AFAIK you can still sign it even if you don't publish it via playstore
I want to mention that Fedilab [1] and Subway Tooter [2], two famous apps used for Mastodon (or ActivityPub), a decentralized social network, had also been taken down by Google Play with the same reason.
Google has hired a bunch of 28 year old kids in HR and PR, that never used Usenet, that never used IRC, that barely remember AIM, that had a smartphone before they had their own laptop, that don’t understand the internet or technology.
And they’re the ones making these decisions. There aren’t rooms full of Google PMs and programmers and engineers debating the implications. It’s 3 or 4 kids in-between the ages of 24 and 34, and that room is increasingly technically illiterate, and increasingly unable to imagine an internet before (or after) FAANG hegemony.
This isn’t Google being evil to protect advertising dollars, or to kill Matrix, etc.
It’s google hiring young, unimaginative, uninteresting social justice warriors. We’ve taken for granted that most of the people working in FAANG have been using computers for longer than these companies existed. That’s no longer really the case, and the attitudes of these companies are going to continue to change further and further from the unique values that the industry used to represent. In ten years it’s going to be worse, and in 30 it’s going to be unrecognizable.
However I think it's unfair to say that people under age 40 are 'social justice warriors'. They've been raised in a bubble of superficial user interfaces and have never been forced to encounter the fundamental underpinnings of the software and Internet.
Some of them are even in the disaffected, alt-right or anti-SJW crowd[0] (but those are generally more like under 20, I think).
The ones who live on their phones and Macbooks and don't understand technology are normies, of which there are more since CS has become much more popularized and pop-culturally embraced, I think. There's plenty of those in their 50s and above, too, just less-so at FAANGs.
Smartphones are bad. "Apps" are bad. OS vendors using their position to change public behavior is bad. (this last idea something the courts in most countries agree on.)
You need to get this stuff out of your life, it's beyond coke levels of harmful.
There's a combination of a certain subset of millennials who are like this, and the leadership that doesn't care and wants everything to go their way (as it always has).
A large part is also that the mainstream internet is still so new, and people are so poorly educated that they don't understand that they're the bad guys.
- CCCP a cyrillic of SSSR?
- CCP, Chinese Communist Party?
- CCP, the cyclic something peptide, which is a top websearch hit for me?
Matrix app. Discussions on what to do about Telegram / Signal. Blocking Parlor.
Citizens can only challenge the establishment around a rigged economy if citizens have a place for free speech. FB/Twitter enable censorship.
I was so close to proposing moving off of Slack and onto something like Element/Matrix. Unfortunately this will be a harder sell to my management considering Google or Apple can just shut down any chat client businesses use.
This is ridiculous.
It's still a big problem that Google isn't even making the effort to investigate big apps on their own platform to get familiar with them (before letting the AI loose on them).
And now a few VPs of Google and Apple dictate who's allowed to bring in their apps into their holy app store.
You are assuming that states legislate primarily in the public interest. I disagree. Public pressure can influence legislation, but fundamental interests of ruling classes usually take precedent.
> we have completely forgotten that we need something like that in the digital world as well.
We have not "forgotten" something which is a claim, or opinion (and which I do not share).
I mean, you should now have learned that you can't rely on one single distribution channel.
The browser is a resource hog :-(
> electron-based
Essentially a browser under the hood, but separate from your actual browser :-(
> native,
I tried a few of those last year, and had all sorts of trouble, but I guess it's time to give them another shot! Can any of them be made to behave and look like IRC chats? Not screens full of mostly white space?
IIRC however - Element is not a native client.
> terminal
That's good :-)
Whatever shall we do?
The funny thing about the whole "do bad things and get kicked off" strategy is that every platform has abusers. Since Big Tech can arbitrarily decide the thresholds and circumstances that lead to being kicked off, this effectively means they can kick anyone off for any reason.
Even on here, on Hacker News, if you dig deep enough I guarantee you can find questionable content (albeit probably downvoted) to justify deplatforming if you were tasked with deplatforming this site anyways.
Odd that they'd only remove half of the Matrix clients available...
Monopoly power in action. There is little pressure to fix this.
First of all, we can't have stuff getting arbitrarily censored or kicked off stores, because even though it may start with alt-right QAnon nonsense, it will lead to things like Hey, Epic, Fortnite, Robinhood ratings being scrubbed, WSB being banned, or now Element. The slippery slope is not hypothetical. It's here.
Secondly, we can't just have AAPL, GOOG, FB, etc. merely say "oops, our bad" when the shit hits the fan. People get mad, they say "oops" -- even though the app may have lost thousands of customers and reputation -- and everyone forgets the snafu ever happened. This is not okay, and as consumers we should not be okay with it. I promise you Google will release a statement saying "certain groups" on Element "used some poopoo language" and the apologists will, yet again, be totally cool with it.
(I don't feel my comment is particularly controversial, yet I'm being mass downvoted with no counter-arguments.. weird.)
What I want is true competition and laws that make that happen.
For the people who see no issues with any of this, shall we shut off their water and electricity too while we're at it?
We absolutely need clear legislation on this, this is causing harm and the power asymmetry is monumental.
Also - consider the conflicts of interests: Google Apps would never, ever get treated the same way.
I think it's time to separate app distribution from the devices themselves.
I understand it should use more battery, but my phones still last multiple days even with F-Droid versions of Element and Telegram running 24/7.
One real annoyance is that after upgrading the apps, I need to start them again manually. Otherwise I won't receive any notifications until I do. IIRC with the Google Play versions, the push notifications will arrive and cause the app to start.
If this takedown stands, this effectively means that all distributed message systems are banned from the Play store.
Report them all, if you can't find objectionable content on those, write it to yourself, screenshot it and report the apps.
Basically as a protest. This can have far reaching effects for anyone worried about privacy, walled gardens, competing with social networks, etc...
Alternatively, pull the code from git, and follow the instructions to build the apk.
With devices, by default, configured to make it difficult to install apps directly, the store becomes the single point of failure.
And we engineers know, all too well, the dangers of single points of failure in any business-critical solution.
What well-run fortune 500 company, or government agency, would fully embrace and build a key business process around apps which can be made to vanish on the whim of an Apple or Google employee who takes issue with how someone fully disconnected from your organization (and maybe even in a different country) uses the same app you have rolled out to thousands of staff members?
In my opinion, the next logical step in “decentralization” of technology is to give mobile device users the same application control, logging, and monitoring powers over their devices that desktop, server, and notebook users have always enjoyed.
Does anyone else here see another logical path?
Naturally, it has the Element app.
As was predicted in 1948, "hate speech" has just become a smoke and mirrors term. Facebook and Discord used this excuse to deplatform WSB. Twitter uses this to deplatform people left, right, and center. And now Google is using it deplatform one of the few decentralised projects I had a lot of faith in.
I'm currently working on encryption support in the base library: https://github.com/quotient-im/libQuotient/pull/443 and once this is done the other big missing feature are notifications.
Not a friendly experience, but not insanely hard either.
Competitors on youtube do this all the time to take down competitive content.
E.g. false flags of inappropriate content or copyright to take down videos or channels.
This is a good situation for big players, because there will always exist a real or fake excuse to take down any potentially competitive threat.
Also, unfortunately this system aligns with the goals of our political system that wants to have a one stop shop for surveillance of ‘law breakers’.
None of these things take materially more resources from google. Some junior PM should be able to make this better, and it would save google a lot of antitrust concerns. Something like 1M a year would probably do it.
Use your browser.
Webkit: [1] It's a thousand times easier to compile and was the original base for chromium
Servo: [2] This is much more recent, I haven't looked lately (until today) but it looks to be making rapid forward progress
Elinks: [3] and friends, these are more capable than you'd think (hackernews works, even if you don't build it with javascript enabled.)
Also it's surprisingly easy to write your own engine, it's just keeping up with some of the more political stupidity/abuse is hard.
Element's developers just upload a newer version to Play themselves as part of the release.
I wouldn't give up faith in Matrix yet. Remember, there are other clients, and there is always the Element web client.
Now you're just out of straws, or pulled the trigger on some decision? What's the implication?
Imagine, you ditch your smartphone. You switch to Linux. You stop using _search engines_ because all of them use Google or Bing in the backend. You abandon Facebook, Twitter, LinkedIn, YouTube, GitHub, and Gmail. Before you go to a website, how do you know if they are going to load an asset from AWS or GApps? Maybe the server loads an asset from AWS and redistributes it to you, so you can’t just blacklist IPs. How do you know if your Bank’s ATMs are using AWS? Or your hospital’s digital records? Eventually someone you do business with will do business with FANG and you’ll be indirectly supporting them.
Precisely. Even if they are acting in good faith, their current set of rules would make them ban internet if it was to be created now.
So are you going to switch to a GNU/Linux phone, Librem 5 or Pinephone?
Whatever shackles are being forged against your worst enemy, do not be surprised if they end up on your wrists at some later date.
Could you explain that part to me because because I’d guess at at least 150 man-years to get a PoC.
Servo was started at 2012 and I think it had full time employees so it’s at least 8 man years to get to that state (I’d guess it was a lot of people in the team, but as a minimum).
Luckily theres other clients available too. Client diversity is important
You can't change how they operate. But you can change how you operate.
So I should probably lower the quality of my life to make a statement that will have no impact on them at all?
>You can't change how they operate.
Sure you can, by petitioning your government to draft laws and so on.
God forbid we "lower the quality of our lives" for such lowly things as principles!
>Sure you can, by petitioning your government to draft laws and so on.
Else what, you'll vote for another party? Both parties (in the US) take money from Big Tech, and they vote the same shit anyway. That will "show them" nothing. Especially since their stance on such laws is 1/100 of the things you vote a party/candidate about (so you will still vote for them if you agree on other matters).
(Edit: I mention mental wellness because those products, and the ads they carry, are designed to be addictive.)
My bet’s on the latter. And so long as we all continue to support them (while claiming “but my boycott won’t do any good”), they’ll continue to use that financial support to ensure the continued non-involvement of the government in their affairs.
Doing nothing costs nothing, but it also changes nothing.
I quit Facebook along with most Google services, I feel much happier and more well adjusted than when I was using them. Meeting with family and friends is also much more interesting because I don't have a constant stream detailing their life.
Good luck petitioning the government to act on it... this goes double for US businesses and people who live outside the US.
Petition the government if you like. It doesn't matter. You don't have millions to donate to the next campaign or their personal enrichment. You're not who they care about.
Quitting Facebook will objectively increase your quality of life.
Ask the government to do something about it? They're allies, they're in it together.
There is no scenario where they don't take out encryption this decade. It's a top priority and big tech is going to very happily assist them. Big tech will give them what they want, they will act as an arm of tyranny assisting the government in smashing human rights, and in return they'll get to continue to expand (they'll get a light touch regulatory treatment). It now has a lot in common with how China handles their giant corporations (so long as you do what we tell you to, you get to exist and thrive), and big tech in the US looks more like a CCP apparatus by the passing day.
All forms of expression and speech will continue to be restricted more by the passing year. The government won't need to do it themselves, big tech will do the dirty work with a wink and nod. That includes all app stores, all online content and forums, all software.
So, when you can't petition your government any longer because it's hell bent on taking your liberty away, what does that leave? The War on Domestic Terrorism of course. They'll create it, spur it, and then have an excuse to crack down on their own invention (not terribly different from how they ran the war on drugs). The US will be a horrible place to live in the near future. The foreign war on terrorism, in which the US did such unbelievable vicious things to other nations, will now turn inward, and the monster will come home, rolling over human rights as it goes.
Switching from gmail to another provider isn't like living without electricity, it takes a couple of days updating some external accounts to reflect your new email; I did it.
Buying shit from somewhere that isn't Amazon isn't exactly trekking through the jungle for 3 weeks. All you have to do is type in another domain. There is no shortage of non-Amazon sellers with similar prices.
Switching from Chrome to Firefox takes 5 minutes, you can import your bookmarks and whatnot. Maybe you'll have to type in a password again. No climbing K2 level difficulty there either.
Android and iOS aren't that different, you can click a browser, camera, or email in either in the same amount of time with the same UI.
Sure it's effort, but it's not a hell of a lot of effort.
- LineageOS + MicroG and F-Droid for mobile.
- NextCloud (and DAV) running on an old laptop for calendar, contacts, and file storage. The mobile app uploads all my photos automatically. It backs up to Backblaze
-ProtonMail with a custom domain for email.
Amazon is pretty avoidable. Shipping has gotten faster and cheaper everywhere else at this point. At least for the rural place I am.
I'm not particularly tech savvy. This took a significant time effort for me. At this point, it's all pretty stable, I don't really have glitches anymore. I imagine the average HN user could easily replicate it, and if this type of setup got more popular, it would invariably get easier to set up.
