS doesn't start to try to nag me into
| using it.
| gchokov wrote:
| This is an epic mess. Trying to catch up with iOS on Mac (ehmm..)
| but having a sub system over a subsystem .. I don't think this
| will play out well.
| jayd16 wrote:
| Its just a built in VM with (hopefully) better perf and some
| nice file system interop. Where's the mess?
| dehrmann wrote:
| > Trying to catch up with iOS on Mac
|
| Maybe, and barely. You've only been able to do this since
| November, and only on new Macs. When Windows 11 ships, assuming
| the TPM requirement isn't an issue, a bigger share of Windows
| users will almost immediately have this feature, rather than
| having to buy new hardware.
| rewgs wrote:
| For real. Microsoft's attempts to compete with the Apple
| ecosystem kind of feel like DC trying to catch up with Marvel
| -- super rushed, half-baked, zero vision.
|
| It's especially strange since .NET is a great cross-platform
| framework.
| FiddlerClamp wrote:
| According to an MS engineer, you will be able to sideload APKs to
| Windows, which solves the problem for any app that doesn't need
| GMS:
|
| https://twitter.com/ajonoguy/status/1408221001951809539
| kaszanka wrote:
| You will be able to install the software you want on the
| computer you own without going through some corporation's
| central "store"? The fact that this is surprising or noteworthy
| is just sad.
| canadianfella wrote:
| Who said it was surprising?
| bobiny wrote:
| I'm not sure ownership applies to today's software. When you
| buy it and get security updates for some time - sure, but
| when you get new features in mandatory updates it washes out
| what the actual product is. Maybe you don't want new
| features? Best you can do with Windows 10 is postpone updates
| for 35 days.
| least wrote:
| If APKs were normal Windows executables I'd agree with you.
| But given that they're not, there's not really an expectation
| that they'd just work.
| selfhoster11 wrote:
| They are not normal executables, but they sure are normal
| Android executables. I don't see how that changes the
| expectations about being able to execute them.
| jayd16 wrote:
| "Normal" (as in most common) means Google Play Store
| native apps. That's a lot of functionality to shim.
| a1369209993 wrote:
| Sure. And 'normal' ELF executables link against libc and
| will not work if it's missing. If you want to argue
| quality-of-implementation[0] issues, go right ahead, but
| that's not the same problem as requiring code signing/app
| store.
|
| 0: ie, that windows doesn't _really_ support APKs because
| it doesn 't provide the APIs needed for them to work
| properly
| IshKebab wrote:
| What does the fact that they are not PE exes have to do
| with expectations about sideloading? Would you not expect
| to be able to side load a .jar either?
| klodolph wrote:
| Microsoft previously disabled side loading of Metro apps.
| This happened in the Windows 8 era. You either had to
| purchase a side-loading key (per machine) or use Windows
| Enterprise.
|
| My memory of the details is fading, thankfully, but I
| think side loading was disabled for 8.0 and 8.1 (without
| a key), and the restrictions were removed or relaxed in
| 8.2.
| klodolph wrote:
| Exactly--also given that side loading was, for a brief
| moment, a Windows Enterprise-only feature, if only for
| Metro apps.
| croes wrote:
| Parent was talking about side loading without store, not
| that Android Apps work on Windows. So it shouldn't be
| anything special to install whatever file format you want
| on Windows regardless the source.
| least wrote:
| That's absolutely not the same thing. I can download APK
| files all day on just about any operating system I want.
| That isn't equivalent to "installing" them.
| croes wrote:
| It's not about the file type but the file source. On
| Windows the source of file to install bis irrelevant, so
| side loading is not a feature. So why is new that you can
| install files that are not from a store? Install APK?
| That's new. Sideload a program? Not new, it's windows
| standard.
|
| Here some news for you. You can even side load Exe files
| and MSI files. See, nothing special. APK yes, side
| loading no.
| [deleted]
| least wrote:
| Side loading is a term that in the context of Android
| applications is well understood to be installing android
| applications that are not on the Play Store. It is not a
| synonym for downloading files to your computer system nor
| is it a synonym for moving files between two devices.
| croes wrote:
| >It is not a synonym for downloading files to your
| computer system nor is it a synonym for moving files
| between two devices
|
| Actually, it is:
|
| "Sideloading describes the process of transferring files
| between two local devices, in particular between a
| computer and a mobile device such as a mobile phone,
| smartphone, PDA, tablet, portable media player or
| e-reader." https://en.m.wikipedia.org/wiki/Sideloading
|
| Additionally side loading refers to mobile devices not
| desktop PCs.
| least wrote:
| Yes, I suppose you absolutely can refute my point if you
| choose to discard the first half of my statement which
| specifies the scope.
|
| Words can have different meanings under different
| contexts, and I'm providing you that context, which is
| important for understanding what people are talking about
| here. Please stop being obtuse.
| croes wrote:
| You can just specify the scope as you like. It's about
| Windows mot about Android. Just because APK is an Android
| format doesn't change the context to Android.
| a1369209993 wrote:
| Is it, or is not, possible to run arbitrary APK-formatted
| applications without regard for code signing or any app
| store[1]? If so, sideloading is not a thing, that's just
| the normal way to use a application[0]. If not, the
| operating system is malicious, and kaszanka's complaint
| about that fact stands.
|
| 0: Provided it runs on your OS in the first place,
| obviously; adding support for APKs _in general_ is a
| meaningful feature, in the same way as wine adding
| support for EXEs on linux.
|
| 1: In the same windows has been able run arbitrary EXEs
| since... well the entire time it's existed, give or take
| incremental extensions and revisions of the file format.
| [deleted]
| shadilay wrote:
| I suppose this will expose the lie that Android is anything
| like an open platform and not almost completely reliant on
| Google.
| EvilEy3 wrote:
| I'm sorry to disappoint you, but there's a repository of FOSS
| called F-Droid which has no ties to Google.
| selfhoster11 wrote:
| F-Droid has a major flaw, in that Android (as of now)
| doesn't allow auto-updating of apps outside of Google Play.
| I only install a limited number of apps from there for that
| reason.
| MonaroVXR wrote:
| In Android 12 app get updated too
| circularfoyers wrote:
| It is possible, https://gitlab.com/fdroid/privileged-
| extension, https://github.com/whyorean/AuroraServices.
| ohgodplsno wrote:
| Right. And microG is a perfect replacement that works
| flawlessly.
|
| You see where this is going. Google has moved _so much_
| functionality into play services that Android as a platform
| is losing features every day if you don't have it. It's
| fine for fully local applications, but should you rely on
| location services, dynamic module delivery, any maps
| service, etc, you are utterly fucked.
| kdkdksmsn wrote:
| How can you possibly think this is a rebuttal? Whoop de do,
| there exists an also-ran OSS marketplace on the platform.
| In what way does that rebut what the grandparent said?
| shadilay wrote:
| Most of the apps on my phone are from FDroid. This does not
| mean that you can have a phone with any comparable level of
| functionality without relying on Google. You can see for
| yourself by installing a stock android ROM with no google
| play services or microG.
| croes wrote:
| There exists a repository named Cydia for iOS with no ties
| to Apple, therefore iOS is an open system? Google moves
| essential parts of Android to the proprietary Google
| services and can easily enforce restrictions for smartphone
| manufacturers, so 3rd party stores depend on Googles
| benevolence.
| LegitShady wrote:
| The problem is like any software feature nowadays it can be
| restricted in the future once general acceptance occurs. And
| most users who don't know anything abour sideliading will
| download from Amazon and not know what is going on.
| sharken wrote:
| Yes, the concerns raised about resigning apps and sideloading
| capability is not something the average Windows user will
| care about.
