We need more transparency from companies, this time it was a 'bug' that was visible to the end user (hey! who turned on power saving?). Would Google go public if they also develop a 'bug' that is not visible easily by the user or if it was not discovered by anybody but them? Like a 'bug' that changes certs temporarily to intercept your encrypted traffic or uploads random data elsewhere, etc?
You can avoid all of this by using an iPhone. Apple's business model does not involve ad revenue or data collection. Your data is collected but is used purely to improve the iPhone. Your data is intentionally obfuscated for privacy. For an example of Apple's strict policy, check out this article on Apple Maps: https://techcrunch.com/2018/06/29/apple-is-rebuilding-maps-f...
Except this is not really about data collection, but about the other direction: Who can send data to my phone (or other device) I ostensibly own and make it do all kinds of things without my permission - or restrict what I can do with it.
I don't see how Apple is better than anyone else in that regard.
> This is why I've always insisted, for example, that if you're going to start talking about "AI ethics", you had better be talking about how you are going to improve on the current situation using AI, rather than just keeping various things from going wrong. Once you adopt criteria of mere comparison, you start losing track of your ideals—lose sight of wrong and right, and start seeing simply "different" and "same".
Apple's business model heavily relies on planned obsolescence to bully you into throwing away YOUR working iPhone when they've decided its time for you to drop another 700-1000$ by making their latest OS so slow that your phone is essentially unusable. Of course you'll also have to throw away all the expensive accessories you might own because the connection port has changed format too, yet again.
At least on Android I can install a custom ROM, root it, and install a system wide adblocker like adaway. Oh and also my phones cost under 300$ and I can keep them working until I decide it's time to replace it.
Because android works better for me doesn't mean it has to be the same for everyone, but in any case Apple is out to milk money out of you and not to save you from google. Neither companies have your best interest in mind, you're just there to make them money.
> Your data is collected but is used purely to improve the iPhone. Your data is intentionally obfuscated for privacy.
As per Apple.
I see no reason to trust Apple any more I trust Google. Especially in the context of Snowden's disclosures of tech giants collusion under the Prism program. What they say is only remotely related to what they actually do.
I'm not sure if it is still the case nowadays, but back when I had an iPhone I remember that Apple had a killswitch which allowed them to remove already installed apps on one's phone.
Nevertheless, I doubt that Apple is more inclined to give away their control of your device. I would guess that they could do the exact same as Google did.
I like that I can put my IPhone in low power mode even if it is at 100 percent. I also like that I can turn off all notifications in one central place. This has helped me lower distractions from the phone. Previously I was on a Nexus 5. Upgrading to newer versions of Android always came with the possibility that my wifi would not work or my cell signal degraded etc.
OP meant why tech savvy people are surprised the Google has the possibility to do such things even though it's obvious they have full control over your operating system.
That is just an illusion ultimately, which you see crack in instances like these. Google play services have system level privileges. If you don't want such surprises, run AOSP.
There's the difference between the possibility of a software update changing settings and "Google has a whole configuration management infrastructure deployed and active and phones polling for new settings so that one slip of a finger can change the settings on millions of phone by mistake"
Thus is the nature of updating settings. Easy mistakes to make include:
* Changing a field's default value (is that even a mistake? users might perceive it that way. Also, is there a difference between a field set to the default value and has never been changed vs a field explicitly set to the default value? Should you change it in the latter case? Did you even track the latter case?).
* Overwriting a field's non-default value and setting it back to default.
* Migrating a field and mapping the non-default value to the wrong non-default value.
* Migrating a tuple of fields to another tuple of fields and getting the map wrong for an edge case subset of the input values (bonus points if that subset was thought to be an impossible state to get into).
etc...
The best way to avoid settings updates it to throw it all on the user. eg, Arch Linux just takes the approach: if, you update a file in /etc, the new file is just created with a special file extension and merging the new and current file is left to the user. You don't get nearly as many surprise updates, but... you spend time merging config files, which few people are willing to do.
