The trouble is that you still kind of have to pick one. Google is like a dog that chases that rats and raccoons out of the yard. The dog doesn't scare off the vermin because it cares whether the raccoons get into the bird feeder or spread trash all over the driveway, it does it because it's a dog and that's what dogs do.
But you still have to make a decision as to whether you want to feed the dog and try to keep it around so that your yard stays free of vermin. And that seems like a pretty obvious decision, even if the dog leaves the occasional advertisement on your doorstep.
Yes, but it seems the MPAA are trying to get a ruling that would put the legitimacy in question.
Which is why we need to fight them, obviously. Because YouTube is useful to us, as people. Making it go away would be very bad for us, as people.
I mean what the hell is this "OMFG Google is evil because their interests align with ours and so they aren't helping us out of charity!" Who cares? They're helping us, aren't they? Don't look a gift horse in the mouth.
And when they aggregate that information and sell it to a background checking company who manages to establish a near-monopoly that flags you as a high-risk employee because a photo that's identified as you that you can't get taken down includes a gun and a liter of vodka?
You know that new privacy policy they have that everyone has been complaining about? It says they can't do anything like that.
There's still the compulsory licensing option. Not a great option, but it works around your argument.
You're ignoring the part where it doesn't exist. If not, please name the compulsory licensing body for motion pictures so that I can start a Netflix competitor that has 100% of all copyrighted content legally.
Because this is the current angle the MPAA is attacking competitors from. And we all know the MPAA won't be satisfied until every site has either shut down or been bought by their members.
Yeah. Have you seen the argument they're using now? It basically goes like this: Sites where the most popular material is infringing are illegal.
Now let's think this through. The MPAA owns most of the copyrights on the most popular material. Which means all they have to do is not license it, and most of the most popular material users post will be infringing. What they are actually arguing, then, is that all user-generated content sites not licensed by the MPAA are illegal. They get a veto over technological innovation because all they have to do is do nothing, and not license their stuff to the new technology, and then the site immediately becomes illegal because the users post it anyway, and the MPAA can sue and destroy the site at will.
It seems pretty obvious why that should not be the law.
The problem comes from two places: The first is the tax law. Taxes in the US favor share price appreciation over dividends, because the share price appreciation doesn't get taxed until you sell the shares (and in the meantime you collect interest on the would-be tax dollars), but the dividends get taxed immediately. It's kind of a stupid rule, but the most obvious way to fix it is to stop taxing dividends. That would have the effect of greatly increasing economic efficiency, because all the corporations that currently hoard cash and invest it in stupid nonsense like government bonds (which just encourages Uncle Sam to issue more debt) would instead give it to individual investors, who are more likely to invest in startups and things that actually help the economy. But it would have the consequence of lower taxes on "rich" investors, which is politically unpopular.
The second problem is created by the first: Because corporations are encouraged not to issue dividends by the tax laws, they can either hoard money or buy back stock, both of which result in a higher share price compared to issuing that amount in dividends. And for most corporations that aren't Apple-sized, hoarding money is in the interests of the corporation's executives, because it reduces stock price volatility (because more of the stock price is the value of its cash reserve, which is independent of the business decisions of the management and the fate of the market the company is in), and because it provides a buffer to stave off bankruptcy during hard economic times or colossal management screw ups, and because it makes the company a less attractive takeover target for larger companies that might come in and replace the management because the buyer would have to pay the value of the cash reserve in addition to the value of the company itself.
The problem is that any company that isn't in the Fortune 500 then starts accumulating cash which it can't actually issue as dividends at any point thereafter, because doing so would actually reduce (rather than merely fail to increase) the share price, and cause certain types of shareholders (especially employees with stock options) to revolt. So you get companies hoarding cash, which they can't issue as dividends, and which they don't spend, they just buy low-risk investments. It's kind of an economic fail, but again, the only particularly good way to fix it is to stop taxing dividends so that stockholders will actually want companies to pay them, and you immediately run into the "tax cut for the rich" problem.