|
| Android apps are also inferior to Windows apps, so the real
| question is: Who is going to use Android apps on Windows.
|
| Android app developers seem to be the target group.
| LegitShady wrote:
| > Yes, the concerns raised about resigning apps and
| sideloading capability is not something the average Windows
| user will care about.
|
| It's not something they'll understand the significance of.
| That doesn't mean it isn't important.
|
| >Android apps are also inferior to Windows apps, so the
| real question is: Who is going to use Android apps on
| Windows.
|
| Many people who use their phones for a lot of the time and
| want a similar/identical experience on their laptop.
|
| >Android app developers seem to be the target group.
|
| I disagree. It's for people who want snapchat or signal or
| whatever on their devices. Android developers already have
| emulators or test devices.
| als0 wrote:
| Yep. I've tried Android apps on ChromeOS and iOS apps on
| macOS. They're so out of place and clunky...the average
| computing user just won't like them. The developer angle is
| the only one that makes sense.
| indymike wrote:
| About that. Most people are great with having access to
| Android apps on their Chromebook... Android apps let you
| do work on a Chromebook (example:video editing) where a
| local app really helps. Some Android apps work really
| well. Others not so much... That is because the developer
| hasn't done what needs to be done to make their app
| behave with freeform window mode. Those that don't either
| grab the whole screen or run in a phone sized window.
| Android has always had mouse support (original Android
| phones had a touch screen and trackball). Apps that do
| support freeform window mode work really well on
| ChromeOS, too.
|
| Ok, so why even have freeform window mode? Well, that is
| because Android has a "desktop mode" that is supported by
| some Android 10+ devices. If you have a USBC/HDMI/USB
| adapter (same thing you use with newer macs), you can
| plug your phone in and use it like a desktop. It's not
| great, but it is surprisingly useful, especially when an
| airline loses your laptop bag.
| ClumsyPilot wrote:
| "Android apps are also inferior to Windows apps"
|
| There is no windows app to access my credit card, an Monzo
| doesn't even bother creating a website to access your bank
| account.
|
| Some functionality specifically requires a mobile app and
| is not accessible from websites.
| brundolf wrote:
| Was just about to ask this.
|
| Another question is, how does Amazon solve the GMS problem? Do
| they provide their own shim library, modify the apps somehow,
| or something else? Could the whole Windows 11 thing pressure
| developers not to rely on Google APIs now that there's more
| competition in the space?
| zinekeller wrote:
| It's like Huawei's HMS: it's not a drop-in solution, which
| means that you can't just upload the APK to the Amazon app
| store without changes.
| mdoms wrote:
| The entire article hinges on this one premise,
|
| > However, there is a dark cloud with all of this: the primary
| source of Android apps for Windows 11 users appears to be the
| Amazon AppStore for Android.
|
| Is there any evidence of this? There's no linked article and it's
| entirely unsourced. I for one would NEVER install software that
| Amazon has had any hand in.
| ttam wrote:
| > "I can think of a number of countries who would love to
| convince Amazon to modify Facebook Messenger to bypass end-to-end
| encryption, for example."
|
| How exactly can this be done?
| 2OEH8eoCRo0 wrote:
| Weren't they merely using the Amazon app store as an example?
| grogenaut wrote:
| This post for info purposes only having worked with the Amazon
| app store team and does not reflect my opinions at all, I haven't
| spent time thinking about if it's good or bad:
|
| The resigning stuff is because they alter the apps to fix
| dependence on Google play apis and gsuite apis. Developers were
| not interested in rebuilding their apps for fire and other
| devices without those apis baked in and this was a good solution
| to ease uptake for fire/Amazon app store.
|
| Also note that ms will control this android os, so they already
| control the signature verification method. They could do this
| without you knowing very easily by just with something like
| carrying a second sig and hash of what they modified and the
| original partial sums from the original app. Google and amazon or
| any os supplier can.
|
| Signature verification is only as strong as the verifier code.
|
| Glad to burn karma to put data out there.
| Sebb767 wrote:
| > The resigning stuff is because they alter the apps to fix
| dependence on Google play apis and gsuite apis.
|
| Except the article clearly states:
|
| > Amazon wraps your app with code that enables the app to
| communicate with the Amazon Appstore client to collect
| analytics, evaluate and enforce program policies, and share
| aggregated information with you. Your app will always
| communicate with the Amazon Appstore client when it starts
|
| Now, the original reason to do this might have been benign and
| well-intentioned, but the result is bad already. This is for
| now, who says they don't simply add ads like Google [0], or
| even without the developers knowledge like SF [1] once did?
| Ubuntu tried to only implement a search and it backfired badly
| [2], I hope this goes down a similar path.
|
| As a side-note: Of course I'm very happy that competition to
| the PlayStore is getting some love. This is direly needed. But
| Microsoft could have gone with F-Droid easily. Trading a bad
| thing for something worse does not fill me with joy.
|
| [0] https://news.ycombinator.com/item?id=27643208
|
| [1] https://arstechnica.com/information-
| technology/2015/05/sourc...
|
| [2] https://nakedsecurity.sophos.com/2012/11/01/ubuntu-search-
| am...
| whoopdedo wrote:
| > Your app will always communicate with the Amazon Appstore
| client when it starts
|
| One of the consequences of this is that apps refuse to start
| if they haven't been able to connect with the Store in the
| past `x` days.
| cptskippy wrote:
| > But Microsoft could have gone with F-Droid easily.
|
| Slipping that in at the end really hurts your argument.
| Microsoft opting to use F-Driod would be worse than starting
| from scratch and only benefit F-Droid.
|
| Presenting F-Droid as an equivalent to any of the large
| stores is like trying to say a lending library in someone's
| front yard is the equivalent to Barnes & Noble or Amazon.
|
| It's borderline delusional to compare F-Droid to the big
| players in much the same way it's silly to compare FOSS apps
| like GIMP to Photoshop. Sure it performs the same core
| function but they're in completely different classes.
|
| They aren't equivalents unless you willfully ignore a lot of
| differences and that is just dishonest.
| hanselot wrote:
| The most major difference being that I have come to
| associate apps installed via F-droid with quality, while I
| associate anything produced by the "Big players" with
| bloatware and trash.
|
| Almost without exception, the more apps from "Big players'"
| stores I install, the more laggy and trash my experience on
| mobile becomes, until I am forced to buy a flagship. This
| is exactly the same way my PC experience had become prior
| to migrating to Linux. Now, I get to be in control of my
| computer, and honestly, if people would shift their
| attention from "it doesn't compare to 'insert hacked
| together proprietary trash X' " to, "who actually owns my
| data and computing devices?", we would immediately see a
| turnaround of this experience. The catch22 has always been,
| nobody is using the software on Linux enough for enough
| people to be submitting feedback, while simultaneously, not
| enough people believe Linux is worth moving to.
|
| Those people still left supporting these corporations
| immediately jump to the same argument as always, while
| these "big players" find and innovate unique ways of
| slipping ever more propaganda directly onto your machine,
| all while you are stuck staring at the newest trash filter
| added to photoshop.
|
| Quite honestly **** you good sir, how dare you **** on the
| effort of the Open Source community by even pretending for
| a second that you are not representing the opinion of the
| very corporations that would see these communities
| extinguished if it added so much as a cent to their
| quarterly profits.
|
| Seriously, don't even try to represent what qualifies as
| software in today's world with what used to be "good"
| software.
|
| There does not exist a program in today's world that isn't
| a bunch of hacked together trash, sticky-taped together by
| countless shortcuts, all in an effort to ship in time for
| the next deadline.
| na85 wrote:
| >The most major difference being that I have come to
| associate apps installed via F-droid with quality, while
| I associate anything produced by the "Big players" with
| bloatware and trash.