Migrating email is intimidating, but alleviates the highest cost risk and is actually pretty painless. In my own case, I started a Fastmail account and told it to use my own domain and sync from my gmail account. I didn't have to commit to anything until I felt like it. After a couple of weeks I started lazily updating a few subscriptions as they got forwarded from gmail, and replying to people with 'hey, check it out this is my new email'. Now, Fastmail could vanish and I'd be temporarily inconvenienced for only as long as it took to staple my domain to some other email host. Losing access to my gmail account before making that switch would have been a disaster.
Why is that? I'm not being snarky, I just don't understand why.
The difference between a rooted and non-rooted android is like the being in the wheel group or sudoers file on unix/linux and not being in them.
Personally, I like to have full control of my own property.
What reason do you have for not wanting that?
We used yo have laws..
And opting out is literslly impossible, there are people and authorities i -have-to- communicate with, and its impossible outside those platforms
I stopped using these services and told people to contact me via sms or signal. No problems so far.
The people who won't make that extra step aren't worth my time because clearly I'm not worth their time.
There's nowhere to run away to.
You can, by pressuring politicians to create laws and regulations. It’s just something the US hasn’t tried all that much lately.
Sorry for the confusion, throwaway.
*edited - the old name of Element, apparently.
The protocol is essentially decentralized
Apple has earned plenty of criticism themselves, but I do appreciate that they curate the app store with humans.
If Android were really as free and open as everyone says it is, then there would be a method built into the os to download and install apps directly through the web browser, without hunting through settings and enabling it.
As it is, this is barely better than iOS, and I’m kind of disgusted that everyone thinks it’s fine and normal as a solution.
That's correct, but we can still boycott companies that do this.
There is no choice outside Google/Apple when it comes to mobile devices. None which are fully compatible with a normal person's way of life, or which provides access to the same apps.
It may be technically possible to avoid them, but 'technically possible' and 'competitive alternative' are worlds apart.
It's not free marked at all.
Free marked is about having a competition between companies where the user decides who wins by buying the best products.
The concept of a free marked was invented before there had been massive marked limiting factors like "lock down" of digital devices and similar.
Somehow a lot of people still take all the original arguments why a free marked is good but then use them to argue for a marked which is neither free nor has the marked dynamics anymore which make a free marked a potential "good" marked strategy.
In the end a free marked needs to have proper competition. Weather that is limited by the government or by companies abusing a change in technological landscape which gives them powers which originally at best governments had doesn't matter, it's no longer a free marked at all and no of the reasons why it's supposedly good do uphold then.
On Android you just grab an APK or use F-Droid and it's a couple taps.
Like legit it’s like the inverse of wading through the comments section on macrumors.
If you actually do care about privacy and free speech and aren't using an iPhone because they're fashionable in your country then you should check out purism and pine64. They're the only phones I know of that are designed not to run "mobile OSes".
As for an alternative mobile OS, I would love to get my hands on Sailfish, but it’s not available for the US.
We need regulation and government investment in open tech and software. The App/Play Store are anti-competitive, but Apple and Google have a Duopoly in the mobile market. There can and should be rules regarding this. I don't see how they should be even allowed to profit off these markets. Like at all. Every app there increases the value of their platforms by itself.
Even if you use F-Droid, you then have to compromise on security deeply embedded into the Android OS.
Platforms should be allowed to be repairable, open and documented and users should be allowed to do whatever they please with them.
The market won't fix this. You need to become politically active.
I do however tend to buy products and services that align with my values and shy away from products and services that go against my values. For example, I’d be more inclined to buy a Tesla and install home solar panels then I would be to buy a VW because Tesla is emissions free and VW lied on their emissions tests. VW lost some long term customers because of that incident and Tesla is continuing to attract new buyers that are concerned with climate change. Due to this trend we are able to deploy more electric vehicles then government regulations require.
Elon Musk is the richest person on the planet. You really do not need to prefer either of those companies for anything but the products they sell. Your decision does not matter.
What matters is single entities like Musk, VW, Bezos, Wallstreet and Gates not having the undemocratic mandate to form the world to their liking, "good" or bad. Nobody should have that much power.
If you want to change the world with money, invest in those who consider having 100$ or 1000$ more or less life changing. Pay for FOSS, invest in local communities. Strengthen the collective.
It's a simple equation to grok: if utility X is only available in a digitized form on a controlled and centralized platform, then that utility is subject to central controls. And as we see, these control mechanisms will inevitably require AI moderation to scale.
You think things are bad when Google arbitrarily kicks you off gmail? Wait until it happens to your bank account. Who are you gonna call? Where are you going to go and speak out about it?
USPS has to service everyone, even those where they don't make any money with. If this FDIC thing is more like the USPS, your concerns would be unfounded.
"We need more than deplatforming"
https://blog.mozilla.org/blog/2021/01/08/we-need-more-than-d...
We do need research to fix social media, and we do need transparency.
Firefox is generally good; they have some identity politics, but it hasn't taken over their ethos.
But I agree, FF is the best
On top of that, if you have a rooted phone, you can use F-Droid to automatically install updates. For me updating apps from F-Droid is actually more convenient than updating apps from the play store, which I have to manually install.
There absolutely could be phone vendors selling LineageOS phones with F-Droid as the default app store. The only really important thing that would be missing for a lot of people would be WhatsApp.
--
"'It ate his head. Another loser.'
She said to the two of them, 'It's easy to win. Anybody can win.'"
-- A Scanner Darkly
It's pretty simple if your phone is supported. You enable developer mode, enable USB debugging, download the image, and run a couple ADB commands. For me it was:
fastboot flashing unlock
fastboot update image.zip
And that was it.
Not GP, but I'd been using LineageOS on my HTC OneMax. I like it a lot.
Here's a list of supported devices:
https://wiki.lineageos.org/devices/
Click through the links on the above page for install guides.
If that's how it is where you live, and you live in a democracy, you can change that.
If you want to reason from labels as if they are tautologies, here's a word for you: https://en.wikipedia.org/wiki/Anocracy
The alternative interpretation to what you propose is running for office. That's not out of the question but it's a decades-long pipeline with a lot of protections built in by convention. Outsiders are going to have difficulty until the current gen of representatives fades with age, and making headway is feasible only with the hope that the growing sphere of elite replacements are less competent behind the reigns if they decide to maintain their predecessors' policies.
You mean "The Right to Rewrite History"?
For iOS your users will have to sign it themselves (but still via Apple, who could block that too) with their own developer account, just to get a time-limited install. Or, even worse, use a jailbroken device to work around all this.
That doesn't help if everyone you want to interact with refuses to talk to you if you don't have an iPhone because doing that has become fashionable.
People do this?? Wow, that is unbelievably snobby.
I've always just unlocked the bootloader, then installed TWRP[0] (or similar) and then re-locked the bootloader.
Once a reasonable recovery partition is in place, you don't need keep the bootloader unlocked.
[0] https://twrp.me/
>Why would a browser want to get into the censorship business?
Is having an opinion getting into a business now? It was a pretty bad article and I don't care for it, but please explain how they're "getting into the censorship business".
- Make bank account.
- Bank forces you to use their app for obtaining TANs.
- App refuses to run because "your phone is rooted", i.e. because you removed Google's crap.
- No bank account for you, sorry bro.
I have personally been through this shit. Sure, some banks offer using a physical TAN generator - but not all!
That is a situation where I'd move bank, use an iPhone or just allow GServices on my device.
There is certainly a point where you just need to be pragmatic above all else. Otherwise, you can still reduce your interactions with their other services as much as possible.
Quality of life is not a binary, where you either 'have' it or not, so I don't think it makes sense to say "your quality of life DEPENDS on google or Facebook"
Many things make your quality of life a bit better, and some things make it a bit worse, but no one says they can't have a quality life without Facebook or google.
The person is saying that stopping using Facebook and google will slightly decrease their overall quality of life, but will have zero impact on Facebook and google.
I still maintain it's sad that removing Facebook/Google can have any significant drop in your quality of life. And by significant, I mean one where you're willing to debate about it.
I like to keep my happiness as far as possible from the services that some soulless multinational provides.
Do you see a doctor, or use any healthcare services? Or use any pharmaceutical products or cosmetics that are mass produced? Shampoo? Soap? Hand sanitizer?
Do you wear clothing that you didn't make yourself from raw cotton you made? Or shop at a store like Gap, Cotton On, Target, Zara etc?
Do you drive a car? Or take Uber? Or use something like a bus or car, or other vehicle made by a large multinational engineering company?
Do you eat any fast foods? Or eat at restaurants that use any produce or mass produced raw ingredients? Or use any kitchen utensils or kitchenware? Do you shop at say IKEA?
Or do you use electronics like a laptop, phone or desktop computer?
Or do you keep any of your money at a bank? Or use things like car insurance?
It slightly irks me when people claim they want to stick it to the man, and don't like "those corporations".
We have a Green party politician in Australia who lives off the grid, and grows his own produce. Whilst I don't agree with all his policies - I respect that he lives consistently with his beliefs.
If you're on HN - I'd posit that your life (like mine, and billions of others) is dependent on multinational corporations for our current quality of life.
If you don't agree with one of them, that fine, but often it's less to do with principles and more "their customer service is terrible" or "they didn't fix this one issue that is very important to me", or "I read on Reddit/FB/Techcrunch this terrible fact about them"
Offhand the parent post would require me to give up Google Search (including via DDG), Gmail, Google Cloud, AWS, Amazon, Zappos, Audible, Comixology and Woot Shirts. I barely use Facebook or Twitter but the rest would lower my quality of life (and not just due to the large drop in employment opportunities I could take).
DuckDuckGo doesn't use Google Search, so you'd be okay there.
That's dependent on which phone you have and what software you have on that phone.
Here's a few places to start:
And samsung just won't unlock US models.
And xiaomi factory resets the phone when relocking.
Searching for relock root android gives very unhelpful results in general.
I did learn there's one specific model of motorola where the "lock" just doesn't work, and that's amusing but not very useful.
So I meant your phone specifically. Not just rooting, but rooting with a currently-locked bootloader. Please tell me a little bit about an example where this actually works. And hopefully passes safetynet, and will keep passing safetynet with hardware attestation.
I unlocked my bootloader (cf. https://forum.xda-developers.com/t/guide-s-off-root-your-htc...), installed TWRP[0] and then re-locked my bootloader.
I then variously installed different custom roms (LineageOS, NuSense, ResurrectionRemix) and in between re-flashed the stock rom.
I used SuperSU and AddonSU to root the installed images. Magisk is also a popular rooting tool (AIUI, the MagiskHide component blocks Google Play from identifying the device as rooted as well).
Once I installed TWRP, I was able to do all of those things with a locked bootloader and had zero problems running any Android application.
I'd note that LineageOS[1] supports hundreds of different phones.
Any reasonably tech savvy person can do this fairly easily and a non-tech savvy person can do so with a modicum of effort.
If you're actually interested, I'll happily sell you my services to do this on your phone.
And I promise you that I will charge you an outrageously large amount for those services. It's definitely not worth it, but I'd be happy to take your money.
[0] https://twrp.me/
Anarchy and capitalism are two extremely different things, and also there are methods of free association (https://en.wikipedia.org/wiki/Free_association_(Marxism_and_...) that allow for distributed production without any centralization OR private ownership of production/profit-driven exchange.
Granted, we're far off from these things probably, but capitalism is turning out to be a steaming pile of shit so it's good to think about what comes after without turning into a centrally-planned hell hole.
Capitalism, much like democracy it's the least-worst system out there.
I believe most of the problems we're facing with it are challenges of scale. Especially in the US, it's just too big. Maybe breaking everything up back to the state level would be a good idea?
No matter what, I'm almost always in favor of decentralization/distribution of power and resources, so I could get behind this.
Which if you were to give up Google Search, is something you wouldn't be doing (or would have blocked).
I think YouTube is a far stickier service than Google Search, just because it's acted as an informal video archive of the past 15 years of internet video history. But I fully recognize the risks with this monopoly structure in place and have started to embrace alternatives like https://odysee.com/ and https://rumble.com/. It's time to disentangle from monopolies. Take your digital sovereignty back.
Especially when considering the unethical nature of these businesses and how they abuse their power.
That ties into the quality of the platform and it is alarming that some people will tolerate it for some comfort.
Protonmail comes to mind:
1. Using standard IMAP/POP is only available for Paid users and only on the desktop. Not Mobile.
2. Conversation view is not implemented on their mobile clients. It has been over 5 years - https://protonmail.uservoice.com/forums/284483-feedback/sugg...
3. Their conversation view on the desktop groups messages based on the sender and not always the subject. It results in old conversations being grouped together.
They are working on all these issues, but till then, my productivity was impacted a lot by switching.
This is not a "how do I root???" situation. You have a much better brand than most people.
And I've used magisk fine, but hardware attestation is rolling out and if anything starts to require that then anyone that can't relock their phone can't fake it. Edit: And it might fail anyway according to https://twitter.com/topjohnwu/status/1278849731305672705?s=1...
