I agree, a house husband/wife/partner should have some type of financial trust just in case everything goes south (considering 60-80% of relationships fail that's to be expected).
That's what the divorce settlement and alimony is supposed to be for. At least, I assume that if I divorced my wife, she'd get half of what I own, plus I'd pay alimony for at least a few years.
It appears that the PRISM program was tapping lines between Google data centers. Google responded by encrypting all of that data.
Google's leadership and especially the chief legal officer has strenuously denied that Google provides any information except in response to proper legal documentation. I've seen no evidence anywhere that contradicts those statements (which, I'll note, would probably constitute a breach of Google's leadership's fiduciary duties to the shareholders, and therefore be illegal if untrue).
Freedom of speech means you are free to say what you want but it does not mean freedom from consequences when you speak.
That's complete nonsense.
By that logic, I am free to stab you to death, but I'm not free from the consequences of that action. So does that mean we have Freedom of Murder? Clearly not.
A freedom is only a freedom if it doesn't have any government-imposed consequences. We DO have freedom of speech, but that freedom is NOT unlimited. Slander and libel are prohibited. Copyright and trademark infringement are prohibited. Treason is prohibited. Child pornography is prohibited. Adult pornography is allowed, but with restrictions. I could go on and on.
Every freedom in the Bill of Rights has exceptions in corner cases, because the Bill is a statement of general principles (yes, even the part that says "shall not be infringed"... it's a core right, but it also has exceptions, like all the rest).
KitKat was a marketing tie-in with Nestle. To do Nerds they would need to do another tie-in with Nestle. Perhaps they (Google or Nestle) decided the ROI wasn't there.
The rumor I've heard is that the tie-in with Nestle was complicated and imposed too many constraints on the software release process, making it unattractive to repeat it. Not because Nestle was bad about it, just the nature of collaboration between two very different sorts of companies.
Rather than combing through data, they would look through design documents and talk to employees. The misinformation campaign necessary to conceal it would be large-scale. Someone would leak it. *Especially* at Google, which has lots and lots of employees with rather strong viewpoints on such things. I'd certainly blow the whistle if I saw anything like that.
Try clicking on "other google activity", and then location history. It's incredibly accurate. I can see where I walked around 2 years ago and made wrong turns and walked back.
I think it's awesome. My Google Maps timeline goes back to early 2010 when I got my first smartphone (an iPhone4). It's spotty from then until September 21, 2011, when I got my first Android phone (I turned on location history immediately). The iPhone-provided data is spotty, but still very useful. It was only provided when I was using the Google Maps app, but that means it at least contains a record of all of my travels to other cities, states and countries -- in 2010, I traveled to Santiago, Chile; Los Angeles, CA; San Diego, CA; Chicago, IL; Rosemont, IL; Seattle, WA; and Raleigh, NC.
From September 21, 2011 to the present, I have a complete record of everywhere I've gone, down to the minute. There are probably a few exceptions where I left my phone home or something, but they're few. Since May 2014, I've also been looking at my timeline every few weeks and correcting locations. Maps guesses at where you are based on GPS coordinates, but if there are, say, many buildings in close proximity it can't know for sure. You can also label particular locations that are of special interest to you, such as "so-and-so's home".
The result is that I have a detailed history of everywhere I've gone, and therefore pretty much everything I've done, for the last five years, without the effort of keeping a diary. A diary would be better, certainly, but it's way more effort than I've ever been willing to put in.
I've used that data for all sorts of things, from geotagging photos, to figuring out exactly when I went on vacation, to making sure I've submitted expenses for all of my business trips. I think it's great.
Of course, I have all of this data because Google has all of this data. I'm okay with that, but YMMV.
I see the annoyance, though that's the web site's decision. I don't see the vulnerability. If you install this sort of malware, there are all sorts of things it can do and such redirects don't make things worse. If you don't, then there's no vulnerability.
Hah. Good point, yeah. Time for me to get off my butt and actually get 2-factor going.
It's pretty painless, especially with the Authenticator app. SMS works, too, but if you're somewhere that you don't have cell coverage it can be problematic. Authenticator works on or off-line. I also recommend setting up a couple of different options: maybe use Authenticator as your primary and SMS for a backup (and maybe even add your wife's phone as another backup), and/or print out some codes to keep in your wallet.
Hrm. That paragraph makes it sound complicated. It's really not.