|
| Oh c'mon, there are plenty of garbage apps on fdroid.
| Let's not kid ourselves here.
| mschuster91 wrote:
| > The catch22 has always been, nobody is using the
| software on Linux enough for enough people to be
| submitting feedback, while simultaneously, not enough
| people believe Linux is worth moving to.
|
| The problem is somewhere else: Most Linux software
| doesn't have commercial backers but is written by people
| to a "works fine enough for me" standard, often with _no_
| UX /UI design at all or copying from Windows/OSX at best.
| As a result, "ordinary" people used to the Windows/OSX
| get frustrated because of wildly differing design
| principles between programs, no design principles at all
| (hello GTK), basic stuff (hello Bluetooth, suspend,
| audio) not working or atrocious performance. I'm nearly
| 30 now and don't have the free time to deal with kernel
| recompilations, trying out forks or whatever just to have
| a basic system I can work with anymore.
|
| "You get what you pay for" is a thing you might look past
| when you're young and only have to choose how to divide
| your time between experimenting with hardware, gaming and
| getting wasted.
|
| And in most of the time, I can't even _pay_ for proper
| support because the developers only make their project on
| their own as a side gig, which means no project
| management and issue handling either other than filing
| issues in a pile of issues in Github (or, worse, mailing
| lists)...
|
| Edit: another thing that comes to mind... people always
| complain why schools aren't using FOSS but proprietary
| software (Windows, MS Office). Well guess what, teachers
| don't have the time to waste on bugs (Libreoffice is
| _nowhere_ near as polished as MS Office is), explaining
| to parents why their kids have to learn something
| different to what everyone else uses at home or to
| maintain a FOSS-based AD. Samba is decent for a setup in
| which you have a _team_ of experienced engineers (since
| you save on licensing costs heavily), but _nothing_ beats
| the simplicity of a MS Server GUI.
| hellotomyrars wrote:
| Try not to take things so personally that aren't even
| directed at you. Good grief.
|
| FOSS is great but there are still plenty of places where
| it doesn't measure up, even in terms of pure
| functionality. Having an appropriate and level-headed
| understanding of things isn't `shitting on the effort of
| the Open Source community` and someone can recognize this
| without being a corporate shill.
| ImprobableTruth wrote:
| F-Droid is just way too small, it has ~4000 apps vs ~500000
| for Amazon's appstore.
| ohyeshedid wrote:
| Have you actually spent time in the Amazon android
| ecosystem?
|
| It's absolutely terrible. Total amount of available apps is
| not a good metric for quality.
| zo1 wrote:
| Agreed. 95% of all those apps are useless and rehashes of
| existing apps in some way. And the only reason the whole
| thing doesn't fall over is because of semi-random search
| that "spreads" some portion of user downloads to lower
| quality (or less popular) apps, thereby incentivizing the
| spaghetti-throwing-at-the-wall ecosystem that is the app
| stores.
|
| Curation models are better in that sense, because they
| have a limit that forces a quality filter. The
| alternative is just an evolution of the spam model. You
| see it with Google turning the web into blog spam,
| YouTube with videos, ebay/Amazon/aliexpress with
| "products", and the app stores with their 5million
| "apps".
| dannyr wrote:
| My guess though is that most of these apps haven't been
| updated for years.
| teraflop wrote:
| Sure, there are any number of ways Microsoft could break their
| own security model. For example, they could stop verifying
| signatures entirely. The fact that they're _not_ doing worse
| things doesn 't make what they _are_ doing less bad.
|
| If the problem is that app developers don't want to fix
| dependencies on Google services, but Amazon has a tool to fix
| them automatically, why can't they just release the tool and
| let developers sign the output themselves? Sure, some devs
| might be too lazy to do it, but how does that justify forcing
| everyone to give up control over their signatures?
| cptskippy wrote:
| > If the problem is that app developers don't want to fix
| dependencies on Google services, but Amazon has a tool to fix
| them automatically, why can't they just release the tool and
| let developers sign the output themselves?
|
| I would imagine the tool rebinds the Google APIs to Amazon's
| equivalent APIs rather than neutering them. Since Apps are
| relying on the API responses. I don't imagine Amazon wants
| Apps distributed outside their Store using their APIs and
| getting a free ride.
|
| Am I missunderstanding things? Isn't the purpose of App
| Signing primarily for Google's software running on your
| device to verify Apps running in your device against public
| signatures Google holds on it's servers?
|
| I understand there's a chain of custody and a developer can
| upload their App, then download it from the store and be
| confident it's what they uploaded. But Google now allows you
| to put your signing keys into their KeyStore on their
| servers. I guess you still have a copy and can verify an App
| is signed with your Key but since you didn't do the signing
| that isn't enough to ensure it was signed without
| modification.
| teraflop wrote:
| > But Google now allows you to put your signing keys into
| their KeyStore on their servers. I guess you still have a
| copy and can verify an App is signed with your Key but
| since you didn't do the signing that isn't enough to ensure
| it was signed without modification.
|
| In fact, Google is planning to soon force app developers to
| use this model, just like Amazon. Yes, it removes the
| ability for developers to know/control what code is running
| with their name attached to it, and it's bad regardless of
| who's doing it.
| slownews45 wrote:
| Huh - the signatures are for the store and store client to
| verify things.
|
| And if you are going to use Android App Bundles or whatever
| google is recommending, you'll be using Play App Signing.
|
| I guess I'm just curious what "keys" amazon is forcing you to
| give up. I'm not sure they even care about your keys.
| teraflop wrote:
| > And if you are going to use Android App Bundles or
| whatever google is recommending, you'll be using Play App
| Signing.
|
| As I said in another comment, it's not any better when
| Google is doing it instead of Amazon.
|
| > I guess I'm just curious what "keys" amazon is forcing
| you to give up. I'm not sure they even care about your
| keys.
|
| If we're being literal, they're not forcing you to give up
| _your_ keys. They 're forcing you to give up control over
| what code gets signed as part of your application -- that
| is, control over which signatures are considered valid. The
| end user has no way to verify that the application is what
| you released; they can only verify that it's what Amazon
| (or Google) decided to distribute on your behalf.
|
| Imagine if GitHub decided to take every repository with
| signed commits and rewrite it so that the code was signed
| by GitHub, instead of by the original authors. Why would
| anyone have a reason to trust those signatures?
| slownews45 wrote:
| The issue is users trust google / amazon / github and
| their signatures MUCH MORE than they do random joe blow
| developers signatures.
|
| Let me explain something clearly - most users are NOT
| checking developers signatures. The clients, their trust
| is in the google / amazon's of the world. What google and
| amazon are saying, and what users care about, is that
| this application went through whatever process google /
| amazon have to describe / disclose the developer and
| their details, whatever scans google / amazon do,
| whatever CDN distribution they use has not messed with
| things, whatever govt agencies / firewalls are between
| users and google / amazon have not messed with things etc
| etc.
|
| Google already has access to users systems - if they want
| to root android they can (in most cases google play
| services has root already). Many users are more worried
| about bad behavior by apps on their system (and there is
| plenty of history of that behavior).
|
| This also let's amazon / google etc re-target apps
| themselves. They can link to shim libraries to run on
| other platforms etc etc. The value there is high. Many
| developers aren't going to sort that type of stuff out.
|
| This same model applies in open source. When Redhat /
| Fedora upgrade something, they can recompile their entire
| RHEL if they want to to target / work with whatever
| upgrade they've pushed. Again, users on redhat don't care
| about the developers signatures, they care about redhats.
|
| Of course, on HN the outrage is going to be at Google,
| but most open source distros work exactly this way as
| well.
