https://about.fb.com/news/2018/12/facebooks-messaging-partne...
Disclaimer: I work at Facebook but not on messaging or anything related to this article.
That's like asking permission to read and write your entire phone, just to provide the ability to write and read back a file.
By the way I'm not suggesting that it cant work this way, just that it doesn't. Facebook could have added a specific scope to allow an app to only read back messages related to itself. But that would have required anticipating the use case before these companies implemented it, or at least having better review policies to try to reduce the permissions apps are asking for.
But if the app wants to allow the user to have a back and forth with the other user, then that implies that Facebook Chat needs to have the ability to have app-specific conversation threads. It doesn't have that, though.
Netflix and Spotify requested read permission for DMs. Did they need it? Most assuredly they did not. But requesting read permissions for DMs in general has valid use cases, even if it should be treated sensitively by Facebook's authentication flow.
If there's any problem here, its that Facebook didn't seem to recognize that the apps (Netflix and Spotify) should not have been requesting read privileges at all, and should have revoked their ability to request that permission in a timely manner.
Netflix presumably had the same.
As long as that access is audited to ensure it really was being used only for the intended purpose, I'm fine with that.
Inspected 50 messages all from your test account: fine. Inspected messages from an account after that user contacted customer support citing a problem with messages: fine. Inspected messages from an account after that account fired off alerts to the devops team for causing segfaults: fine. Look at a random account: not fine. Dump messages from many accounts with a script: not fine, and rate limits should stop you after like 100 messages.
(That being said I have no clue why there would be such a thing, and why a user would prefer it? Maybe if Netflix were making set-top boxes)
...it occurs to me that this is in fact how most desktop apps work, and I do prefer it that way.
"E-dentity is a project that asks a participant to login to its Facebook account, then takes his/ her private data from their profile and automatically prints them in an understandable booklet that is handed to the user. This booklet seeks to raise awareness of the hidden data we are sharing which we are often not aware of."
> In order for you to write a message to a Facebook friend from within Spotify, for instance, we needed to give Spotify “write access.” For you to be able to read messages back, we needed Spotify to have “read access.” “Delete access” meant that if you deleted a message from within Spotify, it would also delete from Facebook. No third party was reading your private messages, or writing messages to your friends without your permission.
So here Facebook acknowledges that an app that sends messages needs write permission, not read. I would assume that sending a recommendation is a write only thing, especially with something private as direct messages. And it is pretty well understand pattern. When you share something through iMessages, Signal or WhatsApp from the a different app, the app does not get an access to you chat history.The allegation that Arstechnica are pretty sever:
> By 2013, Netflix had begun entering into a series of “Facebook Extended API” agreements, including a so-called “Inbox API” agreement that allowed Netflix programmatic access to Facebook’s users' private message inboxes
Strange naming "Inbox" for sharing API. > in exchange for which Netflix would “provide to FB a written report every two weeks that shows daily counts of recommendation sends and recipient clicks by interface, initiation surface, and/or implementation variant (e.g., Facebook vs. non-Facebook recommendation recipients).
This is something that Netflix could do even without special access to the messages, since links originate from them. But so could Facebook, since they see the traffic in messages and can identify referral links. Looks like Titan API, whatever it is, gave even more access?NYTimes article from 2018 [1] has more details, but it is still unclear if user consent was explicitly obtained for Netflix to read messages. But an interesting quote from Steve Satterfield, Facebook’s director of privacy and public policy:
> With most of the partnerships, Mr. Satterfield said, the F.T.C. agreement did not require the social network to secure users’ consent before sharing data because Facebook considered the partners extensions of itself — service providers that allowed users to interact with their Facebook friends.
A rather conspicuous statement by someone who have properly collected consent from users.I guess the feature at issue here is that you could actually hold a conversation with a Facebook friend inside of Netflix or Spotify which does indeed necessitate the ability to read back messages from the other user.
Whether it was wise to allow that instead of the kind of sharing systems we use today in 2024 is another question.
Same as "Hey, Googler here. Let me tell you how I'm right and why you should think this way."
> Facebook didn't just randomly give Netflix access to everyone's messages.
That's not at all what the title alleges, nor what the article says. The article (1) provides evidence that Facebook monetized user private messages in a data-sharing project with Netflix and (2) cites court documents that litigate Facebook having Jedi-Blue-like monopoly-preserving interaction with Netflix.