That is a combination of different problems. Updates are hard in general, to which there aren't too many mainstream solutions. Emerging ones seem to be in nixos, rpmostree etc. However, ubuntu/debian has a more pedestrian problem, which is that they do a bunch of junk in the post install scripts (like automatically starting and enabling the systemd service for the package). Systemd being a fragile flake will break. That's not the worst that can happen. More likely is that some poor sap will pull in some random server (mail server, database server, http server etc.) as a dependency, and it will get enabled. And ubuntu in their wisdom, don't enable the firewall in desktop variants. So you may be running an open server unknowingly.
I don't see WHS the the big issue is. Yes my phone went to red battery low power mode. So what? What aspects of this alter contract between me and Google over automatically applied updstes? I gave can implicitly ages ago.
If they involuntarily disabled battery saving and caused me to loose service or drain and reduce battery life i could see an issue.
Truly, bemused at the hate. What did you think the t&c said when you enabled updates?
You've put into words exactly what I was thinking.
From the thread:
"Ok, but how is it that you have the power to control our phones this way? "
Christ buddy. You have a phone thats made by Google. Google, the company that tracks you everywhere and rolls greenfield updates on all their other software. And then this person says they're going to turn 'allow modify system settings' off... What do these people seriously think Google is going to do?
I think people with a Google phone should just implant a chip in their arm, reporting to Google. It's basically the same thing, and you can view your body information on a Google dashboard and get Google advice on health care, along with a Google map to get there.
I think the hate is directed more at the general concept here rather than the specifics. What if they'd pushed out an update that silently broke SSL, made all your Google Photos public or started calling people at random, for example? This particular bug is pretty innocuous but the fact that it's possible to push out very obviously broken updates like this (and only admit to it when they're publicly called out on it) could lead to all sorts of issues. It's not like these users were opted in to some kind of "insider" or "testing" builds, after all.
I guess it depends on how you view your phone. Is it your phone or is it Googles phone that they can update with whatever software and settings they want to.
The same debate is around Windows 10. Some people are fine with Microsoft getting a stream of privacy data from them. Others feel it's their device, not Microsofts.
After my Samsung Galaxy S7 phone started having hardware issues, I looked to see if a phone running open source software was available, one that also could run the Android apps I currently use.
I've had sucess with LineageOS 15.1 on a Xiaomi Redmi Note 5 Pro (codename "whyred"). Unfortunately the phone's LTE bands don't support every country, but it works fine here in India. The phone hardware costs USD 210 and buys a lot of hardware: https://www.gsmarena.com/xiaomi_redmi_note_5_pro-8893.php
The phone comes with Xiaomi's Android fork called MIUI. It comes with the bootloader locked, and Xiaomi makes you wait for about 2 weeks to 2 months to be able to unlock the bootloader to install a different phone OS (called a custom ROM). Until then, one has to either put up with MIUI or leave the phone sitting on a shelf.
Once you unlock the bootloader, you can install LineageOS on it which is fully open source stock Android with some minimal tweaks and extra privacy features. The current version for this phone is 15.1 which is based on Android Oreo. This reminds me of my old Google Nexus 5's phone OS, but it is far more tweakable.
You can build the LineageOS ROM for your phone from source code: https://download.lineageos.org/whyred
I've been running LineageOS (on Nexus 5X, then Galaxy S7, now Nexus 5X again) since it was Cyanogenmod. It pains me to say it but it seems to be getting steadily worse. The first install after the Cyanogenmod fork was perfect for two years until I broke the phone. I then got a Galaxy S7 and it was fine initially but an update introduced a bug which made it drop calls randomly. It took a couple of months of updates not helping before I wiped it and went back to the first ROM which worked perfectly. Now I'm back on a Nexus 5X again and there's an intermittent problem with voice calls where the sound goes quiet/muddy, and just in the past couple of weeks they broke Bluetooth music streaming (the music app crashes and needs to be manually restarted - which is great when you've hopped in the car and started driving!)