| tyingq wrote:
| Given the choice between an Amazon app store and a Google one,
| running on my Windows machine...Amazon does seem the lesser of
| the two "evils".
| ineedasername wrote:
| I side-load the Google Play store on Kindle devices. I wonder if
| that will be possible here. If so, it's one way to avoid Amazon's
| app wrapper, and probably appealing for many more users than that
| sort of thing would usually be due to the Play store having a
| much wider selection.
| [deleted]
| efitz wrote:
| I used to work at Microsoft in the Windows team, and think that
| the product is a lot better than many people give it credit for.
|
| That said, why exactly do I want even more kitchen sink
| functionality in my OS? In a world trending towards devices and
| services, we should see general purpose OS trending more towards
| slimmed-down, tailored-for-use implementations - maybe the same
| code base supports a game console and a streaming media device
| and a phone and a tablet, but each instance stripped until it's
| just what is needed. Why do I want bloat exactly?
| liquidpele wrote:
| For the same reason solitaire is an online app with ads now.
| poisonborz wrote:
| Because Microsoft would be stupid to provide a barebones OS.
| What would an average user do with that? They install an OS and
| then spend days with hunting down different apps and configure
| them so that they can actually start using their device? MS
| (and honestly, any software company) has all the reasons and
| ability to provide a (more) complete solution. The only
| complaint one may have is to have ability to remove/disable the
| things you don't need - which you, as an experienced user, can
| do (eg. WSL is optional).
|
| I'm not saying this results in a healthy industry (monopolies
| using their monopoly to get into a much wider field) but if you
| see the world from an average user on one end, and a profit
| oriented company on the other, it's rather obvious how things
| happen.
| fffrantz wrote:
| While this is indeed worrisome, I'm not really sure Microsoft is
| any better than Amazon from a pure end-user point of view.
|
| Microsoft has been a telemetry champion and has been collecting
| troves of personal data through Windows 10, all the while making
| it almost impossible for the average user to disable it (and re-
| enabling it with every major update).
|
| So if Microsoft goes the same route as Amazon (resigning every
| app), it's just a matter of choice between a rock and a hard
| place. On the other hand, even if they allow for the app
| developer to keep its signature, Microsoft is still probably very
| capable of gathering data and telemetry through their Android
| implementation.
|
| Either way, and until it becomes illegal to collect data without
| explicit consent, I'm pretty sure we're screwed...
| jjcon wrote:
| This is why I treat windows as my gaming console at this point.
| I game on it, thats it. Everything important I leave to
| linux/mac.
| andrepd wrote:
| Wine/Proton is so good that you might find you don't even
| need it for that.
| mdoms wrote:
| Not even close.
| Bancakes wrote:
| Games consistently get fewer FPS on my setup. 3750H
| GTX1650. Part of it is nvidia drivers being poopoo, most of
| it being CPU cycles overhead.
| skohan wrote:
| In my experience the nvidia drivers have been getting
| much better recently.
|
| Proton's not perfect, but it's been mostly worth it for
| me not to have to boot windows.
| Bancakes wrote:
| Agreed. For anyone interested in FPS boost, try glorious
| eggroll proton.
|
| I personally compile it myself off the AUR with the -O3
| -march=native flags (look at the PKGBUILD for more
| details), and I get fewer FPS than Windows, yet more
| consistently than Wine. No microstuttering.
| mvolfik wrote:
| My experience is that even running Among Us (i.e. a very
| simple game) via Steam/Proton on Ubuntu LTS (i.e. the
| most common platform) was quite fiddly. Didn't have
| chance to try much else, Factorio is luckily native
| jjcon wrote:
| For most things absolutely- I've had great success with
| proton. There are a few holdouts, especially in the VR
| space where Windows is still unfortunately very necessary.
| JMTQp8lwXL wrote:
| The telemetry for Windows is a frequent topic here, could
| anyone clarify/compare the story for Mac OS?
| umanwizard wrote:
| In the Apple ecosystem you are asked once when setting up a
| new device if you would like to enable telemetry.
| sneak wrote:
| Apple devices still phone home constantly with things that
| amount to telemetry when you use them, even with analytics
| disabled.
|
| Opening the App Store app, for example, sends your hardware
| serial number. Macs and iOS both maintain hardware-serial-
| linked 24/7 connections to Apple's push servers, too.
|
| There aren't opt out UI settings available for the majority
| of Apple's phone-home.
| tgragnato wrote:
| The situation is a little better compared to Windows, but
| it's not perfect.
|
| I always disable telemetry, but
| iphonesubmissions.apple.com:443,
| radarsubmissions.apple.com:443 and
| securemetrics.apple.com:443 are still contacted.
|
| People messing with ocsp.apple.com:80
| (https://github.com/StevenBlack/hosts/issues/1460) also
| need to be aware of ocsp2.apple.com:443.
|
| The iAdSDK setting is somewhat respected, but all the Siri
| subdomains are pinged even if Siri is turned off.
| NegativeLatency wrote:
| I've never had to try and remove ads from macOS to the extent
| that I do with windows 10, it's not devoid of advertising but
| not quite as bad
| nightski wrote:
| You get ads on Windows 10? I've never seen a third party
| ad. They have had an ad for Office which was a live tile
| (which I have disabled because I do not find them useful.
| zinekeller wrote:
| Also not me, but American friends have always complained
| about this so I presume that they don't want to anger
| some regulators in countries where they don't put ads.
| skydhash wrote:
| They were in the start menu. Ads for software and games.
| There was that candy crush saga game for ages.
| 2OEH8eoCRo0 wrote:
| Moving the goalposts. The parent was asking about telemetry
| specifically.
| slg wrote:
| Ads are telemetry now? Is "telemetry" just a catch all for
| "anything software does that I don't like"?
| rcthompson wrote:
| I'm pretty sure computer ads have _always_ been
| telemetry.
| slg wrote:
| This is a unique definition of "telemetry" as it usually
| requires collection of data. Some ads use telemetry for
| better targeting, but that isn't all ads and definitely
| wasn't true when things like banner ads were first
| introduced.
| judge2020 wrote:
| > and has been collecting troves of personal data through
| Windows 10
|
| How much PII is really collected via W10 telemetry? Or is the
| amount of times you click the start menu, accidentally search
| for something via Bing, then close that window now considered
| personal information?
| varispeed wrote:
| Your behaviour is personal to you and it is possible to
| identify a person based on that data.
| reaperducer wrote:
| It doesn't matter if it's PII or not. You ask before
| collecting. That's basic decency.
|
| Not your computer. Not your data.
| userbinator wrote:
| _Not your computer. Not your data._
|
| Unfortunately, Microsoft thinks otherwise. See the huge
| discussion here for example:
|
| https://news.ycombinator.com/item?id=27629350
|
| (tl;dr: thanks to Secure Boot, Microsoft had to _give
| permission_ for Linux to boot.)
|
| Also, don't forget the whole "Windows as a service" crap.
| skohan wrote:
| I sometimes wonder how profitable it actually is for Microsoft
| to be so pushy on data. What I mean is: I understand that MS is
| quite zealous internally about telemetry, but how effective is
| this data in terms of actually improving their profitability?
|
| From the user side, I am quite sure it is hurting the
| experience. One example is logins. MS is pretty bad about
| requiring logins for products which don't really require it in
| order to complete the user journey - for instance I bought the
| Halo collection on Steam, and in order to play an offline,
| single-player game I have to log into an MS account. As a
| result I haven't played the game in months, because I have to
| use this MS account that I don't even want to have, and I can't
| be bothered to reset the password for when there are other
| games I can play which just start up with no arbitrary hoop to
| jump through.