It doesn't matter what the Facebook TOS says or how the tech works. Human users never provided informed consent that their private comms would be monetized as well as used for anti-competitive un-American purposes (un-American as in the Sherman Act, altho creating a monopoly is perhaps very American indeed). And Facebook has done that time and time again.
I dunno I’m surprised I’m still surprised these days
And really, as if this makes anything better, wow. Imagine having the feeling of obligation that you have to stick your neck out over this. Just take your over-sized salary and be happy knowing you work for one of the worst companies of our time. (despite my tone, at this point, I honestly say that without judgement, just ... own it.)
On Android, when you give a third party client permission to receive SMS, you don’t expect it to have access to your SMS?
God give me the power of some of y'all's utterly depraved self-serving self-delusion. I at least acknowledge the moral compromise of how my labor accrues in the system instead of burying my god damn head in the sand about it and offering poor incoherent defenses of my employee in public. And I make a third of what I could make at FB, and still probably don't contribute as negatively to the world.
So, it could work exactly as it sounds and you'd have no idea?
---
Although I'm not sure the complaint [1] (linked from articled) actually says that messages were given.
[1]: https://cdn.arstechnica.net/wp-content/uploads/2024/03/compl...
1. "Does Facebook use info from your private messages to target you with ads?
No. Facebook says it might look at your private messages to determine if they violate the company's policies, but it doesn't use that information for ad targeting. Facebook won't use the contents of your private messages to target you with ads on Facebook Messenger, WhatsApp or Instagram either, according to a spokesperson."
https://www.vox.com/2018/4/11/17177842/facebook-advertising-...
If the messages are encrypted "end-to-end" or whatever the chosen marketing buzzwords, so that Facebook cannot read them, then how is FB able to "use" messages for anything. One accustomed to normal communications services might think FB is storing and delivering messages and that's all. But in truth, it's "using" them. (For purposes other than complying with any request from a court of comptent jurisdiction.)
Exactly what they might be doing is of course highly confidential. You are free to take guesses. FB may answer yes or no. Answers cannot be verified, so their value outside of marketing is dubious.
NB. Meta _is_ a third party. It feels as if some people believe they can redefine terms like "end-to-end", "third party", etc. As if they know many readers will happily go along for the ride.
'granted programmatic access to FB user's inboxes' could mean a lot of things. What privileges? I read the article and still can't tell.
I don't believe that Meta allowed Netflix to read messages that a user sent or received, but that seems to be what they're implying.
> And in 2018, Facebook told Vox that it doesn't use private messages for ad targeting. But a few months later, The New York Times, citing "hundreds of pages of Facebook documents," reported that Facebook "gave Netflix and Spotify the ability to read Facebook users’ private messages."
2018-12-18 https://arstechnica.com/tech-policy/2018/12/report-facebook-...
2018-12-18 https://www.nytimes.com/2018/12/18/technology/facebook-priva...
Who cares if it was for ads, giving third party companies access should be a huge problem with or without ads.
I always try to convince people I know to ditch Messanger/WA/etc. in favor of Signal, and in many cases I've succeeded.
In sense, things like Apple Mail is a problem for them because it uses full access to GMail account to extract private data over API.
This is a case of possible “collusion” not anti trust
https://www.law.cornell.edu/wex/collusion#:~:text=Collusion%....
The New York Times, citing "hundreds of pages of Facebook documents," reported that Facebook "gave Netflix and Spotify the ability to read Facebook users’ private messages."
Very scary what can be done with that information.
There doesn't have to be a backdoor into E2E encryption at all per say, a simple UI property check would give full access to message contents directly in the frontend code. Throw that into a private API and Bob's your uncle, decrypted messages that were transmitted with 100% secure E2E encryption.
I should have been more clear there. Its interesting to me that I often see concerns over whether Facebook has encryption backdoors when the UI can do all the work.
They don't do creepy things on occasion by accident, they do them intentionally by default.
Same old story for the last 20 years. Zuck is creepy AF, everything he touches is creepy AF.
https://www.businessinsider.com/well-these-new-zuckerberg-im...
just how great of a moat do yt/netflix have? is Disney the only one mounting a decent fight?
Tiktok is probably the biggest competitor to YT. But it had to come in from short form video angle, because the moat of YT in long form video is probably insurmountable. Its fate remains to be seen.