Essentially, Apple is saying "our shares are undervalued". They have more information than the general public (hence the inefficient market comment). Apple says it is willing to buy at this low price, so th market says "time to buy".
I think it's important to point out something else here: They just have a huge pile of cash and nothing to do with it.
What they could do is issue it all as dividends, but that actually makes the share price go down. Because you start with a company that has ~$140B in cash, and you end up with a company that has the same non-cash assets but now has $120B in cash. Obviously the latter company is not worth as much money, because it doesn't have as much cash. The shareholders start with a share in a company worth $550, the company issues the dividend and the shareholders end up with a share worth $530 and $20 in cash. The cash has to come from somewhere and it comes out of the share price.
Allowing the share price to go down like will cause a lot of people to be unhappy. It's especially bad for employees who have stock options.
Doing the buyback instead has a lot of advantages, primarily as a result of leaving the share price where it is while still giving investors who want cash a way to get it without diluting their ownership stake in the company. If the company buys back 5% of its outstanding shares and you tender 5% of your holdings, you end up with cash in your pocket but no smaller percentage ownership of the company, and the employees and others who don't want the share price to go down are happy to see that it hasn't.
No one, except the spammers, that is. The spammers won't care, because they'll just open a new site under a new domain.
Opening a new site on a new domain that "suddenly" has a ton of links to it is pretty easy to detect algorithmically. You throw in a couple more things like "same IP blocks as the previous spammers" and you've got a short list of sites for immediate blacklisting.
The ones paying any attention would know about it. And the result of that would be that most of the SEO companies would go out of business and the remainder would be selling pure, unadulterated, more-harm-than-good snake oil.
It's also worth pointing out that as long as the targets are only the ones who actually used SEO in the first place, they're only getting what they deserve. Screw anybody who thinks polluting everyone else's search results is a good idea.
I'm not sure how effective that would be against what I'm describing.
The idea is that you give the SEO bastards some time to come up with their latest successful strategy for increasing the rank of a site, then you make a list of the sites that have done that, then you blacklist all of them in one shot for a long period of time. The second it comes out that people who use that tactic get blacklisted, the sites are all already blacklisted. It's a one shot deal, so you can't figure out which tactic they're going to punish you for ahead of time. The only safe play is to not do any of them.
And then at the same time as you punish the people who were doing that, you fix the algorithm so that the tactic in question doesn't work anymore -- which means you don't have to punish people for using it ever again, because it no longer works. That prevents asshats using the tactic against competitors, because the punishments for using it are over as soon as you discover they exist.
I hope this is the start of a new war by google against the SEO business, one where humans benefit by being able to find sites that are actually relevant.
I can propose a tactic that might work pretty well: Whenever Google figures out the latest spamming method the SEO people are using, make a list of all the sites that currently do that (ideally in the way that only or primarily the SEO people are doing it), and then give all those sites a long-term decrease in ranking, even if they stop doing that thing. Make it two years before you can get your site back into the higher rankings.
Soon enough everybody will realize that "get SEO" is a synonym for "get your site removed from the first page of results for the next two years" and then finding methods of fooling the Googlebot in the short-term won't matter anymore because no one will be willing to attempt it if they can get slapped with a long-term penalty.
If I understand your point correctly it's that Google as an institution has an incentive to prevent ad blocking and so forth, which is "supported by what evidence there is," and that therefore we should ascribe that intent to the actions of its individual software engineers without any further evidence.
What I'm pointing out is that that doesn't make a lot of sense: They don't uniformly behave as though that is their goal, and in the instances where their actions are consistent with that theory (which, naturally, are the only ones you hear Microsoft publicizing), it doesn't make a lot of sense to infer causation rather than merely correlation based on nothing more than speculation about motivation.