Also good luck doing anything with my current phone. After long enough being unable to find a reasonable phone that had 600MHz support, an SD card, and rootability, I gave up and got a samsung. The bootloader won't allow anything.
I did a bunch of research as well, and recently bought a Motorola Edge[0] (not Edge+) which has pretty much everything you mentioned, including support for up to a 1TB SD card.
I haven't rooted it yet, but I should have no problem doing so if/when I decide to do so (when I require a feature I don't have and/or Motorola stops upgrading the OS).
Samsung says[1] there shouldn't be a problem with locking/unlocking the bootloader.
And other sites[2] confirm this for newer Samsung phones.
What's more, there's additional development work[3] on bypassing Safety Net as well.
Even more, moving away from Play Services and installing MicroG[4] addresses the issue as well.
I don't even own a Samsung phone and I found all this out in less than five minutes. I can understand if you don't want to put in the time and effort, but just saying it doesn't work (N.B., you didn't mention the specific Samsung model you have which may complicate things, but none of the info I've seen -- including Samsung's docs -- say that the bootloader can't be unlocked/relocked) when there's ample evidence that most (if not all) Samsung devices can be unlocked/rooted/relocked and still pass safety net checks.
Besides, even if you don't root the device, installing a custom recovery partition will allow nandroid backups[5], which are clearly superior to other backup mechanisms.
Regardless, I hope you get/have the features and performance you desire, and are able to keep using your device long after Samsung stops supporting it (my HTC stopped getting updates with KitKat/4.4 in 2015, but I've continued to update it and currently run LineageOS 17.1/AndroidQ on it), as there's no reason to buy a new phone as long as you can run recent software versions.
In fact, the only reason I purchased a new device was for VoLTE[6] support, which the HTC OneMax doesn't have.
I wish you many years of quality use from your device.
[0] https://www.motorola.com/us/smartphones-motorola-edge/p
[1] https://r2.community.samsung.com/t5/Others/Unlocking-The-Boo...
[2] https://www.getdroidtips.com/how-to-unlock-bootloader-on-sam...
[3] https://www.xda-developers.com/bypass-safetynet-hardware-att...
[5] https://android.stackexchange.com/questions/28296/how-to-ful...
[6] https://en.wikipedia.org/wiki/Voice_over_LTE
Edit: Fixed link reference numbers and typos.
I looked at all the screen defect reports and high price and decided not to risk it.
> Samsung says[1] there shouldn't be a problem with locking/unlocking the bootloader.
> And other sites[2] confirm this for newer Samsung phones.
More specifically, Samsung phones for the US with qualcomm chips cannot be unlocked. The nice little menu option in that article is just not there.
> What's more, there's additional development work[3] on bypassing Safety Net as well.
If they decide to remove the fallback, that method dies.
> I don't even own a Samsung phone and I found all this out in less than five minutes.
The info on samsung models is a mess because they put out almost identical phones with different chipsets and subtly different capabilities.
All the non-US models, almost all with exynos chips, can be unlocked but that does me no good.
> you didn't mention the specific Samsung model you have which may complicate things
S20 FE 5G SM-G781U1 if you really want to know.
> Besides, even if you don't root the device, installing a custom recovery partition will allow nandroid backups[5], which are clearly superior to other backup mechanisms.
I know, and I wish I could do that.
I use GMail, Google Search, Youtube Twitter, Amazon, and Facebook.
I'm not thrilled about FB but it lets me keep tabs on friends. Sometiems I interact with a few people who are friends but sucked in by a lot of the disinformation around, so I try to engage with them sometimes but not often. I also spend maybe 15 minutes a day on it, tops.
Twitter never stresses me, I don't follow toxic people, just friends, entertainers, tech people and such. Again, maybe 15-30 minutes a day, tops.
I get a lot of satisfaction from Youtube, I even pay for premium so I don't get ads, and follow a bunch of great creators.
Amazon's pricing and delivery are great. that makes me happy. I just make sure not to by crap/scam products and I'm good. I use Amazon Music every day, and their video streaming is great too (although they need to stop changing the name).
Google Search is by far the best, IMO, and saves me hours every day.
I have my personal domain go to gmail, and it makes managing ages of email a breeze.
So I can't see a way in which ditching any of those would benefit me, and aside from Facebook, I feel NOT using them would cause me more stress, or less enjoyment.
I'd love to know how you find leaving them has benefitted you.
Why do I care? That's the implicit bargain, I get a free service in exchange for ads. I don't care about the ads, they don't show up in my actual mail feed, just on the side so they're easy to ignore/block.
> Psychological profiles are collated from every click you take on each of these platforms and pulled into ad brokerships.
Why do I care? We build profiles of every person we meet in our heads. I'm a very open person.
> The people that are hired to do this profiling often have crossovers into government sectors, as this is just another form of surveillance.
Again, why do I care? I'm not trying to be argumentative, but I truly do not care if people know I looked at new Kias, or I use Old Spice deodorant. I don't find any of that information being out there harmful to me.
> I am personally shocked (not necessarily appalled) at anyone feeling OK with this level of scrutiny being applied to themselves at all the times by government bureaucrats, or companies just looking to make a buck off of your behavior without you even knowing. We're past the point where anyone can claim ignorance of these facts.
It's not that I'm ok with it, I simply don't CARE. It doesn't impact me in a negative way. There is no human out there looking at my buying/watching habits and taking notes, passing them on to men in trees with binoculars plotting to abduct me. There are machine learning algorithms using them to suggest things I might buy, or might want to watch on TV. They're right sometimes, so I actually get some value out of it.
I don't make it easy, I opt out of everything I can, but I also don't really care as long as I can not hook my TV to the network to avoid Samsung's built-in ads which is offensive bullshit and SHOULD be regulated, then I'm ok. When I go out into the world, I don't have any rights to who can see me who what they can learn about me, it's the same online. As long as I have the power to control what comes into my home, that's what matters. Outside, or out on the internet at large, I'm on someone else's property, and if I don't like their rules, I can leave.
There's a difference between watching me in public and forcing me to do things. One is your right which doesn't harm me, and the other is NOT your right because it CAN harm me.
Whether you realise it or not, the algorithms behind these services are having a subtle impact on you and show you things for various shady reasons. For me, that was enough just to ditch those services.
It's good to see that you're limiting your exposure to them though.
Only if you're massively moving the goalposts.
The claim wasn't anything about "subtle impact" or "shady reasons". It was about whether those services are causing major stress and problems.
> how were they negatively impacting your mental wellbeing?
I think the answer to your question is obviously very personal and will change from an individual to another.
For me personally the stress came in 2 forms:
* Outrage/politics, especially on Twitter and Reddit. On Twitter, it's impossible to escape this, even if you carefully sanitise the list of those who you follow, due to the trending section being visible to everyone. On Reddit, if you visit the site while you are not logged in, again you will see all of the above.
* Time sink. The worst offender here was Youtube. E.g. "I need to do X in my aquarium let me just quickly double check that video by Aquarium Co-op" - 2 hours later (spent watching "recommended next" videos) I would realise "wow I just wasted 2 hours of my life". Note that I can still quickly view a video without having an account, but due to not having followlists and such, the recommendations are less addictive. Facebook and Instagram were also a time sink and unlike Youtube they weren't really useful in any obvious way, except maybe a couple of Facebook Groups I was part of (e.g. my daughter's school parents group where I could get some news about the school - I now subscribe to their newsletter instead).
* Instigating compulsive spending, e.g. Amazon - this is quite obvious due to it being an e-commerce website and knowing well what you're thinking to buy. I now shop on local retailers whenever possible and as a last resort on eBay, since at least it is less pervasive - unlike Amazon which entices you to take advantage of the rest of their ecosystem e.g. Prime Video or Kindle or Twitch, then "follows" you in all those places with tracking ads.
> Google Search is by far the best, IMO, and saves me hours every day.
If you use Duckduckgo, you can add !sp at the end of your search, and you will get proxied Google results. You don't need to have a Google account for that.
> I have my personal domain go to gmail, and it makes managing ages of email a breeze.
Having a personal domain is a great first step, well done! I didn't have it so I had to setup an "out of office" message, warning everyone that my Gmail address would be deactivated soon...
Youtube CAN be a time sink, but so can movies, books, and music. It's my responsibility to manage my time, but I appreciate that it makes it easy to find content I WANT rather than crap.
I grew up dirt poor, homeless twice before I was ten. I make 6 figures now because I work hard, I'm good at what I do (and also because being a white male in America is very useful), and because I know how to spend and not to spend. Good tea is worth it, grocery store milk and butter are fine. A good car is essential, it should work well and look nice, but I'm not buying a Mercedes ever. I have an $1,000 TV that I got for $450 because I love to bargain hunt like some people like to actually hunt.
I don't _generally_ care about remarketing ads, as long as they don't go on for months. My biggest problem is when I see ads for three weeks AFTER I BOUGHT THE DAMN THING.
So I can go to Duck Duck Go, get Google results, but without the benefit of having a profile to determine what's most likely more relevant to me? That doesn't sound useful. I LIKE that Google says, "hey, the last three things he searched were actors in the same TV show, I bet when he's typing a name it's probably related to that same show." I like that Google knows if I search "stars fell on alabama" the chances I want the lyrics to the Frank Sinatra song are 100%. That's beneficial to me.
I have a personal domain for vanity reasons, and also control, yes. If I decide to leave, it's on my terms.
I applaud you for being in charge of your own life, I think I am too. I will say, however, that I think you probably concern yourself with the concept of privacy than me. I'm not a big "what if" person, not a big existential question person. To me, privacy was ALWAYS a lot less encompassing than we ever thought, and at the same time, no one cares about us nearly as much as we think they do. Do FAANG know a lot about me? Yep. but I don't care, because they don't care about me, I don't matter to them. I'm a line in a database, nothing more.
My life philosophy is, "The universe wants to kill me. Eventually it will. My priority is prolonging the magic." That doesn't include worrying about how many databases know I like BSG, Sinatra, Mountain Dew, and liberal politics.
They use highly optimized and self-optimizing techniques and psychological tricks (including A/B testing, consulting experts in cognition, using dark patterns, and everything) to get you hooked on dopamine hits, make you jealoush of your timeline peers, anger you, milk your engagement etc.
The idea that "I'm different, these ads don't work on me" is basically the 21st century version of "I'm not addicted can't quit anytime" of the drug addict (not to mention that it's not just ads, but the feed that's problematic, from reasons that range from echo-bubbling to comparing yourself to 1000s of people you don't know but are your "friends" -- and even with actual friends, people used to have less visibility to their spending habbits, vacation photos, etc, not share everything including pics of their branch).
I completely agree with the echo-chamber effect, but I also don't feel Facebook or Twitter are actually good sources for political discourse or information so I'm not exactly trusting anything I see there. I think cable news is far more "addictive" and mood-warping than Facebook, though. It's totally passive, you just sit there and absorb the anxiety-laden "coming up in just minutes, how some politician is literally trying to kill you and your family with new regulations on ocean cargo ships! After these ads."
Yes, they absolutely want to boost engagement and use. Yes, they use tested algorithms to select content appealing to you. Yes, some of them even have sleazy policies on content and ads. Some types of content and some types of personalities lend themselves well to that type of information dissemination, especially right-wing content due to the more conformist/authority-pleasing nature of those mentalities. Do I think Facebook and Twitter actually want to make me angry at people? No. People that use FB and Twitter for propaganda reasons do, but that's what propaganda from any source is meant to do, highlight differences between groups and increase inter-group tension to reinforce tribal identity.
But, you didn't actually answer my question. I asked how they affected YOU, not what the goals of these platforms are. I want to hear how they actually affected a person, not how they might affect groups. I'd really like to know how Google and Amazon fit in there too. Again, feel like it boils down to "maybe you shouldn't be so affected by people you don't know and ideas you haven't checked" but also again I don't want to victim blame. I also don't generally like blaming tools for problems, so I'm trying to get more data.
I came to the same conclusion. It is much easier to blame some internet website (which is basically just some pixels on a screen) instead of figuring out internal psychological reasons for being addicted. If a person is looking for addictions, they will find them. If it won't be facebook, it will be porn, binge-watching, sugar, compulsive excercise, compulsive talking, etc. etc. The list is endless.
I just don't buy an idea that some pixels have more responsibility for their choices than the person itself does.
Also when they start mentioning "dopamine" it makes me laugh. Brain just doesn't work that way. Dopamine doesn't make you do things, you make you do things. Dopamine is just a way for the brain to encode whatever you like. If you want to be addicted to facebook - it will encode facebook. If you want to have a healthy life - you'll get your dopamine exactly the same way when you get up in the morning, look outside and just think for yourself "this is a beautiful day", or when you solve a particular puzzle in your work, or when you say hi to a stranger. Brain has no shortage of dopamine and it is you who decide when it is released. Unless you are addicted of course. But don't blame the thing, work with the addiction instead, it's the only truthful way to stop being addicted.
