so that I can make examples in comments more relevant
I am extremely familiar with most operating systems outside of Apple's.
And how would you react if it became commonplace for sites to make a progressive web app available without charge but charge money for the native app?
How would I react? I'm not sure how to answer that. I think developers can and should use whatever model makes the most sense to them. If the app is one that I am very interested in, I'd take the pay option.
Would you pay $4.99 (limited ads) or $9.99 (ad-free) per platform per year to continue using an application?
Well, I won't rent applications, so both of those are nonstarters for me. If the app is really worth paying for, I'd prefer to pay a higher fee and be able to use what I bought forever in the future, if I so desire.
Well, we can start with secret in-browser bitcoin mining.
But, on the more malicious side, there are bunches of traditional exploits that do things like code injection, privilege escalation, installation of virii, etc. Also, there are a number of data exfiltration exploits in the wild. You know all those online ads that spread malware? They're using javascript to do it.
Javascript isn't as vulnerable as it used to be, but you can't think of it as safe, either.
Not that I think either of them are good, but we're entering into a world where we're going to have to make some sort of compromise one way or the other. Personally, being unable to use progressive web apps is my preferred compromise.
I wasn't saying that it would be an improvement, only that manufacturers are likely to go that route if Google gets too pushy about what they can or can't do.
Isn't that also what we're all complaining about right now?
Not all of us. I'm not. As a user, I don't see fragmentation as being a huge issue. I understand how it is annoying to developers, though.
people could develop multiple forked versions
Not only could they, they already have. I have one running right now.
Android proper is open sourced under the Apache 2.0 license, (and the kernel under the GNU GPL2 license). Google cannot change the licensing for versions they've already released. They could, of course, remove future versions from those licenses and do whatever they wish -- but everyone could just continue to use the old versions or their forks.
While I agree with that sentiment, I have to wonder why this is such a big deal?
It's always a big deal when someone is injecting code on your machine without your knowledge or permission. Whether or not a specific example of the code is harmful isn't relevant -- that it can be done means that there will absolutely be more malicious code coming from somewhere.
We've always wanted a way to monetize visiting a site, could this be a way to do it?
Could be, but user notification and permission is a non-negotiable part of it. Without that, the code is malware.
Indeed, yet JavaScript, for all its many, many foibles, is a much more universal computing platform than we have ever been able to achieve by other means. For this reason alone we shouldn't be in such a hurry to abandon it.
I don't think that's anything close to a sufficient reason to accept the dangers associated with it. Javascript is not only a theoretical security problem, it's one that's very commonly exploited.
All of the arguments that apply to getting rid of flash apply to getting rid of Javascript.
We are still heading towards a good place.
Maybe, but the evidence for this is weak.
The web needs a common client side computing platform
"Needs" is a very strong term. In my opinion, it's more of a "nice to have" than a "can't live without".
I was wondering this myself. The boot times for laptops and desktops aren't of great importance, and the boot times for smartphones are at least an order of magnitude less important than that.
In fact, I wonder how this plays socially. Right now, it's widely considered rude to call someone without texting them first (except if its an emergency). In order to function properly, this would have to go against social conditioning.
Maybe so, but that would be weird. It was newly installed 6 months ago and pretty much only has development tools on it.
Whichever. Once a week or once a month, I still have to be paranoid about the reboots because I don't know when they're going to happen and I can't stop them.
One of the reasons, yes. Maybe the situation has changed in the years since I gave up on Ubuntu, though.
The main reason I don't use Ubuntu is because (again, years ago) I could never get it to work correctly on laptops. So I started using Debian instead, because was relatively painless.
That problem has probably been fixed since then as well, but too late -- I'm happy with Debian.
I have to admit, though, that all the Gnome/Lens stuff certainly didn't help with my opinion of Ubuntu.
Docking stations make it possible to exist in an office where you don't have "your" desk anymore but rather your trolley, where your laptop and other material resides, you take it to a free office desk, dock in and work.
They make it technically possible, but that is still an untenable work situation for human beings.
I moved my archives into Gmail and not only do I no longer have to put all that time into it, but I'm quite confident that my email is more secure than I could make it.
Fair enough. I'm not going to make a case that GMail's security isn't good (excluding the scanning for advertising, which is an enormous issue for me). I am forced to use it at work, since the company I work for uses GMail, but I otherwise avoid it not for security reasons, but because I object to the tracking (and don't trust Google on a more fundamental level).
I haven't played Alpha Centauri in a very long time. Now I want to play it again. Thanks for destroying all of my free time for the next several months!
Slashdot Mirror
Try living without a smartphone in our society today, do it, I challenge you.
I know a number of people who manage it without any difficulty whatsoever.
so that I can make examples in comments more relevant
I am extremely familiar with most operating systems outside of Apple's.
And how would you react if it became commonplace for sites to make a progressive web app available without charge but charge money for the native app?
How would I react? I'm not sure how to answer that. I think developers can and should use whatever model makes the most sense to them. If the app is one that I am very interested in, I'd take the pay option.
Would you pay $4.99 (limited ads) or $9.99 (ad-free) per platform per year to continue using an application?
Well, I won't rent applications, so both of those are nonstarters for me. If the app is really worth paying for, I'd prefer to pay a higher fee and be able to use what I bought forever in the future, if I so desire.