|
| And what does MS actually get out of it? I guess they can
| optimize their dark UI patterns to be better at tricking people
| into setting Edge as their default browser?
|
| Being data driven is good, but it seems to me it's not working
| if the end result is compromising the core user experience.
| freeone3000 wrote:
| User telemetry replaces what were once focus groups and
| market research. Without telemetry, Microsoft would be unable
| to determine what products were used, what features were
| used, and unable to determine prioritization for backwards
| compatibility and bugfixes, because it chose to rely on
| telemetry for basic business operations.
| reaperducer wrote:
| _User telemetry replaces what were once focus groups and
| market research._
|
| These things still exist, and many companies still use
| focus groups and market research. The company I work for,
| for example, does this extensively because I'm in the
| healthcare space and the legal department doesn't want us
| collecting information about our users without them really
| really really knowing its happening.
|
| Another example is MailChimp. It not only does video
| interviews with its users to determine how they use the
| product, it pays you for your time.
|
| Microsoft has the money and staff to do this basic
| research. "Telemetry" is just a synonym for lazy and cheap.
| skohan wrote:
| Yes and even besides traditional methods like user
| research, there are lots of indirect ways to measure the
| success of a product without resorting to invasive data
| collection practices.
|
| For instance, you can track downloads, page views in
| documentation, the number of times a certain endpoint is
| pinged on the server etc. while still respecting the
| privacy of the user.
|
| The practice to track a user's behavior across a wide
| array of products imo crosses a line, and is not needed
| to inform good product development.
|
| A company could probably sell better to you if they hired
| a PI to follow your movements, and tapped your phone
| line, but that doesn't give them the right to do so.
| hakfoo wrote:
| I suspect there's also a fear about the accuracy of self-
| reported data. If you ask a user if he does XYZ, he may
| say 'no', because of a myriad of reasons (misunderstood
| the question, embarrassed, not allowed to disclose,
| etc.), but if you instrument it up and see he clicks it
| 200 times a day, that's probably the truth.
|
| The problem is that analytics in a vacuum are just as
| misleading as testimonial data, if not more so. "0.6% of
| users touvh XYZ and only use it for an average of 17
| seconds per year" could mean that it's an unloved feature
| that can be sunset, or that it solves a single niche task
| very completely and perfectly, and ripping it out will
| cost those 0.6% of users five hours each to replace.
| skohan wrote:
| I think there's also the risk of talking yourself into
| bad decisions with data as a justification. For instance,
| if you have a KPI to increase X, and making your UI
| harder to understand confuses users into doing X more
| often, from a data-driven perspective you've done the
| right thing, but you've made the product worse.
| skohan wrote:
| That might be the case, but it seems like mostly what
| they've been able to do with it is build products like
| Teams which nobody asked for and nobody wants, but people
| have to use because MS has some leverage to get it used in
| certain organizations.
|
| There are exceptions like Office and VSCode, but it seems
| like for the most part MS products are things which people
| curse under their breath and don't like to use. Part of
| that is because of things like how their aggressive
| approach to telemetry bleeds into the UX, and it just seems
| a bit off if the tool you have for optimizing your product
| is actively making it worse.
| elygre wrote:
| You may not want Teams, but do not live in the illusion
| that nobody wants Teams. As proof: I want Teams.
| skohan wrote:
| What do you prefer about teams over alternatives? It may
| be anecdotal, but I have only ever heard people complain
| about teams.
| fennecfoxen wrote:
| Teams video-chat is great, easily better than things like
| Cisco's offering (and zero-security offerings like Zoom).
|
| On the other hand, it's also trying to be a weird
| combination of Slack and Facebook at the same time (only
| less searchable than either) and that's pretty terrible.
| reader_mode wrote:
| I haven't used teams in 3 years (I use what clients use,
| mostly it's slack) back then I really liked wiki +
| channel combo, it was super simple to keep channel
| specific notes in one place and everyone used it since it
| was right there, fast to update and search - way better
| than pinned messages which I find almost useless
| extr wrote:
| They complain about it in the same way they complain
| about computers in general. Sometimes it doesn't work
| right. That doesn't mean that 99.5% of the time it
| doesn't get the job done.
| skohan wrote:
| But for instance people like to be on slack, and Zoom
| calls were fun before everyone got sick of them. The
| sentiment around Teams whenever it has come up around me
| has always been one of pained obligation.
| throwaway_8625 wrote:
| > how effective is this data in terms of actually improving
| their profitability?
|
| I work closely with telemetry data coming back from Windows
| devices. There's surely a line from collecting this telemetry
| to an answer to your question, but I've never heard anyone in
| our group talk about the profitability of this data. In fact,
| it costs a lot of money to process and store such huge data,
| which is absolutely a concern -- so there's strong belief
| (which I share) that this cost of business is worth it
| because it lets us make what I hope are good decisions about
| where we should focus our efforts.
|
| The telemetry that comes back encompasses many dimensions of
| the user experience, and it helps us do things like figure
| out when an insider feature is ready to GA; what drivers or
| devices do poorly and how we can improve the experience; how
| accurately we can predict battery life; etc.
|
| > they can optimize their dark UI patterns to be better at
| tricking people into setting Edge as their default browser?
|
| I don't think whoever is in charge of 'tricking' people into
| using Edge actually have the kind of telemetry that most
| people think about with respect to Windows data collection. A
| lot of people think there's some sinister plot here --
| apparently as evidenced by your phrasing. But if you look at
| the UI for default programs, it's really just a slightly
| annoying "are you sure?"-kind of message. (I don't use Edge
| by default, but I just reset my prefs to Edge then back, and
| I wasn't harassed again, so this isn't a persistent nagging.)
| formerly_proven wrote:
| > how accurately we can predict battery life
|
| You do remember that Windows nowadays only shows "Battery
| xy %" instead of giving an estimated runtime, right? (Which
| is, btw., a "holy fuck what braindead idiot thought
| removing this is a good idea" moment, at first I thought
| Windows wasn't giving an estimate only in the first few
| minutes, but after a while I started googling around
| thinking that the lack of estimated runtime was a bug, but
| no, someone actually went in and removed it. A very clear
| and obvious example of actively, explicitly and
| intentionally user-hostile UX for what sure seems like no
| other reason than "we could, so we did".)
| dunnevens wrote:
| Apple did the same thing. Big Sur will only show you the
| percentage. Not the estimated runtime. You can find the
| estimated runtime by looking at the energy tab in
| Activity Monitor. There are also 3rd party tools that
| will show it. But by default, it's not readily visible.
|
| Apple claims they did it because the runtime estimate
| wasn't accurate enough. Maybe Microsoft's reason was the
| same. Though it does seem user hostile to remove it,
| unless the estimate was substantially off and there's no
| way to fix it.
| throwaway_8625 wrote:
| > Though it does seem user hostile to remove it, unless
| the estimate was substantially off and there's no way to
| fix it.
|
| I think the problem is that users expect percent charge
| to be a direct, linear correlate of time remaining, but
| battery discharge isn't linear. Even if it were,
| predicting time left is tough. Giving the user a
| percentage rather than a (likely incorrect) time estimate
| seems like the less bad approach.
| skohan wrote:
| idk I always found it to be accurate enough. Also it was
| a helpful canary to see that if the estimated time
| remaining dropped quickly, it probably meant I was doing
| something power-intensive, which maybe I would want to do
| something about.
|
| It seems like it would be trivial to change the default
| and leave the time estimate as an option.
| skohan wrote:
| Can you give an example of a type of decision where you
| feel telemetry was valuable in terms of making the best
| choice?
| yyyk wrote:
| Well, if you're using Windows you're stuck with Microsoft
| anyway. It's preferable not to add Amazon to the mix.