So, what if I don't mind being tracked by Google, but I just don't want this webpage available for anyone out there to access (ie if my password gets compromised)? I can't see a way to opt out of the availability of the data without deleting the data.
Secure your account well. Use a good password and turn on two-factor authentication.
Also, you may want to use the "Send Feedback" link and suggest that there should be an option to turn this off. I'm not sure how it would work, though, since there would clearly also need to be a way to turn it on. What would prevent someone who compromised your account from doing that?
If you believe that Google would willingly stop collecting any data about you on your request, well, you're more naive than I thought.
Remember that Google is subject to an FTC consent decree from the Buzz privacy investigation. As a result of that, they're regularly audited by the FTC, and if the FTC were to find that Google were not acting in accord with public privacy-related statements Google would be in big trouble. Even if the FTC's fine were trivial (which I don't think it would be), you can bet the EU would pile on a much bigger one. And the damage to Google's brand would be incredible.
Believe what you like, but the reality is that Google would have to be dumber than a box of rocks to lie. There's way too much at stake.
(Disclaimer/disclosure: I'm a Google employee, but I'm speaking only for myself.)
Also, I should mention that there are some powerful techniques for effectively sandboxing native code as well, when/if instant apps can use native code. NaCl's history of safely sandboxing x86 code has been outstanding.
That all sounds really good but sandboxes can be broken
Sure, they can, but putting code into them that tries to break out of the Sandbox will get caught by the Play store review systems. Oh, I suspect that we'll occasionally see a clever 0day that can do it and sneak by the review systems, just as there are occasional apps that can break out of the sandbox and obtain root. Such techniques are quickly understood and apps that use them removed from the Play store. In the case of instant apps, there are some additional levers of control: the sandbox can be updated whenever problems are discovered, and sandbox updates can potentially even remove or restrict APIs.
where did you get "Google will be vetting them more closely"
I work with the people who do the vetting.
and will they be vetting them so closely after many updates?
I expect that will depend on how many vulnerabilities are found and how much abuse occurs. It's certainly safe to assume that instant apps will always be at least as safe as the Play store in general... and that's quite safe.
Fundamentally the fact remains that going to a web page will download some executable code onto your device without consent or explicit installation action.
Like, say, Javascript?
How difficult that is to secure depends on what the sandbox allows the code to do. How quickly you can update the sandbox to remove discovered vulnerabilities is also very important.
Allow apps from unknown sources should always be off, unless you know what you are doing. Period. That should stop this
And when app fragments are downloaded and installed automatically over web pages as the latest version of Android does?
Not just the latest version of Android. "Instant apps" will be available on every platform version from 4.1 up.
However, instant apps can *only* be downloaded from the Play store -- there is no equivalent of "allow untrusted sources". They'll run inside a sandbox which is part of Google Play services, so it can be updated at any time if any abuse is detected -- including the ability to remove APIs, disable specific abused instant apps, or even shut the whole system off if needed. In addition, Google will be vetting them even more closely than normal Play apps.
The airframes can't take 8G either. You take a modern fighter jet fresh off the assembly line, put it through several 8G turns, and you've just drastically shortened the service life. High G turns create a huge amount of stress on the metal and if you keep making them, the wings will crack and fall off just like a WWI biplane.
So you can stuff that "pilot can't take it" line, it's partially true but not really why they don't allow fighter planes to go above 4-5G unless it's wartime.
But you only need to bend up a few planes to get the AI thoroughly trained on the limits of the design. After that, the only time the AI does the high-gee maneuvers is when it's in a dogfight -- and if you're in a dogfight, shortening the service life of the aircraft is a complete non-issue.
Do you realise that modern military aircraft *already* identify targets on radar and through the HUD, and present them to the pilot as such? The onboard avionics already highlight to the pilot the ideal point at which to shoot (literally, on the F/A-18 the box on the HUD turns from a square to a diamond and presents the word "SHOOT" underneath it).
Onboard avionics targeting systems are already advanced beyond the state which you think they lack.
True, but the best pilots know to shut the electronic aids off, close their eyes and let themselves be guided by The Force. Let's see an AI do that.
I agree, a house husband/wife/partner should have some type of financial trust just in case everything goes south (considering 60-80% of relationships fail that's to be expected).
That's what the divorce settlement and alimony is supposed to be for. At least, I assume that if I divorced my wife, she'd get half of what I own, plus I'd pay alimony for at least a few years.
It appears that the PRISM program was tapping lines between Google data centers. Google responded by encrypting all of that data.