Now, for some people who are highly addicted, quitting facebook completely - might be a good thing. Like for an alcoholic, it might be good to quite 100% of alcohol for a while. But it doesn't mean that a healthy person can easily enjoy a glass of wine every now and then and don't have any problems with it.
Instagram is a great tools for business, and now it's practically impossible to run one without using it. Twitter and reddit can provide you a ton of useful info that you will have a hard time finding anywhere else (or it will take way longer). I've built a business on Play Store.
It's all about how you use them.
>I looked at all the screen defect reports and high price and decided not to risk it.
That concerned me a bit too. I got a deal ($499 IIRC) on the device and decided to risk it.
I've had no screen issues at all and like it a lot. Then again, I've only had it for four months, so I guess we'll see.
>More specifically, Samsung phones for the US with qualcomm chips cannot be unlocked. The nice little menu option in that article is just not there.
You are, of course, absolutely correct. I didn't catch that in my initial search.
That sucks. I'm glad I didn't purchase a Samsung.
I had similar goals as you did in a new device: fast processor, lots of RAM, large internal storage and large SDCard support, long battery life.
I considered another HTC device, but my experience with them dropping support almost immediately (~9 months after I bought it) for upgrades really pissed me off.
And since I'm not going to buy a new phone every year or two (there's no reason to replace a perfectly good phone just because the OEM drops support in an attempt to get you to buy a new one), especially when there are better Android implementations (e.g., LineageOS) without all the bloatware.
As such, rootable/bootloader unlockable was very important to me too.
Maybe I'm just old and crotchety, but I figure that if I purchase a physical product, I should be able to do with it as I choose, without restriction. This whole 'we decide what you can and can't do, and what software you can and can't run with the very expensive device you've "purchased"' schtick is unacceptable to me.
This is yet another area where we need legislation to address this in the US.
I am aware that there are specific FCC regulations that require specific ranges of transceiver power levels and related stuff, but since the baseband processor code is generally proprietary and requires binary blobs from the manufacturer, that really shouldn't be an issue.
Perhaps if we make enough noise, we can make that a reality.
Agreed.
I'm tolerating it on this phone since they announced pretty long term support, but it's far from what the situation should be.
Oh of course, I never suggested otherwise! We all have different priorities, and also our heads all work in different ways.
But, I wanted to make it clear that, if one has moral exceptions, then they can quit those services and be OK. Many are under the impression that they could not possibly live without X or Y, that's the idea I wanted to dispel.
But it's worth to note that most people are delluded in this regard, thinking they're different. Besides "different in tolerance" and "hookable" are not entirely contradictory. One might resist Vicodin and fall for social media echo- bubbling for example, the same way some can resist alcohol, but fall for drugs or food at obesity-level, and so on. In other words, some are different in the set of tolerances, but still human, in that they have their soft spots.
>But, you didn't actually answer my question. I asked how they affected YOU, not what the goals of these platforms are.
That would still be asking the wrong question. We don't live in isolated fishbowls. What negatively affects others also affects me (that's not even to mention the direct harm to my family, relatives, and friends, I'm speaking in more general community terms).
If you write "teen movie about vampires" or something equally vague, Google is king.
If you write a direct quote or the exact error message, without typos, DDG gives better results. I can also put sentences in quotes to force an exact match. DDG is just an older school search engine, so old school tricks work better.
But you trust yourself so much that "advertising DOES work on me, but only insomuch as it alerts me to potential things"
That sounds a bit contradictory to me. (I think I could describe myself somewhat like you did in the latter part, and I still have absolutely no illusions that ads would not be able to get me. So I just actively try to avoid them. And I do not need or want anyone to alert me on potential things. Even further, I try to live by the principle of never, ever making any kind of commercial transaction with anyone where I have not been the intiator of the communication.)
Our assumption that this is due to someone reporting abusive content in Matrix to Google, and Element catching the blame — although this is currently speculation.
To be clear: Element is a Matrix client just as Chrome is a Web browser, and just as it’s possible to view abusive material via Chrome, the same is true of Element.
However, we abhor abuse, and on the default matrix.org server (and other Matrix servers the core team maintains) we have a fairly strict terms of use at https://matrix.org/legal/terms-and-conditions#6-play-nice-cl... which we proactively enforce. Meanwhile we have a comprehensive toolset at https://matrix.org/docs/guides/moderation to help folks moderate, and are making good process with decentralised reputation to empower users and admins to filter out stuff they don’t want to see, as per https://matrix.org/blog/2020/10/19/combating-abuse-in-matrix....
So, it’s very unfortunate and frustrating that we’re in this position - hopefully Google will explain what’s going on shortly.
We spent today doing an audit by revisiting recent issues reported to abuse@matrix.org, which had already identified and acted on the content in question. We also took the opportunity to explain how Element and Matrix fit together, what decentralisation is, and the steps we take to mitigate abuse on the servers we run.
As a result, it looks like the app has just been reinstated while I was typing this message: https://play.google.com/store/apps/details?id=im.vector.app.
Thanks everyone for your patience and support while we sorted this out (and huge thanks to the overall Element team who spent their Saturdays on the audit).
Did the VP offer any explanation as to why you had not received any communcation from Google?
This kind of language is very wishy-washy and leaves everything to the imagination. 9/10 times the issue is terrorism or CP. So which of the two was it? And why aren't you comfortable enough to share that reason with your prospective users?
This phrasing suggests it was probably not even illegal to publish.
What if this content had been something that Google finds politically or commercially disfavorable to its interests, rather than something we would all think is intolerable? What if it _is_ like that?
I expect we'll never get a useful explanation from Google for why this incident happened -- abuse teams, like fraud teams, are worried about the bad guys using the explanations to tune their tactics and so tend to never explain anything.
But the details of how Google screwed up here also don't matter. A sudden Friday night suspension of a popular, legitimate app is insane! That possibility shouldn't be in the flowchart.
I get that for malware/spam/etc., it's important to immediately suspend, but I don't understand why Google doesn't take more seriously the very negative harm caused by doing that to a legitimate app. Some notice and appeal opportunity should be required before suspending a popular app by a legitimate publisher.
I'm upset, and a bit scared, but I can't say I'm surprised. This sort of random/erroneous/arbitrary punishment without explanation happens all the time with Google and other major tech companies. And every app developer I've met has experienced _significant_ disruption to their app publishing efforts due arbitrary/random rejections by an Apple app store reviewer, and this has been the case for years, so we can pretty confident that the vendors won't improve unless they are forced to do so.
There needs to be regulatory oversight of the Google/Apple app stores and the negative consequences for everyone else of their error-prone and ruthless enforcement processes.
The regularity oversight needs to address a different aspect: google is world-wide de-facto monopoly for people not owning an iPhone. At least for the most part of the freer world, China is different story.
Until Google is broken up or fair competition is not achieved, content regulation does not help. As a European I want to care about US regulation as much as about US tax laws: not at all. The US is not the world-regulator. We elect governments in Europe that have no power to do anything in this sector. I don't say Google should be forbidden in Europe, we are not China. But competition and more choice for users needs to be guaranteed by effective legislation, in practice that against Google and Apple.
They didn't "screw up". Or rather, that's not the main problem. The problem is that Google has the power to block the main channel of distribution of a piece of software.
Now, it's true that you can "just" get Element elsewhere, but the effective user lock-in into a single-corporation-controlled download hub ("app store") - that's the problem. And Google has gotten that quite right... for itself.
Now I may disagree with parts those precepts in stronger or weaker forms, but it is disingenuous to claim that the client application is exactly as legitimate as a web browser just because the client application is legally but not functionally separate from the federated network.
There are big players with clout that take issue to instability such as this. How can I rely on my company using Element when it gets pulled? Not cool Google...
To the element team, reach out to me if you can't get the support you are looking for.
If Google were to "ban" slack from their store, their browsers, etc. then you would be quite in trouble.
But with matrix, just pick a different client and move on.
Click on "Assemble GPlay Debug version" (or "Assemble FDroid Debug version" if you don't have Google Play Services), then click on "Artifacts" and then choose your apk from there.
FluffyChat would be the main contender.
But why? Matrix is tiny and no threat to Google services.
I'd personally expect three letter agencies to be involved here. The US government has been aggressively going after encrypted communication for years, with extreme tactics like personal intimidation and secret courts. Read this story about a secure email provider if you doubt it. [1]
This doesn't work so well with EU based companies, even though they have been pushing EU governments to do the same. (There recently was a leak that the encryption ban currently discussed in the EU parliament has some roots in Five Eyes efforts and that governments were pressured by the US to support it. Published by FAZ or Sueddeutsche, I'm trying to find the article...)
I also doubt that iMessage and What's App gaining "backdoors" to their encryption is purely motivated by user experience.
At a time where a lot of people want to switch communication platforms, nipping any such efforts early might well be viewed as important.
"Abusive content" is a convenient excuse that can be arbitrarily applied.
[1] https://www.newyorker.com/tech/annals-of-technology/how-the-...
It's definitely not Google style.
But I hope Matrix will get more promotion in result.
There are people here who work on mobile applications. If they depend on Google and Apple delivering their app to their clients, it's still unacceptable that they can potentially put you out of business, just like that. I already saw a couple of people here that claimed it happened to them too. Without any reason, without the ability to appeal, nothing.
Pattle also appears to have been removed. Ditto and FluffyChat at the moment appear to still be up on the store though. For those unaware, these are all Matrix clients.
> Morning all. We've had contact from Google confirming that the suspension is due to abusive content somewhere on Matrix; we're working with them to explain how Element works and get the situation resolved.
Incidentally I was always kinda surprised that the upgrade nag links in Riot Android redirected to Play store instead of f-droid
In the meantime, what is the explanation for the F-Droid version lagging behind?
If your going to argue with a straight face the this new situation is the same as Parler, your putting Element side by side with some very bad company.
However, when looking on a bigger picture of the recent takedowns and trying to make sense of it, it does indeed seem to be connected. The only conclusion that seems rational to me is as follows:
Everyone tries to push their burden of moderation on people below them, because no one can actually keep up with it. And if the moderation is not enforced, they risk being taken down by someone above them. That would explain why everyone is so trigger happy when it comes to censorship. When the WallStreetBets people were taken down by Facebook and Discord, they didn't ban the individuals who were actually violating the policy, but the entire community.
It's also worth to note, that the takedowns can be enforced selectively, as we see here - Google obviously won't take down their own browser or email client, that also allows to access abusive content - assuming that's what Element was taken down for. It's probably selectively enforced on the social media too, but I'm out of the loop on what actually goes on there, so to be fair, I cannot prove it.
If this is actually what is happening, the only solution as far as I see it, is to extend the First Amendment to social media. Another solution could be to convince the people and the media to stop pressuring companies into deplatforming other people, but that's in my opinion definitely not going to happen. So it's either applying the protections of 1A to the internet or the censorship will get worse and worse.
- Element and Matrix are growing but still not equipped to fight back at large against this, so it is unlikely to create too much negative press
- If Google starts to catch too much critique for this decision they can put it back and always blame $error
I believe Element will be back soon, the problem I see here is that it will be framed as an "honest mistake" and then become forgotten until they pull another stunt like this.
Even if these removals are temporary, they can still hurt growth. Let's assume a bit more malice: Couldn't Google just monitor and analyze metrics of an undesirable app (downloads, usage, hype), pick a critical point in its growth then "accidentaly" remove it for a few days, causing damage that isn't immediately apparent, but nonetheless long lasting?
Anyway, you may try contacting Google using EU regulation 2019/1150 violation procedure, see https://support.google.com/merchants/answer/9969397 for more information. This may be more effective than using a regular contact procedure, as it would show Google that you are aware of this regulation and they are unlikely to win.
Note that I'm not a lawyer.
>https://www.neowin.net/news/mozilla-executive-claims-that-go...
>In a thread on Twitter, Mozilla's Technical Program Manager has stated that YouTube's Polymer redesign relies heavily on the deprecated Shadow DOM v0 API, which is only available in Chrome. This in turn makes the site around five times slower on competing browsers such as Microsoft Edge and Mozila Firefox. He went on to say that:
>>YouTube serves a Shadow DOM polyfill to Firefox and Edge that is, unsurprisingly, slower than Chrome's native implementation. On my laptop, initial page load takes 5 seconds with the polyfill vs 1 without. Subsequent page navigation perf is comparable.
I have become accustomed to using multiple browsers and OSes simply because of all the issues surrounding video playback.
If it turns out this is because of specific discussions/channels then banning the Element app for that makes about as much sense as banning Facebook/Twitter for what some people said, or Google because of what some website says.