|
| I'm not sure how the terms of the integration go, this could be
| avoidable - and it would be awesome if it was possible to port
| F-Droid to Windows.
| nightski wrote:
| I've been using Windows 10 since it's initial release and have
| never had telemetry automatically re enabled. I check the
| relevant settings regularly (every few months). I have no idea
| what all people on HN are doing that causes this to happen so
| frequently to them but it's never been a real problem. I wish I
| knew what I was doing differently so I could make a blog post
| about it haha.
| gruez wrote:
| AFAIK it's tied to feature updates. If you have them disabled
| or use LTSC you basically never get settings randomly changed
| behind your back.
| neogodless wrote:
| Like parent, I run a mix of Pro and Home machines with
| feature updates enabled, and my privacy/telemetry settings
| have not been changed back mysteriously. So I too wonder
| what I'm doing differently.
| zinekeller wrote:
| I mean, what the HN and tech in general (edit: not general -
| sorry) audience wants is a totally zero telemetry, even if
| said telemetry is literally the list of installed updates. I
| personally think that's genuinely weird to me, since that
| Microsoft's "basic" telemetry only sends critical data like
| how many times Windows crash (and actually has the data
| reduced from 2015's state).
| tester756 wrote:
| >audience wants is a totally zero telemetry
|
| does that audience lacks of experience with developing
| software?
| slver wrote:
| It has become a meme to be "outraged" about companies
| collecting any data. People don't analyze if this
| collection impacts them or not. They react as if the
| company wants their first-born.
| reaperducer wrote:
| It doesn't matter if it impacts them or not. It's a
| violation of the social privacy standards that have
| existed for centuries.
|
| Someone looking in the window and making an inventory of
| all my furniture doesn't impact me in any way. But it's
| still an invasion of privacy and wrong from the
| standpoint of common human decency. A concept that has
| become lost to a generation that's become acclimated to
| thinking this is normal. It is not.
| slver wrote:
| > It doesn't matter if it impacts them or not. It's a
| violation of the social privacy standards that have
| existed for centuries.
|
| I have no idea where you're getting this from.
| Governments regularly perform national census, and
| collect data from all kinds of institutions to inform
| their policy. Banks constantly analyze your bank accounts
| and activity. Utilities meter your use for both billing
| and their own planning.
|
| This is not someone "looking in the window" this is two
| parties (you and the company providing some service or
| product to you) needing to exchange data so each can do
| their work properly.
|
| Those "privacy standards" you cite that have existed for
| centuries... that's not a thing. It seems to be based on
| falsifying the history and present of how humans organize
| and govern systems out of ignorance. Data gathering IS
| the "normal". Of course it's been very limited and
| cumbersome before, now it's easier thanks to IT.
|
| So if your only argument is a vague discomfort from this
| not being "normal"... you have no argument.
| yjftsjthsd-h wrote:
| > This is not someone "looking in the window" this is two
| parties (you and the company providing some service or
| product to you) needing to exchange data so each can do
| their work properly.
|
| The electric company probably needs to know usage for
| billing. Microsoft does _not_ need any information about
| Windows users for the product to work. Even things like
| fetching updates doesn 't _need_ to leak information,
| although I 'll grant that it's a little bit more work to
| avoid leaking _any_ data.
| slver wrote:
| > The electric company probably needs to know usage for
| billing. Microsoft does not need any information about
| Windows users for the product to work.
|
| Honestly, it's amazing you can say this with a straight
| face? You don't think Microsoft needs to know which parts
| of its product crash or not, and are used or not, in
| order to deliver a well-working product?
|
| I don't know if most of you here work with large-scale
| products, but Microsoft has no the luxury of going to
| every Windows user personally and asking them how's
| Windows and what you want more or and less of. That
| "conversation" happens through telemetry.
| yjftsjthsd-h wrote:
| They somehow got by for years before telemetry was an
| option; the answer is mostly testing, focus groups, and
| user studies, along with intentionally-provided bug
| reports.
| slver wrote:
| None of what you say replaces telemetry, it's an addition
| to it. And the question remains why we need to willfully
| ignore the Internet, and do things like in the 80s.
| What's the purpose of this idiocy?
| croes wrote:
| > You don't think Microsoft needs to know which parts of
| its product crash or not, and are used or not, in order
| to deliver a well-working product? How about asking the
| user and testing before delivery of the product? MS
| outsourced the test to the users and enforces a feedback
| for their faults. Imagine doing the same 40 years ago. A
| company employees enters your home to gather data about
| faulty products. You do know how many private data is
| stored on PCs and smartphones? Do you know what people
| access this data?
| croes wrote:
| >This is not someone "looking in the window" this is two
| parties (you and the company providing some service or
| product to you) needing to exchange data so each can do
| their work properly. It's even worse. I can see the
| person looking through my window. I can close the blinds.
| At OS level I don't have that chance. I can't constantly
| monitor the outgoing traffic and I can't check the
| consequences of every update.
|
| >Those "privacy standards" you cite that have existed for
| centuries... that's not a thing. It seems to be based on
| falsifying the history and present of how humans organize
| and govern systems out of ignorance. Data gathering IS
| the "normal". Ever thought that you and parent live in
| different countries with a different value for privacy?
| Even a "simple" thing like a census in Germany led to
| Constitutional Court ruling and the establishment of a
| new right, that of informational self-determination. And
| that was in the eighties and it was about a census in the
| form of a total survey to be carried out door-to-door by
| civil servants or agents of the public administration.
|
| Now you private companies fathering more data more often
| than ever before. So it's worse, calling that "normal" is
| strange.
| slver wrote:
| Trying to gather data about your product performance and
| use is "normal". The fact it's been always happening is
| also "normal". The fact you do more of it because of
| technology doesn't make it less normal. Is it abnormal
| you can shop for groceries 5 miles away with your car,
| because you wouldn't be able to by foot? What kind of a
| silly thought process is that.
|
| Probably companies haven't been able to serve billions of
| individuals worldwide, so they had less data. Microsoft
| has more customers, and has more data to process.
|
| No one here is describing WTF is this "data" harming them
| personally with. It's not personally identifiable, and
| it's extremely mundane. Surely Microsoft will destroy
| your life by having some stats on how often people in a
| given region play Solitaire.
| croes wrote:
| So tell me how car or TV manufacturers gathered that data
| 40 years ago? It's neither normal nor was it always
| happening. It's an effect of the internet and was
| normally impossible before.
| 13of40 wrote:
| "The Audimeter (audience meter) was used from 1950 during
| the early days of television broadcasting. It attached to
| a television and recorded the channels viewed, onto a
| 16mm film cartridge that was mailed weekly to company
| headquarters in Evanston, Illinois, and used to generate
| the Nielsen Television Index. It was based on an earlier
| Audimeter that had been developed for the 1942 Nielsen
| Radio Index. Randomly selected "Nielsen families" homes
| were enticed to accept the Audimeter by including free TV
| repair service provided by TV Index reps, which was a
| valuable commodity when vacuum tube televisions
| predominated." - Wikipedia
|
| In other words, for TV they paid a small portion of the
| audience to record and report their habits.
| croes wrote:
| So they had to ask and pay. No problem if MS does the
| same. Currently they do neither.
| pndy wrote:
| These are two different things that only on surface seems
| to be similar. The censuses performed by governments
| happen every few years (should be 10 years for majority
| of countries, if I'm not mistaken), while telemetry
| gathered by software happens almost on daily basis if not
| all the time. Then, depending on place, census may
| include every adult citizen or just representative part
| of the population and at the same it might be compulsory
| for those who were selected or who are required to
| participate.