No matter what language browsers used the issues would be the same given the browser environment.
I agree, the fault isn't the precise language as such, the fault is the ability for webpages to push and execute code on your machine.
Well, we can start with secret in-browser bitcoin mining.
But, on the more malicious side, there are bunches of traditional exploits that do things like code injection, privilege escalation, installation of virii, etc. Also, there are a number of data exfiltration exploits in the wild. You know all those online ads that spread malware? They're using javascript to do it.
Javascript isn't as vulnerable as it used to be, but you can't think of it as safe, either.
As a user, it angers me that websites can tell any details about my machine including whether or not its running on battery.
But its not malware. Malware is spread through malicious acts.
Malware is any software that is running without my permission.
If its fully disclosed up front, its just your choice to go there.
I think the issue is that a lot of sites are not disclosing it.
Both, actually.
Not that I think either of them are good, but we're entering into a world where we're going to have to make some sort of compromise one way or the other. Personally, being unable to use progressive web apps is my preferred compromise.
That's hardly an improvement, then, you see?
I wasn't saying that it would be an improvement, only that manufacturers are likely to go that route if Google gets too pushy about what they can or can't do.
Isn't that also what we're all complaining about right now?
Not all of us. I'm not. As a user, I don't see fragmentation as being a huge issue. I understand how it is annoying to developers, though.
people could develop multiple forked versions
Not only could they, they already have. I have one running right now.
It's more likely the problem isn't a piece of dust, but rather lazy or incompetent "geniuses".
Android proper is open sourced under the Apache 2.0 license, (and the kernel under the GNU GPL2 license). Google cannot change the licensing for versions they've already released. They could, of course, remove future versions from those licenses and do whatever they wish -- but everyone could just continue to use the old versions or their forks.
Google Apps, however, are not open sourced.
That's a fully acceptable loss.
I can see this becoming worse, especially with encrypted media extensions that obfuscate the presence of a mining tool under the guide of DRM.
This is one of the reasons why I will never enable EME, nor use a browser that doesn't let me disable it.
If you go to a site, then you give it explicit permission to use resources on your computer.
Not blanket permission, you don't.
While I agree with that sentiment, I have to wonder why this is such a big deal?
It's always a big deal when someone is injecting code on your machine without your knowledge or permission. Whether or not a specific example of the code is harmful isn't relevant -- that it can be done means that there will absolutely be more malicious code coming from somewhere.
We've always wanted a way to monetize visiting a site, could this be a way to do it?
Could be, but user notification and permission is a non-negotiable part of it. Without that, the code is malware.
Indeed, yet JavaScript, for all its many, many foibles, is a much more universal computing platform than we have ever been able to achieve by other means. For this reason alone we shouldn't be in such a hurry to abandon it.
I don't think that's anything close to a sufficient reason to accept the dangers associated with it. Javascript is not only a theoretical security problem, it's one that's very commonly exploited.
All of the arguments that apply to getting rid of flash apply to getting rid of Javascript.
We are still heading towards a good place.
Maybe, but the evidence for this is weak.
The web needs a common client side computing platform
"Needs" is a very strong term. In my opinion, it's more of a "nice to have" than a "can't live without".
Google could put an end to it by simply not allowing it in the license agreement.
I'm glad they don't, personally. But if they did, the license agreement is only for Google apps, not for Android itself.
I was wondering this myself. The boot times for laptops and desktops aren't of great importance, and the boot times for smartphones are at least an order of magnitude less important than that.
I agree.
In fact, I wonder how this plays socially. Right now, it's widely considered rude to call someone without texting them first (except if its an emergency). In order to function properly, this would have to go against social conditioning.
This wouldn't disrupt their business at all, really. Their business is cell service, and this device doesn't actually replace cell phones.
Occasional access to a phone, sure, but it's not now, nor has it ever been, a necessity to have one constantly available.
Even now, there are lots of people who have no permanent phone service at all.
Maybe so, but that would be weird. It was newly installed 6 months ago and pretty much only has development tools on it.
Whichever. Once a week or once a month, I still have to be paranoid about the reboots because I don't know when they're going to happen and I can't stop them.
One of the reasons, yes. Maybe the situation has changed in the years since I gave up on Ubuntu, though.
The main reason I don't use Ubuntu is because (again, years ago) I could never get it to work correctly on laptops. So I started using Debian instead, because was relatively painless.
That problem has probably been fixed since then as well, but too late -- I'm happy with Debian.
I have to admit, though, that all the Gnome/Lens stuff certainly didn't help with my opinion of Ubuntu.
Docking stations make it possible to exist in an office where you don't have "your" desk anymore but rather your trolley, where your laptop and other material resides, you take it to a free office desk, dock in and work.
They make it technically possible, but that is still an untenable work situation for human beings.
I moved my archives into Gmail and not only do I no longer have to put all that time into it, but I'm quite confident that my email is more secure than I could make it.
Fair enough. I'm not going to make a case that GMail's security isn't good (excluding the scanning for advertising, which is an enormous issue for me). I am forced to use it at work, since the company I work for uses GMail, but I otherwise avoid it not for security reasons, but because I object to the tracking (and don't trust Google on a more fundamental level).
I haven't played Alpha Centauri in a very long time. Now I want to play it again. Thanks for destroying all of my free time for the next several months!