We need to fight back with things like PWAs to bypass the app stores, web socket chats, distributed social platforms, and plain old web pages to publicly document these attacks on free speech. Call/email Congress too. Get friends and neighbors to do the same. They are already alerted to this growing abuse by these monopolistic giants.
It genuinely seemed all was going to be lost until the tech industry went crazy exercising their control. Their recent (and imo unjustifiable) actions have clearly demonstrated to everyone what it means to hand over control. It remains to be seen whether people will grasp this chance to reverse the course that this rotten industry has charted and is adamant on following.
If a medium sized business is looking at communication platforms, and element is suddenly not available on the play store, maybe they’ll just Google’s offering instead.
Is Dendrite ready for use? I don't have a lot of memory available and I heard Synapse is kinda heavy on resources.
I do not recommend synapse if you don't have a lot of memory. I put an extra 8 GB stick in my server for it, bringing it to 14 GB.
It routinely likes to take more than 4GB to itself, though it has become a lot leaner lately.
On the other hand, I was expecting the bridges to me more like Bitlbee which maps personal accounts to IRC rooms. Matrix bridges seem to be more like syncing the content of a room to another.
From their github:
> Is Dendrite stable?
Mostly, although there are still bugs and missing features. If you are a confident power user and you are happy to spend some time debugging things when they go wrong, then please try out Dendrite. If you are a community, organisation or business that demands stability and uptime, then Dendrite is not for you yet - please install Synapse instead.
> Does Dendrite support push notifications?
No, not yet. This is a planned feature.
> Does Dendrite support application services/bridges?
Possibly - Dendrite does have some application service support but it is not well tested. Please let us know by raising a GitHub issue if you try it and run into problems.
I also find hard to debug because of all the errors related to broken federated servers. One thing that I recommend is to set "disable_federation: true" until you get some acceptable functionality before enabling it again.
Who would have thought 30 years ago someone would be saying "People can run any code they want on their computer" as a shocking thing.
From my perspective, decentralized, free and open source software enables and supports a range of small businesses. The replacements for tools like Element are big-tech tools ranging from Whatsapp (Facebook) to Slack (Salesforce).
My largest concern is if Apple follows suit, which could lead to large problems with our employees who use iPhones.
Google and Apple stores are like nightclub bouncers. If they don’t like you, you ain’t gonna dance. “Normies” don’t care until the bouncer picks on them.
Element (previously Riot.im) (Secure decentralised chat & VoIP. Keep your data safe from third parties.) - https://f-droid.org/packages/im.vector.app
The FAANGs now have a strong incentive to boot anything and anyone making objectionable content available in any way because that's the way public sentiment has shifted. It's really incredible to see how quickly the deplatforming chickens came home to roost. We're now shooting ourselves in the feet at Internet speed.
Banning all applications that enable access to non-moderated decentralized content is simply not compatible with a phone being a smart phone.
From https://element.io/
"Keeps conversations in your control, safe from data-mining and ads"
I don't have Google Play Services or the Play store installed on my phone nor do I want to install them. Yes, it's my responsibility to update the app, whatever, just give me the file.
As far as I know it's based on element or at least co-develop by the element so while their "business" should not be affected directly. The secondary affects this will have if it continuous does affect them indirectly I think.
The more worrying think that this is by far not the first time Google (or Apple) have taken down clients to "non http" networks. Sometimes blaming them for content on the network sometimes not saying anything. Which lets be honest is absurd given that they would have to delete all web-browsers using this arguments.
During these weeks of being at home and having lots of free time after work, I've been doing _projects_. For a while, I've been reading how people rant about Matrix always on HN, and I finally decided to suck it, install my own home server and try it out by myself.
The installation for sure requires a bit of understanding about DNS and you kind of (if you want things to be simpler) need two servers: one for your root domain and other for your matrix server. If you nail these two things correctly, can wait a bit for the DNS records to spread out in the network, you'll get the matrix federation working quite nicely.
I highly recommend using some of the automated tools, such as the ansible playbook[0] to help you out maintaining the server. It makes setting up the bridges for other chat platforms very easy.
I have to say, having one application for all my chats. The same interface, no need to install five apps to talk with people, this all is so nice. It's definitely worth the trouble, even when with Synapse you need a bit more powerful server, like four gigs of RAM is a good minimum for a server and all the bridges. Now we only need to have an easy way to install the clients, so we can help our not so technologically advanced friends to join. I think Google knows this; how in 2021 people are forming their own communities, outside of the power of the big corporations. Now Matrix is quite technology oriented, it feels like IRC back in the 90s which I really enjoy!
You forgot to link the Ansible playbook you're talking about :)
Honest question: Why is the F-Droid option a few versions behind?
Can't Google display the app page with some status banner and a reason for suspension while disabling install button, or allow installing last known "approved" version?
It's the ever more popular historical revisionism movement.
https://mobile.twitter.com/element_hq/status/135546565011484...
And I used google chrome to access 4chan. So google must ban google chrome also.
Nope. Better alternative would probably be some sort of blockchain thing with reviews baked in and maybe authority nodes (devs with experience) could validate/clear apps from having viruses/etc... or just have a reporting mechanism so apps get pulled when suspicious.
I hope that mobile computing follows the path of desktop computing, and we end up with more viable small-device OS options.
What a joke. Does google remove their own messenger platform and email app too when someone uses them to send something naughty?
Element is a chat client. It's an empty piece of software for use with your own choice of server. Element is to a chat server, as Thunderbird is to an email server. It's basically a glorified IRC client. It contains no content of its own.
Parler was basically a curated, centrally run, Facebook-message-board-replacement for neonazis, antisemites, qanon conspiracy theorists, and the lunatic fringe of the alt-right.
You can find my complaints in your inbox. It's good to know Google is taking action - will send the same complaints to them in the future since that seems to get more of a response from the devs.
not saying i agree with the decision here, but hn is sometimes so quick to blame google.
what surprised me though, is that you guys are aware of abusive content on the network and even put a "moderation" guide in place. so much good faith in people here...
> However, we abhor abuse, and on the default matrix.org server (...) we have a fairly strict terms of use (...) which we proactively enforce.
These two sentences are contradictory. Either you are a road or a road restaurant. You can't have it both ways.
The second sentence is about matrix.org
Absolutely. They've done similar things with similar apps. You just have to pay some attention to see the pattern.
Let's take video for example. They Kicked LBRY client off Play store not so long ago. (It eventually got reinstated.) They permanently banned BitChute app. Not app-related, but currently Rumble is suing Google for manipulating video search results in favor of YouTube. Look up the details, they are quite interesting.
Meanwhile, Google has an agreement with all Android hardware providers that forces them to pre-install YouTube and make it non-removable.
"Since Android 8.0 Oreo, Google doesn't allow apps to run in the background anymore, requiring all apps which were previously keeping background connection to exclusively use its Firebase push messaging service."
https://github.com/Telegram-FOSS-Team/Telegram-FOSS/blob/mas...
The real problem is that the policies are not adapting to rapidly changing conditions (i.e. yet another takedown, howls of outrage, calls for regulation), and the big tech companies have become too sclerotic to cope with that. Worse (for them), they're vulnerable to being gamed. Once people figure out that saying "Jehovah" triggers the policy, some will keep saying "Jehovah Jehovah Jehovah" just to fuck with them and grow the popular outrage.
That only happens because they deliberately put themselves in a position of market power. If they didn't have such crazy amounts of power nobody would care about their "policies" misfiring. None of this is accidental in the big picture, we're well past any window of plausible deniability with Google. They can't perpetually claim incompetence.
I don't think so. A lot of people were not aware of Matrix even, it's geek tech.
Now, just watch how this Streisand effect unfolds over the weekend.
And if this is actually a pattern with the Google Play Store, couldn’t someone design an elaborate set of traps to demonstrate this in Court?
I.e. the thing you need to show in court isnt that Google stopped selling your app in its store because it didn't like it rather that it's a monopolistic marketplace or the terms are somehow invalid or so on. These are much higher bars, especially with 3rd party stores and side loading being available and used on the platform. It's considered a battle to prove these things in the Apple ecosystem I can't imagine trying to prove them in Play first.
Big tech platform who participate in anti-competitive practices (Google, Amazon, Apple, Facebook) know the optimal time to pull the plug to flatten the curve and prevent competition from going exponential.
You mean this?
2. Where a provider of online intermediation services decides to terminate the provision of the whole of its online intermediation services to a given business user, it shall provide the business user concerned, at least 30 days prior to the termination taking effect, with a statement of reasons for that decision on a durable medium.
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
Firstly, I'm not sure whether they really terminated "the provision of the whole of its online intermediation services" or just suspended the one app store listing.
Secondly, there are exceptions:
4. The notice period in paragraph 2 shall not apply where a provider of online intermediation services:
(a) is subject to a legal or regulatory obligation which requires it to terminate the provision of the whole of its online intermediation services to a given business user in a manner which does not allow it to respect that notice period; or
(b) exercises a right of termination under an imperative reason pursuant to national law which is in compliance with Union law;
(c) can demonstrate that the business user concerned has repeatedly infringed the applicable terms and conditions, resulting in the termination of the provision of the whole of the online intermediation services in question.
In cases where the notice period in paragraph 2 does not apply, the provider of online intermediation services shall provide the business user concerned, without undue delay, with a statement of reasons for that decision on a durable medium.
So it all comes down to what their reasons for the suspension were.
EDIT: Just saw this update: https://mobile.twitter.com/element_hq/status/135546565011484... So they revealed their reasons within 12 hours, which I'm going to file under "without undue delay". (But did they use a "durable medium"?)
That said, the reason for removal provided by Google seems to be nonsensical ("abusive content somewhere on Matrix", really?), so mediation should be effective here. This particular reason easily applies to an application like Google Chrome, and EU regulation 2019/1150 requires differential treatment to be documented, which I don't think it is in this case.
No.
I visited my parents church at the beginning of this year and very few people were talking about that. What they were talking about is giving up on smartphones and social media altogether which is probably not a bad idea.
That's incredibly encouraging to hear. It seems to be a common feature of "I quit Facebook/Twitter/whatever" accounts that once you break the immediate addiction there's no real urge to go back, so if this does happen it should have a decent chance of sticking.
(And as a mobile refusenik I sometimes feel like the last holdout left, so a bit of company would be nice.)
But now, perhaps when sufficiently large numbers of people realise that what "malware" means to the big corporations is different from what it means to users, we'll have another mini-revolution back to the independent sharing and community trust model that the industry tried to eliminate because it would subvert their control.
I don't want to get too political here, but after seeing the outcome of the US election, and the events from then until now, I knew that stuff like this was going to happen.
Any mastodon app that refused to blacklist Gab got banned from F-Droid or something like that.
It is the perfect example of why I don’t even bother with federated projects. It’s just “wouldn’t it be great if _I_ were in charge?”
If that’s the situation, I’d rather Big Tech be in charge because at least they have some name recognition and hierarchy for decision making. Nobody cares if pizza-witches wrongfully broke terms. With Twitter at least peoples’ ears perk up.
In other words, there’s no rules in the alley. But there are rules in the town square.
EDIT: This is mentality I find hilarious. It's either I can something for free or I can't get it at all. I think freedom in this case is about having something with little expended work.
There was no requirement to blacklist gab. Mastodon clients on f-droid are allowed let users use Gab.
What f-droid does not allow is apps preconfigured to connect to Gab, or who's primary purpose is to connect to Gab.
There was even a petition to have fdroid remove an app (fedilab) that had a blacklist to disallow Gab then removed it, claiming that removing Gab from the blacklist was specifically endorsing it, and there were some people who tried to claiming that not apps that were not blacklisting Gab when other apps did meant those apps primary purpose was to connect to Gab, but f-droid weren't having it: https://gitlab.com/fdroid/fdroiddata/-/issues/1736.
However, they did consider an app that was a straight fork tracking another with the only change being the removal of a blacklist to be disallowed.
The "build your own if you don't like it" answer is often absurdly impractical, but not here. Someone who feels it's important can put up an alternate repo containing clients preconfigured to connect to Gab and even an alternate build of F-Droid preconfigured to use it in an afternoon.
1. You download the apk
2. When you try to install it, it tells you it's from an unknown source and the installation was blocked to protect you
3. You tap "settings" and flip a switch to allow installing apps from your browser
4. You go back and tap "install". That's it. It's done. And you won't need to go to the settings the next time, it'll just work.
I don't deny the utility of app stores. My point was about the freedom of platform at a capability level.
Before, network effect makes Twitter/Google Store/AWS etc dominant over alternatives, because everybody could be on there. There is no reason to use XXX, because why not Twitter.
Now that they make it clear that they are not unbiased moderator, and they remove apps/people from their platform, a bunch of people become refuge. Alternative stores and social media become viable, because they could grab those audience. I can see that in the next few years, we will have more fractured platforms.