|
| Telemetry involves everyone by default and it's hardly
| optional unless you decide to actively fight it -
| speaking about Microsoft Windows here. The choices
| offered by Microsoft doesn't offer users true control
| over data they gather and process; hell, that actually
| applies to other big companies as well - you have just
| the illusion you are in control of what they managed to
| collect about you and the vague assurances, promises that
| they aren't up to no good with that stuff.
|
| Government will most likely benefit from planning its
| politics having the data gathered from census while
| Microsoft _might or might not_ use the telemetry data and
| honestly, seeing what they did with Windows 10 over
| course of all its releases, it doesn 't appear they do
| actually use that telemetry data for anything. They don't
| even bother with users, power users opinions regarding
| the features that are causing issues in Windows.
| nightski wrote:
| Yeah, knowing how much telemetry has helped me improve the
| user experience in the internal apps I work on I really
| don't think it is that evil. I think people just wish it
| was easier to enable/disable and that Microsoft was more
| transparent about it.
| zinekeller wrote:
| I think that the possibility of abuse (which has
| happened), possibility of government requesting that data
| (also happened, plus people here tends to be not inclined
| to give their data to any government), and possibility of
| leakage (general leakage not happened with Microsoft, but
| there's state-level hacks) means that even telemetry is
| tainted with privacy issues.
| dataflow wrote:
| s/easier/possible/
| skohan wrote:
| As someone who has worked on user-facing software, the
| part which bothers me the most is the reversal of user
| settings. MS is really bad about this, and even broke a
| linux install on a separate partition on my machine by
| changing the UEFI settings after an update without asking
| me. If I shipped software which did this, I would feel
| like I had to turn in my developer card.
| K0SM0S wrote:
| Frankly this, as a developer. I call them "showstoppers"
| and if there is a god of programming, they are the
| ultimate sin. Things like
|
| - breaking a user's multiboot
|
| - deleting user data
|
| Even if these are not bugs and merely the result of bad
| UX (lack of warnings and security for the user).
|
| Deletion of all user data upon upgrade was a common
| 'problem' with earlier versions of Windows (I remember
| having such problems into the XP era, and I hear it
| happened to people on W10). Breaking other installs by MS
| is a common theme too in dual boot setups (whereas Linux
| bootloaders are more likely to pick up the Win install
| and offer access to it).
|
| I remember vividly the last time it happened to me. I had
| been dual-booting Linux for some time (on a personal
| laptop dedicated to work). It was my first Linux OS, I
| was a newbie (precisely learning bash, programming for
| servers, etc). After some update, Win10 broke my dual
| boot. I was livid. It took me the better part of a
| weekend to fix it and avoid loosing all my work of
| several months (a lot of it was in the form of system
| files all over the place, I had no idea how to retrieve
| all that without ad hoc commands etc, and I had no idea
| what e.g. chroot was at the time. I learned, the hard
| way, haha -- btw thx to the Arch Wiki for that weekend.
| It was a life saver).
|
| The very next thing when I got access back to my Linux OS
| was to backup all my data, format everything and
| reinstall Linux fresh.
|
| And that was _it_.
|
| I've never used Windows ever since as my primary driver,
| only for testing purposes in VMs. That was 2016 iirc.
|
| There are such things as showstoppers that make you
| instantly drop a product, never to look back. Microsoft's
| Windows desktop team never learned that, I don't know how
| they still pretend to be for "professionals". You don't
| do that to people who make a living with their computer
| (i.e. the vast majority of businesses nowadays).
| ClumsyPilot wrote:
| > "- breaking a user's multiboot"
|
| I have tried mutiboot with different Linux distros too
| and had it broken too many times, eventually I got sick
| of this shit. Fixing the bootloader should be a simple
| process but requires you to sacrifice a goat.
|
| Never multiboot again, if I need another OS it goes in a
| VM.
|
| When I absolutely have to, I install another OS on a
| separate drive with it's own bootloader and select the
| one I want in BIOS. That is actually reliable and never
| breaks.
| rossjudson wrote:
| Haha. One goat. Fool! You need at least four.
| skohan wrote:
| > When I absolutely have to, I install another OS on a
| separate drive with it's own bootloader and select the
| one I want in BIOS. That is actually reliable and never
| breaks.
|
| Will this effectively encapsulate the UEFI settings? I
| had a problem where Windows turned off the wifi module on
| my MoBo to "save power" and it messed up the wifi on
| Linux.
| varispeed wrote:
| How do you check that telemetry is disabled? Do you inspect
| packets that come out of your network card?
| makecheck wrote:
| With both Mac and now Windows supporting these mobile-forced-to-
| desktop apps, I worry a bit about the poor UIs in our future.
|
| On the one hand, maybe tablets will improve a bit because mobile
| apps will have even more incentive to spruce up their large-
| screen experiences.
|
| On the other hand, literally _every_ app I have seen auto-ported
| to desktop in this way has been awkward at best. Usually at least
| a few standard platform things just don't work, like universal
| keyboard navigation. Having mobile UIs appear _unaltered_ on the
| desktop is just jarring, at the very least requiring unnecessary
| scrolling and controls that do not resemble anything else.
|
| And I am not convinced that this will improve with time; on the
| Mac side some of these pseudo-apps have had _years_ to get better
| but they are still packed full of UI quirks.
| f6v wrote:
| > With both Mac and now Windows supporting these mobile-forced-
| to-desktop apps, I worry a bit about the poor UIs in our
| future.
|
| The operating systems aren't the only ones to blame here.
| Haven't you seen desktop sites using hamburger menu? That
| abomination came to life thanks to mobile web.
| noizejoy wrote:
| Just another case of the interests of customers (users) and
| suppliers (developers) not always aligning. It's not that
| different with physical tools.
|
| Just ask a left handed guitar player about limited choices
| and/or awkward usability.
| topicseed wrote:
| Thanks to the paradigm "write once, publish everywhere".
|
| As a publisher who recently redesigned one of our websites,
| using the hamburger menu across devices and screen sizes was
| strongly considered. It is very annoying on larger screens
| but these represent such a small traffic share that it is
| what it is... We still did not go ahead with that, but it was
| close...
| Longhanks wrote:
| I rather have UIKit/Android apps on macOS/Windows than yet
| another web-bloated electron RAM eater.
| tored wrote:
| In reality it will be a webview wrapped as android app and
| then executed on a subsystem on top another subsystem that is
| a virtual machine. Lets hope that the CPU architecture
| matches between the app and your machine so no emulation is
| needed.
|
| It's going to be great.
| [deleted]
| Terretta wrote:
| Here's another uncomfortable question not mentioned there...
|
| I wonder if this alliance will quell handwringing about Apple
| having some sort of "monopoly" simply by its choosing the
| contrarian path of designing, building, and marketing a full
| experience for those seeking one.
|
| Dominant desktop platform + dominant mobile platform + dominant
| online commerce platform & cloud platform ... versus a firm doing
| it differently: FAANG becomes FANG aligning against the odd A.
|
| Quick, don't let the market decide, ban Apple's UX design model
| and the business model that sustains it?
|
| Could be there's room to let this one play out with Apple back to
| its innovation integrator chasm-crosser zone as niche underdog,
| rather than trying to preemptively pop the zeitgeist bubble
| stressing people out.
| wyldfire wrote:
| > Will Amazon agree to distribute Android apps unmodified from
| what developers upload, with the original signatures intact?
| Amazon's behavior is policy, and policies can be rescinded.
|
| Removing signatures by design in the face of a recent huge impact
| supply chain attack? Hopefully US Gov can leverage some simple
| purchasing controls (that don't require 'an act of congress') to
| convince Amazon to stop this behavior.
| k__ wrote:
| Good questions asked.