Google's leadership and especially the chief legal officer has strenuously denied that Google provides any information except in response to proper legal documentation. I've seen no evidence anywhere that contradicts those statements (which, I'll note, would probably constitute a breach of Google's leadership's fiduciary duties to the shareholders, and therefore be illegal if untrue).
Freedom of speech means you are free to say what you want but it does not mean freedom from consequences when you speak.
That's complete nonsense.
By that logic, I am free to stab you to death, but I'm not free from the consequences of that action. So does that mean we have Freedom of Murder? Clearly not.
A freedom is only a freedom if it doesn't have any government-imposed consequences. We DO have freedom of speech, but that freedom is NOT unlimited. Slander and libel are prohibited. Copyright and trademark infringement are prohibited. Treason is prohibited. Child pornography is prohibited. Adult pornography is allowed, but with restrictions. I could go on and on.
Every freedom in the Bill of Rights has exceptions in corner cases, because the Bill is a statement of general principles (yes, even the part that says "shall not be infringed"... it's a core right, but it also has exceptions, like all the rest).
KitKat was a marketing tie-in with Nestle. To do Nerds they would need to do another tie-in with Nestle. Perhaps they (Google or Nestle) decided the ROI wasn't there.
The rumor I've heard is that the tie-in with Nestle was complicated and imposed too many constraints on the software release process, making it unattractive to repeat it. Not because Nestle was bad about it, just the nature of collaboration between two very different sorts of companies.
I"m sure an NSA employee can confirm you are required to give them the info before you start filtering what is collected.
I'm sure they could not, because Google doesn't give information to the NSA.
Rather than combing through data, they would look through design documents and talk to employees. The misinformation campaign necessary to conceal it would be large-scale. Someone would leak it. *Especially* at Google, which has lots and lots of employees with rather strong viewpoints on such things. I'd certainly blow the whistle if I saw anything like that.
That's how hyperlinks and Android intents work.
Try clicking on "other google activity", and then location history. It's incredibly accurate. I can see where I walked around 2 years ago and made wrong turns and walked back.
I think it's awesome. My Google Maps timeline goes back to early 2010 when I got my first smartphone (an iPhone4). It's spotty from then until September 21, 2011, when I got my first Android phone (I turned on location history immediately). The iPhone-provided data is spotty, but still very useful. It was only provided when I was using the Google Maps app, but that means it at least contains a record of all of my travels to other cities, states and countries -- in 2010, I traveled to Santiago, Chile; Los Angeles, CA; San Diego, CA; Chicago, IL; Rosemont, IL; Seattle, WA; and Raleigh, NC.
From September 21, 2011 to the present, I have a complete record of everywhere I've gone, down to the minute. There are probably a few exceptions where I left my phone home or something, but they're few. Since May 2014, I've also been looking at my timeline every few weeks and correcting locations. Maps guesses at where you are based on GPS coordinates, but if there are, say, many buildings in close proximity it can't know for sure. You can also label particular locations that are of special interest to you, such as "so-and-so's home".
The result is that I have a detailed history of everywhere I've gone, and therefore pretty much everything I've done, for the last five years, without the effort of keeping a diary. A diary would be better, certainly, but it's way more effort than I've ever been willing to put in.
I've used that data for all sorts of things, from geotagging photos, to figuring out exactly when I went on vacation, to making sure I've submitted expenses for all of my business trips. I think it's great.
Of course, I have all of this data because Google has all of this data. I'm okay with that, but YMMV.
Are you implying that the FTC are granted access and go through EVERYTHING that google has?
They have carte blanche.
I see the annoyance, though that's the web site's decision. I don't see the vulnerability. If you install this sort of malware, there are all sorts of things it can do and such redirects don't make things worse. If you don't, then there's no vulnerability.
Hah. Good point, yeah. Time for me to get off my butt and actually get 2-factor going.
It's pretty painless, especially with the Authenticator app. SMS works, too, but if you're somewhere that you don't have cell coverage it can be problematic. Authenticator works on or off-line. I also recommend setting up a couple of different options: maybe use Authenticator as your primary and SMS for a backup (and maybe even add your wife's phone as another backup), and/or print out some codes to keep in your wallet.
Hrm. That paragraph makes it sound complicated. It's really not.
I figured :-)
So, what if I don't mind being tracked by Google, but I just don't want this webpage available for anyone out there to access (ie if my password gets compromised)? I can't see a way to opt out of the availability of the data without deleting the data.