Taking a random page off of Autosport.com (a site I currently have open), gives me a Twitter button which redirects to a sign in page when clicked, a LinkedIn button which redirects when clicked, a Facebook button which redirects when clicked, and indeed a Google +1 button which, surprise surprise, redirects anyway because I'm logged into a Google+ account which is not my own (business account) and requests permission to continue.
Those are somewhat different species of buttons. The third party website in those cases specifically inserted code for the buttons so that users would +1/like/whatever the website's own content, which directly benefits the website. What I'm talking about is putting the button on an ad, which only indirectly benefits the website it's actually on (by making ads more relevant/profitable), and which might be on websites that hadn't wanted or expected an ad that would spawn a new tab just for that. I could also see how the advertisers themselves would object, since you have a user who was interested enough in their ad to want to +1 it who is now distracted from actually buying the interesting thing advertised by a new tab that has them signing into Google+.
There could also be a million other reasons. Maybe they didn't even think about it, and this was the just the first implementation that came to mind. Maybe they had some internal reasons based on existing infrastructure. We're both just speculating about their motives.
My point is that when you have a competitor playing Cardinal Richelieu it doesn't make any sense to ascribe ulterior motives to ambiguous conduct, because there is no possible way to operate a large corporation such that no one will ever do anything that can't be painted in a bad light by assuming without evidence that their motives are impure.
Then I guess I don't really buy it. I mean Chrome and Safari are both based on Webkit, which was mostly not created by Google. (It was originally KDE and then Apple played a big role.) By the time Google entered the scene most of the major architectural decisions had already been made and implemented, so if anybody designed it in a way that makes plugins that block javascript harder, it was KDE or Apple.
Likewise this thing with the cookies: I mean think about it. If it was this huge top down conspiracy then why is one department submitting a patch that prevents the work around the other department is allegedly being bad for using? The whole thing smells like standard issue human imperfection rather than some grand evil master plan.
And what's so bad about putting the Plus 1 button on the page regardless?
They wanted you to be able to +1 ads if you like them. I kind of doubt the third party websites would be happy to see a redirect from their website to the Google+ sign in page in the event someone is not signed in.
The entire way in which they did this screams "we want to track you", despite your protestations to the contrary. No one needs to provide evidence that there is an actual database behind it, the implementation they went out of their way to use specifically allows for it when they don't need to do it that way at all.
You keep assuming that they "went out of their way" to do this somehow. More likely chain of events is that they designed it to use cookies in the first place, then someone realized it wasn't working properly on Safari and implemented a work around. Submitting a form is far, far, far less work than figuring out how to make the whole thing to not use cookies, adding a redirect to the sign in page and otherwise redesigning the UX.
The difference is that in the Microsoft case they actually had some, you know, evidence. The Halloween memos and so forth. So what I'm saying is, do you have any evidence, or is it just a conspiracy theory?
You seem to be under the mistaken impression that "real journalists" do not exist on the internet. More and more that is the only place they exist. To some extent they are still employed by newspapers, but newspapers have almost universally begun posting all their stories on the internet.
I might except that some "real journalism" still happens on radio (mostly NPR), but NPR is also on the internet.
Also, this:
most of the "news" [] is just rehashes of news stories done by real journalists.
I mean what do you think the Associated Press is all about?
if you watch the liberal news and then watch FOX you can usually figure the truth is nowhere in the vicinity of either of them.
FTFY.
TV news is totally useless. The only "news" worth watching on television is The Daily Show, and only then because they serve as such an excellent reminder of why you should never watch any of the other ones.
So if I submit a patch and they don't jump to it fast enough to suit me i can then pwn them consequence free?
To be perfectly honest I do think that computer hacking laws are totally redundant and should all be repealed. If you don't secure your system, blackhats in Russia and China (and Americans with identity-concealing botnets) are going to pwn you anyway, so it doesn't really matter whether you can prosecute the stupid ones in America because you need good security in any event and once you have it then the law is useless. All the law does is allow overzealous prosecutors to harass people, many of which are really being prosecuted for political reasons. (See: Dimitry Sklyarov, Lori Drew, etc.)