Hacker News is literally constantly claiming that there are too many competitors to Netflix and there needs to be some kind of compulsory licensing to reduce competition. Like there are hundreds of posts on the front page every week to that effect.
Meta never took Watch very seriously, just because it requires literally billions of dollars of investment and they clearly never wanted to spend that much.
They licensed Buffy the Vampire Slayer for the US, clearly saw it didn't move the needle much and they'd need to spend $5 billion+ to get there, and scrapped the whole idea.
I have a Gmail account because everyone needs email these days, and an iPhone with Gmail and banking and little else “online”
Sorry not sorry tech people but I never really asked to be born or have your existence specifically but on me specifically.
You’re society’s problem, not mine. It can deal with it without knowing I exist.
This story seems very overblown. Are we arguing that Facebook should not ever allow any third party app to ask permission to read the user's Facebook DMs? There are valid use cases for this permission, and every case where an app asks for it is not a "privacy violation". Sure, did Netflix or Spotify actually need the ability to read back DMs instead of just write them so that they could send recommendations? No, they shouldn't have needed that. If Facebook's API required that they have read access just to send a message, then that's crap design. But is it nefarious? No.
As long as the user is appropriately briefed on what they are granting (and it appears that they were), and as long as Facebook addresses over-scoped permissions requested by third party apps in a timely manner, then this should not be an issue.
I for one believe that we need to mandate that FAANG companies have these sorts of permission-driven systems to avoid the vendor lock in we're all too commonly stuck with today.
Because these things are needed for competition to thrive and to avoid the big companies from creating moats that prevent us, the startups out there, trying to dethrone them, its all the more important that these companies invest in better UIs that help a user understand the implications of what they are doing, and better review processes to stop bad actors from exploiting users' ignorance on an ongoing basis.
I despise Meta, but come on. Don't throw the baby (interoperability) out with the bathwater (interoperability can enable exploitation).
From Zuck:
Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them. . . . Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this.
From Danny Ferrante (FB Data Scientist):
- We developed "kits" that can be installed on iOS and Android that intercept traffic for specific sub-domains, allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage (i.e., specific actions that people are performing in the app, rather than just overall app visitation). This is a "man-in-the-middle" approach.
- Our plan is to work with a third party—like GFK, SSI, YouGov, uTest, etc.—who will recruit panelists and distribute the kits under their own branding. We already have proposals from several of these providers.
- The panelist won't see Onavo in the NUX or in the phone settings. They could see Onavo using specialized tools (like Wireshark).
So they are not exactly lying. just being extremely dishonest.
Theyre sooooo dishonest.
The point of e2e is to block any third party to to see your conversations by sniffing packets. Not to stop Meta themselves.
Whether or not Facebook actually implements it this way is a great question.
The point of end to end is to to ensure that only me and the person I'm sending a message to can read it and that none of the systems in-between us can read the plain text of it.
The problem is that this requires users to do things like use one device to authenticate another or restart key exchange with all of their peers. If a user loses their phone, then they will need to redo their security exchange process, which nobody wants to do or even understands. Thus companies often store key material in an insecure way to allow new devices to be silently added to the account.
Plus, even if E2E is well implemented, there are still problems when the endpoint software can be remotely updated to a version that exfiltrates keys or messages.
No... the point of end to end encryption is to be encrypted end to end. Its literally the name. If meta can read your encrypted messages, that is just normal encryption not end to end encryption.
For one, this would remove companies' ability to support lawful interception, which puts them afoul of American law.
If substantiated, such accusations would be among the most damning in the history of technology.
If substantiated? Just search Onavo on HN search - I thought this was widely known for years.
You're putting this up there with IBM in the holocaust?
This is the original NYT article from 2018 https://www.nytimes.com/2018/12/18/technology/facebook-priva... "Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed."
Facebook promised E2E at the end of 2023.
To be honest I found I got much better grasp on the whole debacle by just reading the court papers themselves.
Wait, seriously? Like 4-6 months ago? Like, yesterday in terms of how long they haven't had it? Sheesh, a day doesn't go by that I'm not reminded of how happy I am to have dropped FB so long ago.
The netflix deal starts in 2013. Even after 2016, e2e would just mean netflix would get slightly fewer messages.
So I don't see anything that would necessarily indicate FB is lying about e2e.
When you’re having a 1:1 conversation with someone at a party, and then crack a joke and some weird dude 10 feet away laughs at you and says “good one”.