> because both sides of politics can only see as far as the next election, they will just use this to their advantage to deplatform their opponents
Meanwhile, there are other countries.
At first, the authorization is very permissive and the unauthorized channels or devices are very rare. People begin to buy the tv, and channels begin to optimize their content around it. Other tv lose their market share, and begin to adapt "google tv" architecture to sell their own to survive.
After 10 years google begin to unauthorize some channels, in prefer to their own which launched 3 years before, as well as consoles in preference to stadia. The ban is same with these similar cases, where it's framed as illegal content, or error. But it's happening often.
Is google in the wrong here? IMO it's debatable.
The Trump/Parler ban is largely the chickens coming home to roost; that crowd energetically supported all of this that wasn't personally against them, a lot of the modern US right is second-generation inspiration from the anti-Islam "Ground Zero Mosque" controversy and people like Pamela Geller (long forgotten.) Another anti-Islamic precursor to this has also been the constant anti-Palestinian activism at every university, and a good example of the career direction of the people who energetically participated in that is Bari Weiss, who now cries about cancel culture (which is both real, and responsible for her entire career.)
Now, with all the recently converted lefty Millennials minted over the last two elections still mostly seeing the world through the lenses of Obama Democrats, they've come to agree that the only real problem is that not enough people are censored. That's unanimity from left, right, and center.
The Parler dudes are just lucky that they haven't been arrested for material support of terrorism yet.
a) happy about this or
b) unhappy about this
I'll give you three guesses.
To spell it out more clearly, here is a great place for one's opponents/competitors to be stuck in - authoritarian enough to eliminate any advantages of liberty, but not authoritarian enough to be efficiently coordinated.
If you update the application, Android will check that the certificate of the current version matches the one from the update before allowing you to install it.
The problem is that this requires a long running background connection.
And guess what Google tried to kill for battery saving purpose since a long time (long running mostly sleeping background processes). But then on Google in difference to Apple it's still possible (but less reliable) with the right setup and fully possible with a "proper" de-googled phone.
So depending on your setup you might either:
- not get notifications
- get them unreliable
- only get them if the app is open
- get them just fine
Also this might change from app to app, there clearly will be apps which will not have any 3rd party notification broker fallback, but given how Google doesn't have 100% delivicery guarantees they still should have (potential delayed) message syncing when the app is open.
Sometimes I get notifications, sometimes it may take hours for me to get the notification.
I rarely use instant messaging for important things, and when I do, I make sure to check my phone often so I don't miss the messages.
Is this stupid? Maybe, but I'm not going to install Google's closed source crap on a device that I carry almost everywhere. If that means I become a social pariah, then so be it.
You're suggesting the challenge was created by Google and that so and so managed to navigate it successfully by obeying Google.
But we don't even know what the issue was. And if the issue isn't available to the general public through transparency or something like an FOIA request what is really being celebrated is the power of a corporation to control free speech over a protocol intended to wrest control of free speech back into the hands of people in the first place.
Limiting access to information such that it cannot be independently verified is far more sinister and nefarious — not to mention consitutionally unsound — than the threat of the bad actor sharing the info in the first place.
In the wake of the temporary Parler shutdown all of us need to be paying close attention to how we receive information. These things cannot be left up to anecdotal stories which delve into little to no detail.
Anyway, Matrix.org is hosted by a foundation with an independent board. You can ask them if you want but given your post you already know full well why they are not sharing. No one is going to do a press release to say they were involuntary hosting CP or helping terrorists. What good would come out of it?
Oh, wait. We’re still a decade away from that particular dystopia, so I’ll guess kiddie porn or actual planning of terrorist attacks.
It seems you guess wrong. The Element guy did not mention any illegality, which is what makes me suspicious.
This is what truly destroyed the open, federated web: humans being disgusting animals.
CP should be removed at the source, by doing everything we can to take care of kids and preventing abuse and related photography. And CP trading rings should be busted.
But individual pedophiles should be helped with their mental health issues before they act and become pederasts. The subject is so toxic that nobody dares go to a therapist with their issues. There was a recent documentary about it: https://www.idfa.nl/en/film/bb3cd43c-169a-48db-9fd6-e4cbae0d...
Coming back to crypto. Who cares if the images are shared using crypto or on paper or on usb sticks? Once you find a pederast, law enforcement should convince (without torture or similar tricks, offering therapy and help will probably be more effective) them to help expose their network. Same with any activity that is using encrypted communications: https://edri.org/files/encryption/workarounds_edriposition_2...
I guess that's sarcasm? I can't even eat a sandwich outside without fearing that it will be considered a picnic and get me arrested.
In the explanation to a company I see nothing wrong. In the tendency to make employees agree to arbitrary ToSes, I see massive liability that should be dealt with using a massive class action lawsuit against some behemoth.
I actually think federated protocols are a get out of jail card for employers since making your job related to owning a car is reasonable, to owning a specific brand of car is not.
We have a new corporate policy that removes your access to anything related to O365 by Date. The only way to remediate this issue is to install InTune and the corresponding corporate security office's profile so it can enforce our policy on the device. If you qualify for our corporate device program, we will cover the cost of the device and data plan.
Sincerely, CTO
Honestly, it's very common at the largest public corporations and most corporate r&d groups in the US. It's not like we don't already do black box development or have strict vpn only enforcement rules. I wonder how risk assessment sees these kind of federated protocols because in theory you are right about it reducing liability if they run the system.
Maybe places like google are different, I would not know but I’d be surprised to learn that there’s any publicly traded company that does not exercise total control of their machines.
If you don't have anything to contribute other than a sarcastic comment that misses the point of my statement then consider not contributing at all.
We have a new policy - Google 2012
The Matrix team is doing a LOT of cool stuff. :)
The Matrix developers could, however, set up their own F-Droid repository and publish their own (automated) builds there.
If Matrix only facilitated private communications then they could probably tell Google to piss off but they became a social network when they included public chatrooms.
It sounds like you'd want puppet bridges. Each of your conversations on the remote side has a corresponding room, and what you say in that room is forwarded by the bridge trough your remote account.
You could try out dendrite.matrix.org as a homeserver (btw, dendrite would nicely fit into these 4GB). Most bridges need admin access to the server though, if you want to host them yourself. t2bot.io hosts a few you'd be able to use with your own dendrite, though it hits capacity problems at times.
Finally, you could try to make synapse leaner by not joining big rooms with hundreds of federating servers. There is a max_complexity (something like it) setting for that use case.
I meant with dendrite.matrix.org. I suggest anyone with their own server should self-host their bridges, for performance and privacy/security.
Ideally you could set up reproducible builds and make sure that the version in the default F-Droid repo stays up-to-date, but reproducible builds may not be practical for you right now (I'm not sure). Barring that, as you mentioned in the blog post, setting up your own F-Droid repo with self-signed APKs is a good option.
I haven't yet played with Matrix nearly as much as I would like, but I love the vision. Thanks for your efforts!
Also nice plug for F-Droid; they're doing good work as well.
That's great to hear as well.
When you have 100,000+ employees, it's not trivial to just switch up communication platforms.
In e-mail terms: - Element is like a mail client - matrix.org is like a given community of mailing lists
In IRC terms: - Element is like an IRC client - matrix.org is like an IRC server/network e.g. Freenode.
Each server has the freedom to enforce its own policy. Given that the matrix.org server is a kind of a public face for the protocol, it makes sense that its policies are more mainstream.
There is nothing in the protocol itself (nor in the official Element clients) enforcing any kind of content policy.
That's cutting the hair mightily fine.
However, some fdroid users asked for its removal. They felt removing the blacklist feature, which had previously only blocked gab, was itself an endorsement of Gab and indicated the app's purpose was to access Gab since the other available mastodon app (Tusky) still had a blacklist.
fdroid did not agree and fedilab is still available.
OpenTusky was not allowed as it was literally Tusky with the server blacklist removed, created in response to Tusky blocking Gab. It also advertised this in the app description, so fdroid judged it to be primarily for accessing gab and removed it.
https://wiki.debian.org/Mobile/Nokia_N9
I loved the N900 to, of course, but as a phone the N9 running MeeGo v1.2 Harmattan was superior day to day (for me anyway).
On Android, APKs are almost always signed by default (even if they're only self-signed).
how do you recoup your investment then when making software? wont everyone just pirate/duplicate it?
I don't see how that makes Element responsible for matrix.org content. Thunderbird offers getting an email address via gandi.net in their new account page. Does that mean that Mozilla is suddenly responsible for all emails (like spam) coming out of gandi?
Paler, maybe? or Parter?
If you move from iPhone, where would you go?
Sounds heroic, but maybe does not help anyone? And if you really cannot tolerate closed source, than what kind of hardware do you use? As far as I know, they are allmost all closed and locked.
Pine64 is a fresh breeze, but they are also not free(nor stable) yet.
My workaround is simply, that I have a mobile, where I can remove the batterie, then I know, it is turned off.
Most importantly your app (and server) needs to be build to be able to fall back to a 3rd party message broker. But the common fallback is to just sync messages from time to time in background if the app runs as it's "good enough" for the case Google is temporary down or not available or you are one of the (from the App POV) view people which de-googled their phone.
If that were true, web browsers would be in trouble.
The thing you did with software direct from the developer used to be called "installing" but now the platform companies call it "sideloading" which sounds like something that would cause an airline to lose your luggage.
I dunno if it's possible to do this kind of filter on Matrix.
That said, if they go with this argument, the precedent would have to apply to all other unfiltered, federated messaging clients, including those for IRC and email.
On the store that you host you can also choose to enforce whichever rules you like.
Plus, they were talking about Gab there. If you think you're going to write the next Gab or... Pander or Flander or whatever that website was that allowed people to plan storming the US capital, then you can still have your own store.
However, the non-profit Foundation (https://matrix.org/foundation) was set up in 2018 with myself and Amandine deliberately in a minority control position (2 of 5 directors, called Guardians) specifically to address this concern - to protect Matrix from Element’s commercial activity, in case we ever went rogue.
As it happens, The Foundation farms out hosting and admin of the matrix.org homeserver to Element (which makes sense, given the Foundation doesn’t have employees and Element was already running the server), but if Element ever went evil, i am very confident that the Foundation Guardians would kick in and make a course correction.
MDM infra is big bu$ine$$, but DPCs are quite simple to write.
(Psst. They also let you read CPU usage on Android 7+ (sadly not per task, but at least with per-core granularity). The catch? Installing a DPC requires a factory reset. xD)
Some will, some might run a more open org, with a lot of rather independent contractors, focusing on providing services on standard platforms (email, chat, wiki, bugtracker etc).
The real problem is indeed how much power society has given these corps. It's time to take back some power or we will never be able to.
There is simply no way to suppress content as long as there's enough demand. Somebody's always going to find a way to deliver. That's even true for really illegal stuff like drugs, copyright infringement or child abuse material, but so much more for content which is legal.
What on earth are you talking about?
1) As far as I am aware, there is no "HSTS preloading blacklist". I'm not sure what that would even mean.
2) HSTS preloading is not a prerequisite for creating a PWA. Nor is presence on the HSTS preload list (not "blacklist") an obstacle to creating a PWA.
There is an absolutely unprecedented shift going on as we speak, one of those groundswell events that have the potential to shift usage habits of hundreds of millions of people.
We got a taste just recently with the shift away from WhatsApp based on a TOS update. Imagine arguing last year that ten million users would jump ship based on a TOS change?
Matrix, and services of its ilk, are absolutely an existential threat to Google in the next 20 years.
Don’t forget that Google has all the threat intel you could possibly imagine from their existing analytics platforms. They will see the shift coming before anyone.
I can absolutely see them acting now to try to disrupt the initial rumblings of a seismic event that has the potential to go totally viral and popular sentiment shifts against megacorps.
Killing them gets exponentially harder over the next 6 months if there were a successful campaign across the internet to switch to these services, and 2021 is very close to seeing a very significant grassroots campaign like that truly take off. Certainly the time has never been better and the populace never been more primed to make the move out of the walled gardens.
How is Matrix a threat to Google?
In their world view, every single minute per day spent looking at screens that don’t have Google ad targeting is a minute that a competitor is stealing value from Google.
A matrix user identity will eventually compete with a google account.
When google accounts are considered as important as myspace accounts, then much of their surveillance loses relevance.
Conjecture on my part: it's a threat to the ad spend Google gets from Facebook.
An NSL would be handled a lot differently than removing an app from a single app store for sexual content. Every indication so far points to it being a mistake by Google.
From less than a week ago: https://arstechnica.com/gadgets/2021/01/googles-bots-decide-...
But if you always discount such events as coincidences, you risk remaining blind to emerging patterns.
Maybe the real reason will be pressure from the government to hurt the ones like Huawei a little more, maybe it will be the need to squeeze more money, or maybe the need for censorship because those evil alternative app-platforms allow whatever unwanted stuff.