When I have time I'm going right back to 14.1 in the hope that that fixes it.
Xiaomi temporarily locks the bootloader to prevent third-party Chinese retailers from bundling malware and adware with its phones sold on the international market[1].
Waiting is inconvenient to buyers and to explain it away, Xiaomi provide some silly reasons such as saying they are trying to thwart sideloading of apps and custom ROMs by resellers, that does nefarious things like steal data... it's a silly excuse, and the wait time inconveniences buyers who want to unlock and install custom ROMs.
Edit: I suspect Xiaomi do this to keep you using MIUI as long as possible because they make money from showing ads in various parts of the system, and also sync your data back to their cloud which probably is resold in some derived form to advertisers. In my opinion, MIUI sucks. MIUI vs. LineageOS proved it is the phone OS (software) which influences how much a person likes a phone, rather than the hardware.
They've recently increased the wait time from 2 weeks to 2 months which had buyers complaining loudly on forums. So for their newest device (the Pocophone) they reduced the wait time to about 3 days. But I think the long wait times still exist for other phone models.
The wait time depends on Xiaomi's mood-of-the-day. They keep fluctuating it.
I'm also using a 'Whyred' (silly name but since Xiaomi used the model name 'Redmi Note 5 (sometimes followed by 'Pro' or 'AI', terms which have different meanings in different countries)' for several different devices it is better to be accurate and use the code name), it offers great hardware for its price (around $180 for the 4GB/64GB model on Aliexpress) and - just as important - runs for 7 days/15 hours of screen-on time on a single charge. I'd just add that once you unlock the bootloader (which can be done in Linux using the java-based MiUnlocktool [1]) you can also de-fang MIUI by disabling all the intrusive bits, installing a different launcher and configuring iptables. Turn on the firewall log to see what tries to get through, you'll notice the thing trying to establish XMPP connections to some Xiaomi-owned domains. After disabling most of Xiaomi's 'services' the log stays empty without anything of value having been lost. This is a good compromise for those who'd rather use stock firmware, albeit de-bloated.
[1] http://xiaomitool.com/MiUnlockTool - make sure to run it on a 64bit machine as the included fastboot binary doesn't work on 32bit installations
LineageOS was working great for me on my Oneplus 3T for about 6 months, but something has gone wrong with recent updates. It has started slowing down to the point of being unusable and I have to reset my phone several times a day. There have been about 6 updates since I started seeing the issue and it hasn't been addressed.
I loathe going back to Oneplus's stock ROM as they modified it to kill background processes to make the phone seem like it has better battery life. I own a Tesla Model 3 and it uses the phone as a key, and the stock ROM doesn't work well with it at all.
They do look at them. But I would suggest taking a quick glance at those logs and see if you notice anything familiar. It may be something you recognize.
LineageOS 15.1 is great, except it STILL doesn't have exchange support, and yes a bug/regression has been logged. That's a pretty big thing to be missing, since all the competitors (Outlook, GMail, Nine) are closed source.
It would take someone with reasonable technical skills to install LineageOS as it involves unlocking the phone's bootloader (depending on the choice of phone hardware), working around any anti-rollback features by flashing, flashing TWRP recovery, and then boot into TWRP and install LineageOS, GApps and Magisk (if you want root). But the OS once installed can be used by all. Take my non-technical cousin for example who looked at what I was doing and bought the same phone and made me put LineageOS on it and now uses it.
It isn't advice or suggestion BTW.. just my experience. :)
This happened to me today! I was using my phone and then it went all weird with no haptic feedback when typing. I finally figured out that battery saver was on and disabled it...
This really bothers me... I am starting to think we need a truly open source phone. That is hardware and software. like GNU/phone or something.
We must have full control over our hardware and software!
Viva La Gnu! (no clue what this actually means, but it seemed like the thing to say at this time).