|
| In the short term, breaking the App/Play Store duopol will be a
| good thing.
|
| But what will happen after that?
| tored wrote:
| Only thing that can compete with native app stores is the web,
| this means making the web standard even more bloated.
|
| If you could install a store inside your browser and then buy
| web apps from there instead, your apps is no longer tied to the
| operating system, only to the store (that requires a compatible
| browser)
|
| But I don't think it will happened because it doesn't benefit
| the two major players on operating systems, Microsoft and
| Apple.
|
| What probably will happen is just solidifying the Android based
| native app as the dominant application platform, now you can
| develop against the Android SDK and cover 80-90% of the market,
| both desktop and mobile.
|
| If you don't know Java already, it is time to learn. Welcome to
| the future - poms, jars, classpaths and AbstractFactoryFactory
| nightmares everywhere, buggy and slow Android apps running over
| a virtual machine with a user experience not adapted for mouse
| and keyboard. There will be Hacker News threads about how they
| miss good ol' Electron apps.
| spideymans wrote:
| Good things for developers.
|
| Good things for power users.
|
| However I'm concerned about the impact on "normal" users that
| just want their stuff to work. There's little stopping a
| Facebook App Store from taking similar measures, for example.
| AlexAffe wrote:
| Isn't it time to just ditch "Stores" all together? We were way
| past that concept on the PC for decades, how on earth does it
| help to introduce it to desktop? Let ppl download there apks from
| the dev sources directly, and... oh wait... I'm just describing
| 'installing a program' as it has been for ages. Maybe this will
| at least help normal users to wake up and wanting to escape their
| jails. (oh sorry, I forgot, it's for their own good! o7)
| skohan wrote:
| I think the future for 90% of applications is really just to
| have progressive web apps. We're not quite there yet, but with
| WASM and WebGPU we're getting closer.
| astlouis44 wrote:
| Second this, especially for games. Avoiding the 30% and
| bypassing Steam and the App Stores is going to be huge for
| game devs building in Unity and Unreal.
| [deleted]
| Aperocky wrote:
| It's only worrisome if the Stores don't allow you to do that,
| AFAIK most people can still sideload apps on Android, not sure
| how the new Windows 11 Android apps work in this case.
| f6v wrote:
| Having downloaded a ton of Windows crapware back in the day...
| I spent most of my life programming and still wish I didn't
| ever have to say "Yes, I trust this unidentified developer".
| johannes1234321 wrote:
| installing applications from "wild" sources leads to possible
| virus injectiins etc. I sleep better knowing my parents won't
| br able to simply install things.
|
| I like Android, where the default is the play store, but i can
| sideload or use f-droid as well.
| Bancakes wrote:
| Somehow hundreds of package manager repos and all their
| mirrors work flawlessly on Linux.
| colejohnson66 wrote:
| If you use the official repos, those packages are
| (generally) vetted by the maintainers. Unofficial repos
| (sideloading stores) aren't.
| AussieWog93 wrote:
| Malware exists on the Play store too. My grandmother managed
| to download some aggressive adware bundled in a sudoku app.
|
| Interestingly, she's avoided viruses on Windows for decades.
| I think thats because she wouldn't trust random apps from
| dodgy websites in the way she'd trust Google Play.
| selfhoster11 wrote:
| Adware is not the same as a virus that goes wild on your
| data.
| takluyver wrote:
| Malware certainly exists on the Play store, but when Google
| spot it, they can unilaterally remove it. IIRC, they also
| have the ability to remove it from devices where it was
| already installed. The app store model probably also
| delivers security updates to legitimate apps more
| effectively than every developer managing their own
| distribution.
|
| My parents are also very cautious with what they install on
| Windows, and I think that's a pretty good approach. But
| it's pretty clear that plenty of people aren't so paranoid,
| and it's not always easy to tell a dodgy site from a
| legitimate one.
| mcny wrote:
| I still think developers should not be able to upload
| binary blobs to the store. The store should prescribe an
| official set of tools and build options. Developers
| should be required to upload their source code and build
| instructions.
|
| The store will then build the application binaries based
| on provided instructions, run tests to make sure the
| application meets store criteria, and publish it if
| everything looks good. Perhaps there will need to be some
| manual intervention when necessary but we should be able
| to automate things more as we see more use cases.
|
| That and the client "store" should be decoupled from the
| server store and users should be able to add/remove
| server stores as they see fit.
| AussieWog93 wrote:
| >when Google spot it, they can unilaterally remove it.
|
| Microsoft can achieve the same goal already through
| Windows Defender. My app was recently flagged as a trojan
| (false positive) and it would be wiped from users'
| computers before they could even run it.
|
| >they also have the ability to remove it from devices
| where it was already installed.
|
| That Microsoft can't do, but I'm not really sure that
| it's a good thing...
|
| >The app store model probably also delivers security
| updates to legitimate apps more effectively than every
| developer managing their own distribution.
|
| Citation needed there.
| colejohnson66 wrote:
| That last one (the "citation needed") is solved by stores
| that have auto-updaters. When a store isn't used, it's up
| to the app developer to provide a notification of an
| update being available, and many don't do that.
|
| Linux's package manages show that quite well. I can
| update (almost) all my packages with a simple command. On
| Windows, if Inkscape has a security vulnerability that an
| update fixes, I'm not informed of this unless I follow
| the development or use an RSS feed of sorts.
| numlock86 wrote:
| This false trust regarding stores is a real issue.
| bogwog wrote:
| The Amazon Appstore on Microsoft Windows 11: A match made in
| hell.
|
| This is all really concerning to me. Microsoft's embrace-extend-
| extinguish tactic[1] is now targeting both Linux and Android.
|
| This is all so over-the-top evil that it would be funny if it
| wasn't so god damn depressing.
|
| [1]
| https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguis...
| enos_feedler wrote:
| The most uncomfortable question about Windows using Amazon
| Android store is related to developer app signing? How about: How
| does a company that absolutely dominated PC app market somehow
| need to embrace Android app compatibility? How were they not able
| to use dominance to capture the adjacent app market in mobile?
| This question is more uncomfortable because it attacks a
| character trait of Microsoft: arrogance.
| webmobdev wrote:
| we don't modify and distribute your application code without your
| knowledge and approval o Notably, this person used
| "don't" and "will not"... as opposed to "can't" and "cannot" o
|
| So the next stage in the plan for the tech giants is to now take
| control over all our software applications and really lock them
| down too?
|
| With locked iDevices and smartphones that don't allow you to
| install the system software you want, that can be crippled and
| made unusable by the manufacturers, and have nearly unrepairable
| hardware (with lobbying opposing right-to-repair legislations),
| the tech giants have ensured that we have already lost control
| over our hardware devices. Today we only "own" them in name.
|
| The article highlights a real worry - It is not at all far
| fetched to believe that by wrapping apps with their own
| proprietary codes, the tech giants can control and steal our app
| data (a very likely goal of all the tech giants) and even modify
| the apps to cripple them or convert it to a malware (at the
| behest of over-reaching governments).
|
| This just adds to my worry, and ire, at App Stores, and provides
| a new perspective of them I had never considered before.
|
| o https://commonsware.com/blog/2020/09/23/uncomfortable-questi...
| .
| HKH2 wrote:
| Hey, people want things fast and convenient, not so much
| secure, private or customizable. Those tech giants just appeal
| to that short-sighted mindset.
|
| It's like trying to have a functional democracy with people who
| want it to be easy so it can get out of the way.
|
| Big-tech control is just a side-product of atomization, as far
| as I can see.
| shadilay wrote:
| Also, rapacious greed.
___________________________________________________________________
(page generated 2021-06-27 23:00 UTC)