Secure your account well. Use a good password and turn on two-factor authentication.
Also, you may want to use the "Send Feedback" link and suggest that there should be an option to turn this off. I'm not sure how it would work, though, since there would clearly also need to be a way to turn it on. What would prevent someone who compromised your account from doing that?
If you believe that Google would willingly stop collecting any data about you on your request, well, you're more naive than I thought.
Remember that Google is subject to an FTC consent decree from the Buzz privacy investigation. As a result of that, they're regularly audited by the FTC, and if the FTC were to find that Google were not acting in accord with public privacy-related statements Google would be in big trouble. Even if the FTC's fine were trivial (which I don't think it would be), you can bet the EU would pile on a much bigger one. And the damage to Google's brand would be incredible.
Believe what you like, but the reality is that Google would have to be dumber than a box of rocks to lie. There's way too much at stake.
(Disclaimer/disclosure: I'm a Google employee, but I'm speaking only for myself.)
https://slashdot.org/comments....
The link to the ad controls in the summary is broken. The correct target is https://www.google.com/setting...
Yep. You should look at those links. Or if you want quantitative measurements, check out http://static.googleuserconten...
Also, I should mention that there are some powerful techniques for effectively sandboxing native code as well, when/if instant apps can use native code. NaCl's history of safely sandboxing x86 code has been outstanding.
http://static.googleusercontent.com/media/research.google.com/en//pubs/archive/34913.pdf
Instant apps aren't native code.
That all sounds really good but sandboxes can be broken
Sure, they can, but putting code into them that tries to break out of the Sandbox will get caught by the Play store review systems. Oh, I suspect that we'll occasionally see a clever 0day that can do it and sneak by the review systems, just as there are occasional apps that can break out of the sandbox and obtain root. Such techniques are quickly understood and apps that use them removed from the Play store. In the case of instant apps, there are some additional levers of control: the sandbox can be updated whenever problems are discovered, and sandbox updates can potentially even remove or restrict APIs.
where did you get "Google will be vetting them more closely"
I work with the people who do the vetting.
and will they be vetting them so closely after many updates?
I expect that will depend on how many vulnerabilities are found and how much abuse occurs. It's certainly safe to assume that instant apps will always be at least as safe as the Play store in general... and that's quite safe.
Fundamentally the fact remains that going to a web page will download some executable code onto your device without consent or explicit installation action.
Like, say, Javascript?
How difficult that is to secure depends on what the sandbox allows the code to do. How quickly you can update the sandbox to remove discovered vulnerabilities is also very important.
https://developer.android.com/...
Allow apps from unknown sources should always be off, unless you know what you are doing. Period. That should stop this
And when app fragments are downloaded and installed automatically over web pages as the latest version of Android does?
Not just the latest version of Android. "Instant apps" will be available on every platform version from 4.1 up.
However, instant apps can *only* be downloaded from the Play store -- there is no equivalent of "allow untrusted sources". They'll run inside a sandbox which is part of Google Play services, so it can be updated at any time if any abuse is detected -- including the ability to remove APIs, disable specific abused instant apps, or even shut the whole system off if needed. In addition, Google will be vetting them even more closely than normal Play apps.
The airframes can't take 8G either. You take a modern fighter jet fresh off the assembly line, put it through several 8G turns, and you've just drastically shortened the service life. High G turns create a huge amount of stress on the metal and if you keep making them, the wings will crack and fall off just like a WWI biplane.
So you can stuff that "pilot can't take it" line, it's partially true but not really why they don't allow fighter planes to go above 4-5G unless it's wartime.
But you only need to bend up a few planes to get the AI thoroughly trained on the limits of the design. After that, the only time the AI does the high-gee maneuvers is when it's in a dogfight -- and if you're in a dogfight, shortening the service life of the aircraft is a complete non-issue.
Do you realise that modern military aircraft *already* identify targets on radar and through the HUD, and present them to the pilot as such? The onboard avionics already highlight to the pilot the ideal point at which to shoot (literally, on the F/A-18 the box on the HUD turns from a square to a diamond and presents the word "SHOOT" underneath it).
Onboard avionics targeting systems are already advanced beyond the state which you think they lack.
True, but the best pilots know to shut the electronic aids off, close their eyes and let themselves be guided by The Force. Let's see an AI do that.
So, no practical impact, just a principle. Okay.