I'm a broken record at this point, but I'll say it again until I'm convinced I'm wrong -- FirefoxOS did great but was tragically mishandled. I'm 100% a FFOS stan (https://en.wikipedia.org/wiki/Fan_(person)#%22Stan%22_fans) but it absolutely could have (and did) work -- they just fumbled the execution and 0 executives took responsibility (as per usual).
While I appreciate Mozilla's recent exploits like the IoT Gateway (https://iot.mozilla.org/gateway/), they should have put all their non-thunderbird non-firefox effort into FirefoxOS, it was a strategic bet.
Isn't that a bit of a marketing issue as well? I am tracking development of Fairphone, puri.sm Librem5 and e.foundation (just released beta version, based on LineageOS). Do you have pointers to the FOSS OS'es you refer to?
the irony that a product which top feature is literally "Does not run Google Android" serves their javascript from google cdn :)
...also the fact that they have boot up sound means that they are not focusing on user experience and needs, but on copying any and all features from the current phones :(
This looks absolutely amazing -- reasonably ethically sourced and it runs LineageOS. Does anyone have one of these that would care to comment on what ownership is like?
The primary issue here though isn't open source vs not, it's how updates and changes are rolled out.
What you're actually looking for is a phone where you manually initiate updates, and where it's guaranteed that change in behavior (e.g. theough experiments) can only be controlled through the device and not remotely.
With OS it's more likely to get that, but not guaranteed.
It won't happen, IMHO. That's because we have a whole pile of.. technologies, that are making good security nearly impossible. So if they want to avoid half of android users getting owned at the same time, they need to be able to push live updates.
Bugs are part of it too (smaller I think), everything is moving fast enough that early reporting mostly took place of extensive testing.
Ubuntu and Firefox tried. I actually bought a phone with Firefox OS when it was released, it was horrible. I don't know if it was the cheap Chinese built ZTE hardware or the OS itself, or a combination of both. But I could hardly get it to boot, and when it actually did, the screen was flickering to death making it completely unusable. Glad it was so cheap, think I have it lying around somewhere though.
I agree with you however. We must be able to have more control over something that has become so personal.
The GP's comment still stands though, it's a dead platform. Mainstream support ends on December 10, 2019, but lots of little things will die as we get closer to that date. Recently the Podcast app stopped letting me add new podcasts with some vague error about being unable to contact Bing. When Microsoft shut down their music service they killed Cortana's ability to identify music playing in the background. Notifications can be hit or miss depending on the app in question.
I went through the same cycle with webOS. What finally did it in the end for me was the browser crashing on about every 6th website I would visit.
Clicked on this expecting it to be something about making sure people's phones didn't die while they were evacuated due to hurricanes or gas explosions. Now I'm curious how the response would have differed had that had been the case.
Great point, I think the response would be very different. It's pretty clear that Google owns android phones with play store and can do as they please with them, you can install new apps using their website ffs, or erase all data on the phone using android/find.
You can't turn off Google Play Services any more. There's no "Disable" button. I use F-Droid apps for everything and have all the Google stuff turned off, but can't easily get rid of Google Play Services.
Readit News
I don't see how Apple is better than anyone else in that regard.
> This is why I've always insisted, for example, that if you're going to start talking about "AI ethics", you had better be talking about how you are going to improve on the current situation using AI, rather than just keeping various things from going wrong. Once you adopt criteria of mere comparison, you start losing track of your ideals—lose sight of wrong and right, and start seeing simply "different" and "same".
[0]: https://www.lesswrong.com/s/M3TJ2fTCzoQq66NBJ/p/etBrzxdfNop3...
Not really. https://www.apple.com/lae/iphone-battery-and-performance/
> Apple's business model does not involve ad revenue or data collection.
I fail to see how ad revenue and data collection has anything to do with battery saving mode.
At least on Android I can install a custom ROM, root it, and install a system wide adblocker like adaway. Oh and also my phones cost under 300$ and I can keep them working until I decide it's time to replace it.