The obvious answer here would be for meta to consider itself party to your conversation.
I didn't win many over on the importance of privacy or Signal, but the willingness of some to put up with it because it matters to me says a lot about my relationship with them.
The state can make a duplicate of your sim at any time. Not to mention linking phones to people is relatively easy.
Would make for some fascinating lawsuits, but I suspect you meant collusion
At least I'd call an instant messenger that which claims to provide end-to-end encryption between conversation participants and then surreptitiously inserts itself as another participant.
However, something very active like that would be much easier to detect and prove than a "true" cryptographic backdoor that could possibly be explained away as an oversight in design or auditing.
If one really doesn't trust that Facebook isn't honest about how messages are encrypted and who has access to decrypt them, they also shouldn't use an app made by the same company that by design must have access to the decrypted text.
This leads to an explosion of scopes, or an explosion of API keys, unless you have a policy engine, or resource-based access control. A company as big as Meta should be able to (is able to) do better than they did, but they probably didn't think this was worth prioritizing because money lie in attention farming, not in mending the fences.
The OAuth consent screen details for an app ("Netflix" and the Netflix logo, etc) could be used to present this to the user.
However this presupposes that this was ever a good idea. On desktop you have a Facebook tab you can chat from, and on mobile, you want to chat on the Facebook (or whatever) app so you have all of its normal features, instead of a gimped version stuck inside a third party app. The third party app only needs to be able to ask the user if its OK to send a message with specific content, and possibly be able to enumerate who it might send to, but even that we've weeded out into the OS' own Share dialog nowadays.
An analogy would be granting full access to a Gmail inbox in order to merely send an email. It would not require “scope explosion” to isolate the email sending permission. That’s just one OAuth scope. They just didn’t isolate it.
The more interesting question here is how this interacts with supposed end-to-end encryption. Clearly the messages Netflix sends cannot be E2EE (right?). The whole point of E2EE is the service provider doesn’t have your keys. If Facebook is letting 3P send messages on your behalf, they must be unencrypted.
Normally, ideally, in an E2EE system this should set off alarm bells. If you get a message from someone that’s not actually signed/encrypted by them, this should be very clearly alerted. Otherwise it’s a privacy attack vector. You could be downgraded to an unencrypted channel without your awareness.
So, what’s the Facebook messenger user experience here?
At that point, why not just have an URL that opens facebook with a message pre-populated and skip all the oauth?
OAuth is absolutely compatible with bots being treated as principals in a social graph, it’s just that that’s incompatible with the type of passive surveillance that was desired here.
And yes, it’s a choice. Just because people don’t take responsibility to make a deliberate choice, doesn’t mean it’s not a choice.
The other option is long prison sentences for the board and CEO.
If any of this is true they didn’t tell people like me about it, and at one point there were three people on the org chart between myself and the CEO.
I’m very skeptical of the allegations, but I’d be lying if I said I found them to be flat impossible. I tread very lightly on this sort of thing and I didn’t even acknowledge I’d ever heard the word Onavo until I read it on TechCrunch.
I certainly hope they’re false: FAIR seems to be the last real hope for an Open future on AI short of a complete housecleaning of the whole Valley.
But I don't think this is something he made up, it's been discussed on HN.
https://news.ycombinator.com/item?id=16381812
>I wonder if it's be possible to make a social networking startup, optimise solely for Onavo metrics, and get bought out by Facebook.
https://news.ycombinator.com/item?id=16373339
>The Onavo VPN service from Facebook is disguised as a protection mechanism but tracks the user for the benefit of Facebook.
https://news.ycombinator.com/item?id=14971839
>The database stems from Facebook’s 2013 acquisition of a Tel Aviv-based startup, Onavo, which had built an app that secures users’ privacy by routing their traffic through private servers. The app gives Facebook an unusually detailed look at what users collectively do on their phones, these people say.
I am surprised that this accusation is at all controversial.
The people in targeting/demand/supply knows absolutely nothing about profile building. And there is where all the competitive advantages lies. And also all the shady deals.
We usually keep everything very secret in profile building because that is the knowledge that allows people to leave and start competitors, but we disguise it as the usual think-of-the-children and say that profile building deals with all sort of borderline-PII and only the most vetted people should work on it.