Google standing in Europe is already really shaky. They keep taking fines after fines for abuse of their dominant position. That won't last forever. If they close the ability for other stores to exist, the best case scenario is the EU giving them a huge fine and forcing them to go back. Worst case is being force to split Android out of the main company. Google knows that which is why they will not do it.
Just go reread what gp wrote. He basically said the exact opposite of this. You are putting words in his mouth and interpereting his comment in the least charitable way possible.
They are in the same boat as parler in the sense that another communication platform not owned by a big corp is being targeted and removed.
Matrix likely will come back for some of the reasons you mention . But fact is google and apple arbitrarily without warning or notice remove apps from their store. The stores should be considered utility like electricity google should not able to refuse service randomly.
Parler is owned by the Mercer family, of Renaissance Technologies fame, one of the most successful hedge funds in existence. They are personally worth tens of billions of dollars.
Also just cause they worth billions means they will back parler with billions. Parler itself is pretty small fish financially speaking
A large portion of these protests were planned on Facebook, Instagram, and YouTube: https://www.washingtonpost.com/technology/2021/01/13/faceboo...
...should they be removed and silenced because of it? Or should all of these gigantic tech companies with the checkbooks to provide exhaustive moderation enjoy their 230 powers while denying the right to all of the little guys?
Parlor and Gab are fairly harrowing examples of what happens when censorship occurs. People leave platforms with diverse views and head to echo chambers. Those folks end up having stronger, more radical opinions because they were forced into a corner.
No one has ever given me any compelling reason for censorship. Hate is defeated in the open, it is fairly impossible to deal with in private channels. Censors also cannot censor everything, so content always slips through the cracks.
Did not know this, you have a source for this?
That should be yelled at every FOSS evangelist, those people who claim everywhere that no one needs Windows, because Linux has everything Windows has, just better, etc.
We FOSS developers are free to do what we want. Most of us develope mainly for pleasure, not to ease the workload of some corporate helpdesk.
I'll go even further and claim that "user choice" is code for, "warning: nobody in this space is competent enough in UI/UX to derive pleasure from working on it." In fact in mastodon's design, it's not even code-- the "choice" of servers by topic is literally a limitation imposed on the user before even signing up. So the very first part of the UX has a circular dependency-- choose a server to try out the service and discover which server most suits your interests. It'd be like Google redesigning search so that you have to type subreddit-style topic into the URL before searching.
Additionally, this "choice" meme seems to conveniently disappear for software that has a thoughtful UI. I don't see anyone talking about the downside of Krita not having multiple other half-baked UI's than very impressive one it ships with.
The default matrix.org servers are federated.
In terms of what the default Element install presents to the user upon launch in its GUI, I think it does offer the 'official' matrix.org servers as a place to create an account and sign in, start browsing 'rooms'.
what is the actual state of matrix e2ee today? (or is that question silly because it depends what the individual matrix clients chooses to implement).
I'm extremely excited about having a federated e2ee messenger, however as a "Lawful-Intercept" realist, I don't have a lot of hope that it will not get forced to comply with current EU regulation proposals, that prevents Matrix from fulfilling its promise as fully e2ee. (e.g. the future that we're heading to in the EU is the same as 5/9-eye countries: there will be a "legal" way of encryption and another one that is illegal, all depending if access can be given to 3rd parties / LE...)
[1] (Sad) state of E2EE in Matrix clients (from 2018): https://www.reddit.com/r/privacy/comments/9avyen/sad_state_o...
Why do you say there will be, as if the future is predetermined? Perhaps we should re-evaluate that and help prevent it from happening instead of complacently stating something as if it is a foregone conclusion?
Your words matter here. The way you are using them is helping materialize the future you do not want.
With Matrix you have the choice to use whatever server or client you like, which makes it difficult to censor.
But given E2E and the Sealed Sender[0] functionality, they could only suppress messages based on the recipient's user ID, not based upon message content or the sender's ID. This all or nothing approach is a rather ineffective method of censoring – it basically just amounts to banning a user account. I wouldn't even call it censoring in the first place as that term, at least to me, refers to a more selective and refined approach.
> (And they do, for example you can "delete" your messages that are stored on other clients.)
This has nothing to do with censoring and nothing to do with Signal controlling "both server and clients". The Signal developers simply extended the protocol to include "delete" requests for previously sent messages. The client app still needs to implement the actual deletion, though. You could easily compile the Signal app yourself with that functionality removed and then nothing would get deleted from your message history anymore.
I mean, sure, 99% of users are not going to do this. But this is no different in the case of Matrix, where most people just download the default apps like Element from the app store.
So I don't even understand what your statement
> they control […] clients
is supposed to mean. Yes, they write the source code. So? Someone has to produce and maintain the source code and whoever does it will obviously be in a position of power. Producers are always going to decide what they produce. Consumers don't get a say in this – unless they become producers themselves (and in case of open-source software) adapt the product to their needs. Again, this is nothing new and is the case with Matrix, too.
To put it in terms of your logic: it that were case, it means Signal is not secure.
It seems this always requires the /sarcasm tag. =)
https://play.google.com/store/apps/details?id=org.linphone&h...
that's just a random example I thought of since I use it, but I can also think of a lot of other Android apps that I'm fairly sure aren't using any client-server communications mediated through google firebase, yet they continue to function while backgrounded on android 10 and 11.
This is a terrible UX, my notification center is useless because I always have those apps in there (KDEConnect and Syncthing for example)
https://developer.android.com/training/monitoring-device-sta...
https://developer.android.com/guide/topics/connectivity/sip
I haven't looked, but I'm sure just like Firebase, services get a special exemption to receive SIP notifications.
Linphone, Zoiper, etc can show a badge in your notifications menu/top bar at all times and get semi-reliable access to run in the background, but expect to miss 5% to 20% of all incoming calls. Firebase push notifications are mandatory if you care about battery life or reliable inbound calling :c
If I recall correctly Samsung modifies the standard android dialler to disable this functionality. Or at last they did in the S5 that I used.
Android is much more open, you can download Firefox on Android and it will infact be Firefox.
What would be more scary is if the force all browsers on the Google store to implement and enforce the same deny list.
The GP said software should be bought like everything else... but everything else can’t be easily duplicated and shared... so how will that work?
So the problem is: you break capitalism, hard.
Indeed, people made that point, but I don't see how this is a useful distinction. Parler (the app) that Google and Apple removed is also just a client, that facilitates access to Parler (the social media website) that can be accessed via other means, e.g. a web browser. And Google and Apple didn't really have any problems with the app itself, which has no content on its own; they wanted different moderation policies on the website. As they have no direct control over the website, they acted against the client app; it was Amazon that took down the website.
One difference might be that Elements and Matrix have different developers and Parler (the app) and Parler (the social media website) have the same owner. But again, this is not a meaningful difference; e.g. if Google and Apple had problem with content on Reddit (the website), surely they would remove both Reddit (the app) and all 3rd party clients, Apollo, Boost, Sync, etc, at least those that fail to actively censor the objectionable parts of the website in the app.
So Apple/Google saw Parler (the website) as having dangerous content and took it out on Parler (the app). If they are justified in that; it is not a big stretch that they saw Matrix (protocol) as having dangerous content and took it out on Element (app), and presumably other clients. I don't think whether it is decentralized or not matters from an app store policy point of view.
Two companies having the say on which programs almost everyone can run on their mobile devices, especially on the iOS side, is a huge problem, that becomes increasingly evident as they start to flex their muscles.
That’s a big “if” though. The “abusive content” angle is just a working theory. It could just as easily be Goodge taking a dislike to a website link offering donations outside of the Play store (or something equally mundane).
The problem is, until Google respond, we have no idea why the takedown happened.
And here lies the real problem: without Google being transparent about their takedowns it leaves app developers in a difficult position where they can’t really support their uses.
The one slight good thing from all this is that at least with Android you can side load apps (which is more than can be said for iOS).
And just to be clear, I'm not saying that the accusations of censorship and calls for regulations are dishonest on our part. I really do believe that what they are doing is censorship and they need to be regulated.
> Morning all. We've had contact from Google confirming that the suspension is due to abusive content somewhere on Matrix; we're working with them to explain how Element works and get the situation resolved.
There's a much simpler explanation: Google wants as much of your communication as possible to go through them or their partners, so they can monetise it. People using Parler or Matrix don't leak any information to Big Tech, so commercially it makes sense to deter people from using apps like that, and they'll use whatever excuse they can get away with.
To support my explanation, see for example this:
https://www.theverge.com/2020/10/25/21532883/paypal-cuts-tie...
PayPal terminated Epik's account, because they refused to kick out Gab. I believe there were a couple more cases where the money people pressured companies to do things like that. My memory is getting blurry with this though, so I can't point you to the articles.
And that leads me to something even more important. Gab was not only kicked out off their domain registrar, but the owner's family was blacklisted by Visa. So the social media is actually the least of my concerns right now, the most urgent thing at the moment is regulating the banks, so they can't terminate your account for no reason. Because they will come after your money at some point. And good luck paying in cash in a middle of pandemic.
The first amendment works now by having clear boundaries between private and public spaces. Public spaces have clear first amendment protections. I can hold a sign on a publicly owned sidewalk (well, public right of way) begging for money or praising 'bong hits for Jesus'. But private spaces do not. I can't do the same thing on your living room. This allows folks to exercise their freedom of association, which is a pretty big part of the first amendment.
Where and how do you draw the line between public and private spaces then in an online context? Should the government be required to host unmoderated and uncensored discussion boards? And how do you keep the unregulated public spaces useful when such spaces are easily overrun by trolls and spammers?
https://en.wikipedia.org/wiki/Pruneyard_Shopping_Center_v._R...
As to how you would implement it, Poland recently had a proposal that if you were banned from a social media website, you can appeal via the government in a certain period of time.
https://news.ycombinator.com/item?id=25736155
I'm not a lawyer, so I might be saying a bunch of nonsense here, but you could categorize the social media into topical (eg. HN is about technology) or "general purpose", off-topic services (Facebook, Youtube). Or just do it by the size of user base. Facebook has like a 2 or 3 billion users, let's not pretend it's the same as a comment section on your blog.
It's just to throw some ideas around, because again, not a lawyer, so I can't come up with a robust policy on the spot and take care of every potential loophole.
I would love this, personally.
Huh? The AOL you're thinking of included an enormous cross-section of the population, with no controls on who could talk to who. If the Internet is unsafe, then so is AOL, because they're the same thing.
The irony in this case is that the speech that is attempted to be censored isn't even illegal. (at least in the U.S., where our liberal, cherished "anything goes" approach is enshrined in the Constitution.)
This simply argues that they’re special-casing against non-established systems — if you applied it uniformly, you’d trivially lose things you obviously want to keep.
That is, this is a stupid operation that is at best sponsored by “think of the children!” Mothers Against Everything foundation.
The above are use daily for extremist content, CP, circumventing numerous national laws in numerous places...
Hard to draw the line.
If you run a monolithic, centralized service specifically designed to avoid censorship, and you don't moderate what users do on your service, and some of those users hurt people with your service, then you should expect your service will be shut down as Parler was.
And if you do the same thing, but separate the front end from the back end, and have different entities run them to provide legal separation, while practically and functionally the result is identical to that of the monolithic centralized service and your system is used to hurt people, then you should also expect that whatever components can be deplatformed will be deplatformed.
Emails are always coming up in court cases etc. as people regularly use them to organise or discuss criminal acts, and it is sometimes used with E2E encryption so nobody can intercept and police the contents. I'm not convinced you've drawn a clear line. When is a protocol client responsible for the content shared or accessed with it, and when is a client not responsible for it.
It's amazing to see how far we've fallen - to be at ease with the idea that there can be no such thing as a private conversation, and therefore that any private conversation is by definition illegal.
Any crime should require an actual victim. Which means there is evidence of it happening. You don't need a permanent record of everyone's conversations to uncover such crimes, police just need to do the job which we pay them for, which is to investigate.
CP and terrorism are both disgusting, horrible things, but even those are not worth losing all our basic human freedoms over, or we won't be left with a lifestyle worth defending.
For some people (although maybe comparatively few) it's primarily about building a more robust Internet that works also if centralized service(s) disappear
Why would we accept this? We don't even accept the situation in which Google is _able_ to censor anything for the general public.
What's more, this incident is evidence that we need more decentralization, not less. In instances where decentralization is either already working or is up for consideration, we should encourage it, not try to eradicate it.
"Publishing signed binaries from elsewhere (e.g. the upstream developer) is now possible after verifying that they match ones built using a recipe. Publishing only takes place if there is a proper match."
https://www.fastcompany.com/4032442/its-still-pi-day-so-we-d...
And yet...
https://www.nytimes.com/2021/01/17/technology/google-faceboo...
You can view child porn on Chrome, or receive it by email, or download it by Torrent. Yet I don't see anyone banning web browsers, email clients, and Bittorrent client.