Because android works better for me doesn't mean it has to be the same for everyone, but in any case Apple is out to milk money out of you and not to save you from google. Neither companies have your best interest in mind, you're just there to make them money.
As per Apple.
I see no reason to trust Apple any more I trust Google. Especially in the context of Snowden's disclosures of tech giants collusion under the Prism program. What they say is only remotely related to what they actually do.
[0] https://news.ycombinator.com/item?id=17970197
https://www.wsj.com/articles/apple-looks-to-expand-advertisi...
There aren't any saints in the corporate world.
Nevertheless, I doubt that Apple is more inclined to give away their control of your device. I would guess that they could do the exact same as Google did.
Seeing how ads and analytics are so pervasive in the Apple app and music stores, they probably profit from ad revenue and data collection.
Deleted Comment
Dead Comment
Yes. Best way to achieve it is to get Linux running on smartphones, finally, so we can manage our own updates.
(By the way, I'm not looking forward to an era of selfdriving cars which are updated remotely behind the back of the user.)
Bugs are bad and all but I don't understand the "how could Google do this?!" questions. Am I missing something?
The main problem is that this is completely bypassing updates!
* Changing a field's default value (is that even a mistake? users might perceive it that way. Also, is there a difference between a field set to the default value and has never been changed vs a field explicitly set to the default value? Should you change it in the latter case? Did you even track the latter case?).
* Overwriting a field's non-default value and setting it back to default.
* Migrating a field and mapping the non-default value to the wrong non-default value.
* Migrating a tuple of fields to another tuple of fields and getting the map wrong for an edge case subset of the input values (bonus points if that subset was thought to be an impossible state to get into).
etc...
The best way to avoid settings updates it to throw it all on the user. eg, Arch Linux just takes the approach: if, you update a file in /etc, the new file is just created with a special file extension and merging the new and current file is left to the user. You don't get nearly as many surprise updates, but... you spend time merging config files, which few people are willing to do.
If they involuntarily disabled battery saving and caused me to loose service or drain and reduce battery life i could see an issue.
Truly, bemused at the hate. What did you think the t&c said when you enabled updates?
From the thread: "Ok, but how is it that you have the power to control our phones this way? "
Christ buddy. You have a phone thats made by Google. Google, the company that tracks you everywhere and rolls greenfield updates on all their other software. And then this person says they're going to turn 'allow modify system settings' off... What do these people seriously think Google is going to do?
This should be the point where I point out that I installed LineageOS for this very reason but even they do stupid stuff, their "April Fools" update this year, for example: https://www.androidpolice.com/2018/04/05/dont-freak-lineageo...
The same debate is around Windows 10. Some people are fine with Microsoft getting a stream of privacy data from them. Others feel it's their device, not Microsofts.
I didn't want Google to control my phone, so I installed LineageOS.
I've had sucess with LineageOS 15.1 on a Xiaomi Redmi Note 5 Pro (codename "whyred"). Unfortunately the phone's LTE bands don't support every country, but it works fine here in India. The phone hardware costs USD 210 and buys a lot of hardware: https://www.gsmarena.com/xiaomi_redmi_note_5_pro-8893.php
The phone comes with Xiaomi's Android fork called MIUI. It comes with the bootloader locked, and Xiaomi makes you wait for about 2 weeks to 2 months to be able to unlock the bootloader to install a different phone OS (called a custom ROM). Until then, one has to either put up with MIUI or leave the phone sitting on a shelf.
https://wiki.lineageos.org/devices/whyred/install
Once you unlock the bootloader, you can install LineageOS on it which is fully open source stock Android with some minimal tweaks and extra privacy features. The current version for this phone is 15.1 which is based on Android Oreo. This reminds me of my old Google Nexus 5's phone OS, but it is far more tweakable. You can build the LineageOS ROM for your phone from source code: https://download.lineageos.org/whyred
You can install a subset of Google Apps depending on what your preference is: https://wiki.lineageos.org/gapps.htmlhttps://github.com/opengapps/opengapps/wiki/Package-Comparis...