Ask some sysadmin to list the ACL to the main ads profile HDFS or whatever it is today. it will show a couple architects who report to one SVP each.
My job was to use information retrieval, machine learning / AI, auction theory, and pragmatic statistical sampling to both accurately model and stably price ads inventory and later dollarized organic inventory to drive specific policy agendas about what got clicked on, dwelled on, commented on, seen in recommender systems in equilibrium to achieve specific policy agendas of various kinds but all ultimately tying out at top-line revenue and engagement metrics.
It did not take me long to work out that PII was useless in this pursuit, there’s no entropy in the off-property like button table as concerns CTR.
It did not take me long to realize that I didn’t want to know what it was useful for.
I easily had the seniority to run queries against Hive tables that I had an explicit personal priority of never querying.
And I left the senior leadership track at the last stop before a directorship.
I knew it sounded vaguely sketchy but you remember how many vaguely sketchy things some frisky new PM tried to get pushed through a launch card meeting only to have someone on Sheryl’s radar detonate it on the launch pad. The timeframe is the main reason I’m skeptical: Sheryl didn’t put up with crap like that she knew what was at stake.
How do we stop foreign studios from distribution over the internet? Do we block them too?
Why stop at films? Should book authors also not be slowed to self publish? Software developers?
Same thing for publishing companies. individual authors can do whatever they like.
It's like saying me accidentally spilling a bit while doing a oil change in my garage is the same as BP spilling hundreds of thousands of gallons of crude.
Scale matters. And "where you draw the line" can be defined loosely to be left up to interpretation at the time.
And then foreign companies are still allowed to distribute thier own content? Are you going to block them from transmitting to the US?
If Netflix decides to incorporate in Canada, are you going to stop them from distributing thier own content to US citizens?
You really don’t see a problem with the government prohibiting companies from distributing thier own content over the internet?
Does that count for newspapers? Video content created by large newspapers?
As Pedro said in the email described in [1], no sufficiently well-informed, security-minded person could ever be comfortable with Onavo.
[1]: https://techcrunch.com/2024/03/26/facebook-secret-project-sn...
And catering to the average user’s expectation is what should dictate policy, not a “technically we have permission” caveat.
In this case Netflix was not an advertising partner. You were signing into Facebook Chat inside the Netflix chat, and participating in Facebook chat messages inside the Netflix app.
You were opting in and using the Netflix app as a Facebook Chat client. Its like being surprised the Pidgin executable could see your Jabber messages.
There are details that aren't clear here too: Did Netflix request read permissions when you signed in via Facebook? If so, that's shitty and is worthy of condemnation, but the onus falls more on Netflix than Facebook there. You should be able to sign in with Facebook without expecting your DMs to be sent to Netflix. It's still on Facebook, but to a much lesser extent: They should make what's being shared super clear when you sign in with Facebook, and that includes making the sign in super onerous and scary if its something like reading DMs, so the user doesn't miss these details. And they should be reviewing third party apps and what permissions they request, and making sure its inline with the functionality the app is presenting.
However, if the normal Facebook authentication flow did not grant this permission, and the permission was only granted when the user accessed the "Netflix Chat" or whatever feature which obviously did, in actuality, require the read permission to function, then this isn't that big a deal.
Right?
It's a dumb feature and I'm glad they killed it, but the "gotcha" here isn't much of a gotcha IMO. It was an opt-in feature to use Messenger inside these other apps; of course the other apps could see your messages if you opted into that. It's like complaining that GMail "shares your private email" with Apple Mail if you use Apple Mail as your mail client.
The most egregious example was probably LinkedIn's GMail "integration," ostensibly used to invite your GMail contacts to LinkedIn. Back then, that sort of thing felt innocuous. But the implementation was even worse. Due to lack of OAuth and MFA, you literally entered your GMail password into LinkedIn. Then LinkedIn logged into your GMail account where they could do anything. Even if they limited it to scraping your contacts, they still got every email address you'd ever sent or received an email to or from, over the lifetime of the account.
In any other context this would be called phishing. And by the way, this pattern still exists. For example, apps that force you to log into a third party site in their embedded WebView can read the entire DOM (including your password). ..
On Android, when you give a third party client permission to receive SMS, you don’t expect it to have access to your SMS?