The point is that this is well explained by something other than conspiracy.
btw. most of the time only the session is unencrypted, not the media. when sip uses sips it will encrypt both the session and the media. but the latter is pretty uncommon and most often you wil see unencrypted session and an encrypted rtp stream. this is still the default, even deutsche telekom does it like that by default, even in their commerical offerings like "cloud pbx", because you would need to pay extra for the encrypted session.
and btw. sip over tls mostly means that the call is encrypted, but the sip messages aren't.
I'm still looking for a guaranteed push service/library.
https://old.reddit.com/r/Android/comments/96l0at/sync_for_re...
https://old.reddit.com/r/Android/comments/6dwv1f/boost_for_r...
https://old.reddit.com/r/Android/comments/5fqrr8/now_for_red...
Except of course Google's own applications. Gmail, Hangouts/Meet/whatever-it-currently-is, Chrome.
Luckily it's not possible to display illegal content with Google's own apps /s
I remember when my nephew got groomed on Google Plus, I was way to naive to think that this would not be occurring in Google's walled gardens. But in there, it turned out to be quasi-public.
Perhaps one day they will make this argument to justify having to spy on everything you do with their software.
That is genuinely horrifying and I'm so sorry for him and your family.
And what about Chrome or Web Browser? Or they going to have built in Filter for website? Although without the reach of Google Search Engine having a filter or not makes no difference anyway.
But it is great they are doing it, the more the better. People were extremely supportive on HN not long ago about banning speeches they dont like on Internet. Hopefully they finally learned something here. They opened the Pandora Box and there is nothing anyone could do until the Pendulum swing to its limit before swinging back.
For all the chaos, the Internet continues to be surprisingly consistent with one set of rules for BigTech and friends and another set of rules for the rest.
EDIT: this ties in to the conversation I had on different platform recently, that it's getting arduous to make people understand that an app is not necessarily the same as the system behind it. Choosing an email client used to be a thing (Thunderbird, The Bat!, Outlook Express, mutt, etc; to name some across contrasting needs) not even too long ago. I despise that we came to a world where even the tech moderation fails to understand an app != protocol.
That is also why I was rather sad when Microsoft announced that they won't develop their own browser engines any more. I disliked IE as much as anybody else, but what I did like was the competition. With Edge switching to Blink, essentially becoming yet another partially-degooged Chrome, part of that competition is gone.
If you want to go cheaper and have only 300-400 Mbps of bandwidth, I've heard lots of good things about this provider:
Note that many significant improvements have landed very recently, for instance the chain cover stuff which significantly improves handling of rooms with frequent membership changes (such as the aforementioned bridged IRC rooms).
That said, this isn't an average but a spot value. It frequently falls below 8% (though typically stays above 5%). Note that this is a cheap and relatively weak VPS.
I'm not saying Matrix is terribly lightweight. I'm saying you can easily run a small personal instance on a cheap machine without any performance problems.
The fact that we can now run it on a VPS is an improvement, but it is still orders of magnitude heavier than equivalent non-decentralized systems.
Like nearly everything, "secure" is a spectrum and not binary. On that spectrum, Signal is overwhelmingly more secure than most messenger apps people actually use.
To me, Ricochet is the most secure instant messaging app for desktop. It would be even better were it to use Onion v3, and if it were available on Android, but then again, I do not really consider my phone secure by default with all the Google crapware. I disabled the default Google keyboard and downloaded one that does not require Internet connection and that is not related to Google in any way. It is so silly that I cannot even delete any apps that came with my phone. So they say its storage capacity is 32 GB. Half of that is spent on crap that came with the phone, splendid. In any case, I am going off-topic here so... :)
?
1. I install synapse (a matrix server) on my own machine. I install Element on my own phone. I connect one to another, and via the server to other servers.
2. I install a client that connects to reddit. Same reddit as everyone else. Same reddit as the reddit website.
There is a rather significant difference, isn't there?
EDIT addressing the 'hate speech' part, you are correct. If one reddit client is banned, all should be banned. But that is not true for communication apps, like Element.
To go from that narrow assertion to "ban email apps and probably the Internet itself" is fallacious reasoning at its finest.
There's no rebuttal by refuting any of the premises or finding logical flaws, just straight to the end of the world as we know it.
You didn’t argue this, and I’m not clear that matrix or similar technology makes any direct, intended or significant effort to do so beyond the much broader, all-encompassing goal of “let nothing be unavailable”. But if true, I might be more inclined to agree with you.
What you did argue is that
a key use case for federated messaging platforms is to evade censorship
Which is wholly different, in that the usage is at fault, not the protocol in and of itself (in the same fashion that Bitcoin was not designed to facilitate drug trade, even if it’s a key use case driving its valuation).But we also know that illegal activity is a key use case of the internet, of email, of encryption and a wide variety of other decentralized and federated technologies. This is hardly a good justification because you’ll ban all sorts of good things.
The only thing that protects your argument against everything else is that you arbitrarily limit it to non-established technologies — in the name of all that is good and wholesome, you would kill anything like the internet, email, etc, that is not itself the existing technologies.
A web browser is only more legitimate because the internet is more broadly used. Which isn’t much of a case for legitimacy.
https://www.vice.com/en/article/n7vq4k/thousands-of-users-un...
IOW, even though they say they don't want to control your conversation, they do want you in their hands.
_A_ conversation is held there, which presumes to be _the_ conversation.
The only "social media" I use is Reddit, but it isn't/I don't use it as they person centric networks like boomerbook/twitter.
In a similar way, I can't quit smartphones for encrypted messaging and navigation (not even Google Maps, but OSMand).
Now it sends half of your data to Google and the other half to Microsoft. That's an improvement, they decentralized spyware.
However, I was just saying I cannot stay out of those dumpster fires. Sooner or later, I think to myself "Well, I wonder what's up in the world otherwise. Let's check out /r/all for a moment."... And there we go.
It's not like other people are idiots and I am in control over addiction, impulse, outrage and dopamine. I have spend waaaay too much time on reddit. I hate it, for what it is. Yet, I can't manage to not use it for a prolonged time. Too many niche forums I depend on, and I simply can't tolerate linear, unranked forums anymore.
Can you run it? Sure. Should you?
Please excuse me for being direct, I do not accept your defeatist attitude on this one. You won’t have stickers, such a shame, but you would have the ability to create your own signal service
That's bearable though unpleasant when you have one or two pieces of software that rarely get updated, that's absolutely impossible when you have 10+ pieces of software - you'll sit there for 5 minutes just approving install prompts every week, which isn't something a normal human is going to do.
It doesn't help that FDroid is pretty broken, and constantly pops up notifications about updates that don't work/aren't actionable (i.e. tapping the notification doesn't result in an install prompt followed by a successful installation, instead I get various errors etc.). Also, apparently the FDroid review process is even slower than the Play store review process.
Yes — because that's something reserved for privileged system apps. You have to root your device to take advantage of that, or make a custom ROM with the alternative store in it. Having that ability as a permission you could grant to any app is an immense security risk. But then there are "device administrator" apps that can literally factory reset the device... I don't know. Maybe package installation should be part of that. Especially now that the legacy permission model was taken care of — if you install an app that doesn't support runtime permissions, you'll get a list of its permissions with toggles next to them when you run it for the first time.
> you'll sit there for 5 minutes just approving install prompts every week
Unpopular opinion: well-made software that serves its user doesn't need to be updated very often. Remember how you bought a program on a CD and used the exact same build for years?
> Unpopular opinion: well-made software that serves its user doesn't need to be updated very often. Remember how you bought a program on a CD and used the exact same build for years?
Sure, I'm even old enough to remember this but on cassettes and floppy disks! But - software now is much more complex than it used to be - most software has dependencies on other libraries/frameworks, and has to deal with communication and encryption (where it is all to easy to make subtle mistakes). IMO, for security reasons alone, it's no longer realistic to expect software without at least occasional updates.
A risk to whom? There is no permission that is a "security risk" so long as it's the device owner granting that permission.
The nice thing is that once the DPC is installed you can `adb install -r` (reinstall, ie update) it without needing to factory reset. Just don't uninstall it accidentally :D
Does this actually matter? On the desktop it's normal for apps to update themselves. Is there some fundamental reason an Android app cannot do this too?
> And you won't need to go to the settings the next time, it'll just work.
You will still have to find the apk when there is an update, download it and confirm install. There are still three steps to update the apk compared to Play Store's one tap (or even zero clicks if automatic updates are on). Only "Allow installing from this source" step is removed when updating the app.
Dropbox wouldn't be a thing if we can "educate" users.
But even if 99% of people could figure it out, it'd still be an unnecessary hurdle whose only purpose is to provide Google with an unfair competitive advantage.
Until all of that bs goes away, side-loading and secondary app stores will be nothing more than a hobby for enthusiasts.
Minecraft.
Steam.
Heck, every video game ever.
Skype.
Microsoft Office. Made billions when people had to physically go to a store and get it.
Google Earth. Chrome itself.
IntelliJ, any developer tool.
Zoom. WebEx. Most video conf tools, actually.
Any pro tool whatsoever.
You get the picture. No, ticking a box and tapping is not the end of the world and never has been. The UX for app installation on macOS and Windows is totally atrocious in both cases and people figure it out.
If you live in the Valley bubble world where every single app that exists is VC funded and desperately racing to get to a 100M daily actives first, then it might seem like one extra click is literally the end of the world. But FFS the vast majority of all businesses and products require more effort to get than that, and they work just fine.
Well here's your problem
I'd say software now is much more complex than it needs to be. It's made to ease the life of the developer, usually an inexperienced one, at the expense of the user.
> IMO, for security reasons alone, it's no longer realistic to expect software without at least occasional updates.
If people would stop rewriting things that already work fine, we'll run out of vulnerabilities at some point. Or, if you must rewrite them and have a good reason to do so, at least use a memory-safe language. Even C++ is much better than C and raw pointers. Anything is better than C and raw pointers. Yet all major OS kernels and most userspace components are written in C and use raw pointers and vulnerabilities in those are being found all too often.
It often means that. :( But it is not that bad for some devices. Geeks from Lineage community regurarly update closed vendor code in the LineageOS. So if you are lucky and Lineage is well-supported on your device, you can still have root nowadays with up-to-date vendor blobs.
For example I rooted my Xperia XZ2 Compact and I am quite happy with it. By using Magisk and Magisk Hide, I am still able to use Google Pay. At the same time, I can use Titanium Backup and f-droid root extension to let f-droid install updates automatically. I hope this device will last me for a long time as I don't see many alternatives - most other phones are too big for me, too old/slow or unsupported.
Technically 100% possible, but practically never going to happen.
If someone were willing to write and maintain the necessary plumbing and then poked F-Droid, it would be interesting to see if they cooperated, but they may well be reluctant to.
Many people, myself included, love products that "just work" out of the box. That's what everything should be like, ideally. My gripe with modern technology is that it actively inhibits your ability to go in and tinker. DRM, forced app stores, code signing with enforced signing identity, all that kind of stuff.
See, imagine someone releases an amazing messaging app that's lightyears ahead of everything else on the market. But — it's only available through F-Droid or as an apk download on the developer's website. People will flock there and install it. And they will be unstoppable.
A concrete example of this phenomenon: Pokemon Go wasn't officially released in Russia, so you couldn't download it from the app stores. Yet, everyone played it. And I mean everyone, in 2016, especially during summer, you couldn't take a walk in the downtown St Petersburg without hearing the Pokemon Go sounds from people's phones. Android users sideloaded apks, iOS users created separate Apple IDs to bypass the geoblock. Suddenly everyone educated themselves to get the thing they wanted.
But it doesn't. There are options. If I had to choose, I would rather invest this time and money to collaborate on the existing protocols that do have the goal of being fully open. Matrix and XMPP can do the things that I want and there are plenty of people working on them to overcome the present issues and challenges for mass adoption.
Why should I swim upstream by myself if there is no special reward for this kind of effort?
I know you are a nerd but your users are not.
However, my mother does use Element to talk with me and it wasn't that hard to help her download an app, tell her where to put the username and what is the name of the matrix server and quickly she was on her way to start a call and setup a room with the rest of the family where I share the pictures of her grandkids.
My users may not be nerds, but they are not stupid. They can learn.
But I think you can actually still load arbitrary dex files using a ClassLoader? I thought that the update was only affecting JNI libraries. I remember reading how they wanted for any and all executable code to come from a signed package. Even then, if you're determined enough, you can load arbitrary native code by allocating some rwx memory pages and copying it in there ;)
Sounds like there are ways to do it within the Android ecosystem, but in cases where Google is suspending things wouldn't they just turn off all the self-update stuff?
I guess my overall point is that Google is motivated to have complete control over Android app distribution, and they'll plug as many of the types of holes you're talking about as they can get away with.