Or you can avoid Google Apps altogether by using microG instead: https://microg.org/
After 2 weeks of using LineageOS, I am so impressed that I'm willing to shill for it^w^w^w describe about it here.
For your country, if the "whyred" phone's LTE bands are not compatible, you should be able to find a similar phone that is.
When I have time I'm going right back to 14.1 in the hope that that fixes it.
[1] https://www.xda-developers.com/xiaomi-anti-rollback-protecti...
Edit: I suspect Xiaomi do this to keep you using MIUI as long as possible because they make money from showing ads in various parts of the system, and also sync your data back to their cloud which probably is resold in some derived form to advertisers. In my opinion, MIUI sucks. MIUI vs. LineageOS proved it is the phone OS (software) which influences how much a person likes a phone, rather than the hardware.
They've recently increased the wait time from 2 weeks to 2 months which had buyers complaining loudly on forums. So for their newest device (the Pocophone) they reduced the wait time to about 3 days. But I think the long wait times still exist for other phone models.
The wait time depends on Xiaomi's mood-of-the-day. They keep fluctuating it.
[1] http://xiaomitool.com/MiUnlockTool - make sure to run it on a 64bit machine as the included fastboot binary doesn't work on 32bit installations
I loathe going back to Oneplus's stock ROM as they modified it to kill background processes to make the phone seem like it has better battery life. I own a Tesla Model 3 and it uses the phone as a key, and the stock ROM doesn't work well with it at all.
https://wiki.lineageos.org/logcat.html
https://jira.lineageos.org/secure/Dashboard.jspa
They do look at them. But I would suggest taking a quick glance at those logs and see if you notice anything familiar. It may be something you recognize.
It isn't advice or suggestion BTW.. just my experience. :)
Deleted Comment
This really bothers me... I am starting to think we need a truly open source phone. That is hardware and software. like GNU/phone or something.
We must have full control over our hardware and software!
Viva La Gnu! (no clue what this actually means, but it seemed like the thing to say at this time).
While I appreciate Mozilla's recent exploits like the IoT Gateway (https://iot.mozilla.org/gateway/), they should have put all their non-thunderbird non-firefox effort into FirefoxOS, it was a strategic bet.
That was the story of the Ubuntu Phone.
...also the fact that they have boot up sound means that they are not focusing on user experience and needs, but on copying any and all features from the current phones :(
(I have no experience with that phone or whether it's good, just found it mentioned recently and very curious about it in general)
[0] https://shop.fairphone.com/en/buy-fairphone2-2/
Deleted Comment
What you're actually looking for is a phone where you manually initiate updates, and where it's guaranteed that change in behavior (e.g. theough experiments) can only be controlled through the device and not remotely.
With OS it's more likely to get that, but not guaranteed.
Bugs are part of it too (smaller I think), everything is moving fast enough that early reporting mostly took place of extensive testing.
I agree with you however. We must be able to have more control over something that has become so personal.
https://www.techradar.com/news/canonicals-dream-for-an-ubunt...https://developer.mozilla.org/en-US/docs/Archive/B2G_OS/Intr...
But I think what we really need is the smartphone-equivalent of the IBM PC.
It would allow anybody to develop a nice OS.
And with emulators you could still run Android/iOS apps.
I'm curious to hear your thoughts on how good it is or isn't.
https://support.microsoft.com/en-us/help/4459082/september11...
The GP's comment still stands though, it's a dead platform. Mainstream support ends on December 10, 2019, but lots of little things will die as we get closer to that date. Recently the Podcast app stopped letting me add new podcasts with some vague error about being unable to contact Bing. When Microsoft shut down their music service they killed Cortana's ability to identify music playing in the background. Notifications can be hit or miss depending on the app in question.
I went through the same cycle with webOS. What finally did it in the end for me was the browser crashing on about every 6th website I would visit.