In all seriousness i believe anyone providing oauth should just shut it down at this point, Cambridge Analytica was entirely users granting a third party oauth access to read their friends lists with an explicit permission dialog and all and it was a scandal that led to massive fines. The world decided that oauth access is not ok even with the dialogs prompting to allow third party access and at this point we as developers should listen and take it away. Google currently flys under the radar with the exact same access that led to cambridge analytica but they should probably just shut it down unless they want to run the risk of similar court cases.
If Netflix and Spotify went through the vetting process for the purposes of enabling an in-app email client the media could write pretty much the same headline.
HN "guidelines" say "Please don't post shallow dismissals" -- Don't allow FANG to astroturf these forums.
Of course Thunderbird could send an automatic update that starts shipping your emails to Thunderbird's servers. You dont expect that, but only because you trust them.
Newspapers in general don't syndicate most stories to begin with, so no I don't think it makes sense in that context.
by the way, this isn't some weird new policy. the equivalent applies to studios and movie theaters [1]. we just neglected to extend the policy to online distribution because the powers that be decided vertical monopolies are OK, actually. [1] https://www.thebignewsletter.com/p/the-slow-death-of-hollywo...
Back when it was decided, the only method to get your content in front of an audience was to ship physical media to a physical theater.
Now I can create a video from the device I have in my pocket that has much higher quality than was available in the 30s, upload it either to YouTube or an AWS S3 bucket and upload a yaml file that creates a CloudFront distribution (AWS’s CDN) and distribute it worldwide and create a web page that anyone with a $70 (unsubsidized) Android can watch.
Not only that Comcast - a cable company - owns both the modern distribution pipes that have far more reach than the studios ever had and a studio (Universal) and a broadcast TV and an Internet streaming service.
But there is no “monopoly” on either video creation or distribution or streaming.
I can’t believe someone is actually advocating that the government block foreign content over the internet because you don’t agree with producers being distributors. Are we going to create the “Great Wall of America”?
And who gets to decide what content that should be blocked?
So let’s take Fox News or any other news organization or even the Discovery network. They all create documentary content. Should they not be allowed to stream their own content? Wouldn’t it be against the freedom of speech and/or press to say that you can’t stream your own content via your own website?
I think you're vastly underestimating the degree to which corporate players see a different world than you or I. I'm not talking about limits on personal actions. I'm talking about corporate, and even there for the most part publicly traded corporations.
> Not only that Comcast - a cable company - owns both the modern distribution pipes that have far more reach than the studios ever had and a studio (Universal) and a broadcast TV and an Internet streaming service.
I mean, do you seriously think I don't want Comcast dismantled and sold for parts? I agree its worse, but it's a somewhat different conversation.
> But there is no “monopoly” on either video creation or distribution or streaming.
Vertical monopolies are still monopolies. If the only place you can get Disney movies is directly from Disney's own service, that's a form of monopoly. Fwiw, I'm relatively sympathetic to netflix; if it weren't for movie studios getting into the distribution business, they probably would be doing quite well right now, having a significant headstart on how to do distribution.
> And who gets to decide what content that should be blocked?
Any company which owns their own distribution network and preferentially distributes over that. Seems like the sort of thing the courts and FCC can work out. Will it work very well? probably not, but the point is to add enough friction that its easier for those producers to sell on the open market instead of forcing users to buy their entire bundle, or none of it at all, not to exclude them from the market.
> So let’s take Fox News or any other news organization or even the Discovery network. They all create documentary content. Should they not be allowed to stream their own content? Wouldn’t it be against the freedom of speech and/or press to say that you can’t stream your own content via your own website?
No. Those programs should be syndicatable by anyone else who wants to distribute them, at the cost that they charge their own network for.
The point isn't to stifle speech, it's to stop networks from bundling together a bunch of terrible garbage with their best products to force users to buy junk they don't want.
all the sexy stuff like Bluetooth beacon, and reverse email targeting etc are all before your team, because they're still not regulated and are profitable. i bet the team just got to turn DOoH knobs last years?
As with a lot of terms, “brogrammer” is one that initially referred to something progressive but got co-opted by the kind of people whose value add is “shady games”.
There’s a breed of elite hackers now who understand power dynamics, the importance of optics, the value that accrues to which parts of the apparatus, and daydreams while outmaneuvering anyone who ever contemplated an MBA, which is an admission that you can’t hack it when the distributions go non-stationary or the wire-to-wire latency target at 7 nines is below a mike.
I don’t generally like to call attention to this, but my friend and former colleague Antonio Garcia Martinez of Goldman, Cal applied physics, Silicon Valley, and many other kinds of fame was very gracious to me in a NYT best-seller about a great many things but among them how I was a kind of synthesis of the kind of people who (as stereotyping would have it) were either basement-dwelling geeks or glib salesmen with Anglican/Presbyterian-sounding names.
Buy the book if you care. Nick Schrock had found my photograph on the Internet and made it a Facebook cult classic at least a year before I joined in the Palo Alto office. Which is pretty early that I was #336 on the SWE staff.
There is a lot of scope for value-add from the kinds of people who the ignorant and prejudiced stereotype as “nerds”: those people in my experience are generally kind, humane, humble, and brilliant.
I’m just humane and brilliant, and I’m going to personally salt the Earth where people who talk like you do once stood.
And I’ve got no compunctions about leveraging my appearance or height or dress sense or glib vocabulary, or ease in dominating a meeting to do so.
Selective pressures have produced a breed that is simultaneously the prom king and likely to end up with a Turing, and do it all without pillaging the commons or appealing to connections.
And if any of this rubs you the wrong way, we can step outside and handle it there. You don’t want that.
you have no grasp of the business, but you made bank thanks to people who made much much more and did understand all the shady deals they had you unknowingly work towards.
Because otherwise bureaucrates like you would cause everything to stall while looking into every contingency.
I also don't think you have to "pass a law" we already have laws on the book that can do this and, this might shock you, we have already used them to do almost exactly what you are saying here.
https://en.m.wikipedia.org/wiki/United_States_v._Paramount_P....
So now you want unelected judges to decide what can and can’t be streamed on the internet.
This is also not the 1930s. In 2024, movie distribution is not limited to physical meets theaters.
Your citation gets trotted out all of the time in these arguments like anyone in 2024 can’t put a video on a website and distribute it anywhere in the world. When the ruling was in effect, home video media didn’t even exist and even television was in its infancy.
And you still haven’t answered the question, do you also stop foreign companies from distributing thier own content ?
And there is always judge shopping, liberal judges would love to stop Fox News from distributing their own content on the internet as would conservative judges love to stop media owned by “woke” corporations
It's about scale, if you didn't read my first message then that's fine but just so you can ignore it again.
Me spilling 1 oz oil in my front yard is different that BP spilling millions of gallons.
Similarly Apple and Netflix teaming up is different than me and my local theater teaming up. If you don't like anti trust that's fine but don't act like it's impossible to understand.
Similar to apps that ask for access to your entire Contacts list to "find your existing friends"... You can bet they're uploading that entire thing to their servers and trying to growth hack with it.
However, this won't generate the same headline because any company can go through it, and it isn't some API sold for some special privileged company. Also the user knows it is sharing their mails (not sure if that's the case with facebook)
The now defunct consent decree was put in place specifically because small players couldn’t distribute movies anywhere besides theaters. That is not the world we live in today. Anyone can distribute movies worldwide by doing just as I said without an intermediary. I literally have a bash shell script and a CloudFormation template on my work computer right now that creates a static website hosted on S3 distributed via CloudFront where I could make any video I have available to anyone in the world.
> it weren't for movie studios getting into the distribution business, they probably would be doing quite well right now, having a significant headstart on how to do distribution.
There is no moat around video distribution. To a first approximation, anyone can distribute video at scale and create an entire streaming service using services available on AWS combined with a third party company that specializes in it. Do you think that all of these streaming companies have the in house expertise to do this at scale?
Hell, I know how to use AWS services to distribute content, transcode it and distribute it to millions of people around the world. Would it be cost effective at scale? Probably not. (former AWS ProServe employee).
> Any company which owns their own distribution network and preferentially distributes over that. Seems like the sort of thing the courts and FCC can work out
You really want the FCC and courts to have the power to block content on the internet and force all ISP’s to block foreign traffic?
You didn’t address the part about how this would work for international content, are we going to give the FCC the power to block international content on the internet?
> the only place you can get Disney movies is directly from Disney's own service, that's a form of monopoly
That is by no legal definition a monopoly and actually Epic just loss a case against Apple in court trying to argue that Apple had a monopoly on the App Store. In that case the NY Times has a “monopoly” on thier content? Every producer has a monopoly on what they create.
> No. Those programs should be syndicatable by anyone else who wants to distribute them, at the cost that they charge their own network for.
You really don’t want to let any content producer to be the sole distributor of their content? Does that include software developers? Should they also have to go through an App Store instead of exclusive distribution on thier own website?
I did have a few extremely high-earning years (I think I broke 7 figures twice). And there’s a meme that I sort of partied it away or something (and in fairness, as a guy who grew up in the kinds of neighborhoods and houses sufficiently marginal that at 100x the legal limit for OSHA on factory workers, pediatric led poisoning probably wiped like, half my IQ off the board. I was lucky, I was just licking my fingers after touching walls, my brothers were young enough to be eating lead paint chips off the floor, so they had like 10x that, with that kind of background I went down one of the two routes poor kids go down after catching some cash and I blew easily a few hundred grand if not half a mill on pure conspicuous consumption. Easier than my kid brother, easily the greater natural talent, he drowned himself in a bathtub a couple years ago).
But most of it went to the 52.2% combined state and federal income tax that I told my CPA not to optimize at all. A modest but non-trivial amount went to a reasonable settlement around a failed marriage, and the lion’s share by far, like north of 75-80% went to misguided “support” of insolvent friends and family. My grandmother (may she rest) was a widow of an active duty US Navy submarine sonar operator in the Korean War, the mother of an active-duty Sidewinder tech on the USS Nimitz who saw action in Gulf One, and the country threw her to the wolves with like, 800 bucks a month in pension in San Diego (where I grew up, hence all the military stuff) that didn’t cover so much as rent: my grandfather’s deathbed request was that she would want for nothing, and she wanted for nothing. And really no one around me did.
Which makes me more than a little annoyed that people I’ve defended and continue to defend on e.g. HN like Bosworth or someone make shit up and spread it around, like that I got fired in 2018, and not quit in disgust at the cost of what would have been in today’s market like 7-12 million in RSUs. I gave 60 days notice and they asked for 90, I have this in writing. I increased Instagram’s revenue in 2017 personally by 10%, so, I don’t know, like well over a hundred billion by now and I’d done bigger launches. Seemed a pretty shitty send off, but this is the NFL, I get it.
I’m a pugnacious late-bloomer who would be at CERN if I had slightly different starting conditions and went into debt last year to KLA after the Nth round of coordinated wage fixing.
I appreciate that’s a bit of a biography, but it was a bit out of line with the Will Hunting thing about stepping outside. I felt I should explain myself.
But first, no one was talking about Apple and Netflix teaming up. Those are two competitors and independent companies in the same space - streaming.
The discussion was about vertical integration where one company gets to distribute its own content. It was specifically decided Epic vs Apple that a monopoly isn’t being in control of your own content. Nintendo is also not considered a “monopoly” because you can only play most of their IP on thier own hardware
You also failed to answer any of the questions
1. Should we not allow any large content producer to distribute their own content exclusively on their own website and how is video different than audio, news, books, software, physical merchandise, etc? A second part of that conversation does that also apply to news content? Religious content? Documentaries like what CNN does?
2. For digital media, should we block foreign companies that are vertically integrated from being able to be accessed by people in the US?
3. If Netflix reincorporated in Canada should we force all US ISPs not to do business with them? Should we block them like the TikTok ban that is being proposed?
What “monopoly” exactly do you think Netflix has?
> But first, no one was talking about Apple and Netflix teaming up.
I said Apple instead of Facebook to show how needlessly pedantic you are. There is absolutely no difference between Apple and Facebook here the point is the scale of the company (as I have said)
I wish you to have a needlessly pedantic life and I hope we never cross paths again.
If the US bans vertical integration for companies headquartered in the US, do they also block people from accessing content over the internet that is produced by vertically integrated players that is created overseas?
Exactly what type of content should not be allowed to be self distributed? News? Religious content? Fictional content? Documentaries? Trailers? Physical goods?
Do you want the government deciding what private corporations can distribute over the internet and do you want to block foreign content that doesn’t follow those rules?
I feel really sorry for you and anyone who things that laws are IFTTT style rules.
Hope you find happiness at some point
Where do yoh draw the line about what type of media should be able to be distributed on the internet?
Are you going to fine companies for putting their own content on thier own website without going through an intermediary and how does that help consumers when every part of the delivery chain is also going to want to make a profit and thus increasing prices?
You live in a fantasy world.