But that's really beside the point, because the thing in question is not a security vulnerability. I made the comparison above to spam filtering: You don't prosecute the operator of a mailing list that users have signed up for when they take measures to avoid being flagged by a spam filter.
they guy took a job at MSFT nobody would read it anyway
And for good reason.
The man makes a couple of points, but it reads like propaganda -- and the most effective propaganda has a kernel of truth. Because it's a lot easier to make a mountain out of a mole hill than to convince people that white is black. But it's still a mole hill, not a mountain.
the whole mood at google changed after FB showed up and started cutting into their business, suddenly all the cool engineering stuff was dropped unless it had the magical word "social" attached and it went from "How can we make this cool thing?" to "How can we monetize this and/or tie this in with our social schema".
The thing is, Google isn't just tilting at windmills with social. They make their money from search. They have the best search engine. Even the asshats who are always running around spamming for duckduckgo admit that half the time they have to switch back to Google because Google is better. But to have the best search engine, you have to be able to search the stuff people want to see. And a very large part of the content people want to see these days is on social networks.
The problem for Google is that Facebook is closed. They can't index the stuff your friends are posting because Facebook won't let them, or won't let them without charging an amount that consumes the large majority of the value Google gets out of being able to index those posts. They need the web to be open if they want to be able to keep making money searching it, which is a huge problem if Facebook becomes the new web.
The thing is, you're making this assumption that this is going to be a permanent new fixation for them. But really it stops once they win. And they don't even have to win win -- Google doesn't have to monetize social in the same way that Facebook does. I'm not even sure they've realized this yet, but they can win in exactly the same way that the web won over AOL. They can be completely, entirely open. The consequence of that is to let third parties capture a significant chunk of the value of the network, but it makes the network bigger. It's the same way that Android is taking over the smartphone space. And winning that way is stable because instead of having a single, monolithic vested interest in the status quo who can be defeated if stupid or lazy, you have a million small and medium sized companies who benefit from an open network and will fight against any new middle man that comes in and tries to eat their lunch. The amount of work it takes to knock out an intrenched open standard is huge.
Like I said, I'm not sure Google has even realized that yet. For example, I hear a lot of people complaining that the Google+ API is read only. They probably ought to fix that. They probably also ought to put some work behind promoting Google+ as the commenting system for third party websites the way Facebook has been doing and that so
Uhm, it is tracking because Google, by virtue of accessing that cookie, gets to know you visited that website - they get passed the unique cookie associated with your account and they also get the referrer ID of the website. Tracking.
You're collapsing "can" and "do" when they aren't the same thing. The cookie could be used to track you, if every time you visit a website they record it in a database somewhere, but has anyone provided any evidence that they were intentionally doing that?
If they didn't explicitly want to track you, they could implement a completely cookieless implementation of their Plus 1 button which only associates you with your account when you actually click it. But they didn't, because they want the info regardless of whether you clicked or not.
Except that they would need to read your cookie to know if you're signed into Google+ to know whether to put the +1 there at all.
As for whether it's a grey area, if Google submitted a patch to end this behaviour as you say, presumably they thought the behaviour was wrong. Otherwise, why did they submit the patch?
It's a pretty obvious false negatives vs. false positives trade off. There are a ton of legitimate uses for third party cookies, so over-blocking them breaks a lot of stuff. But they also get used by ad networks to track people between websites, which can be undesirable. The problem is that the dividing line between first and third party cookies is very blurry (e.g. is fbcdn.net 'third party' when you're on facebook.com?) and even trying to make the distinction is somewhat questionable. So you draw a line and everybody, both the providers of legitimate features and the ad network trackers, try to come in on the 'not blocked' side. Which is good when done to provide features and bad when done to track users. Then the browser vendors realize what happened and try to tighten things up against the tracking, hopefully in a way that makes it harder to track without breaking useful social network features etc.
You can think of it like spam filtering. Imagine you have a company that makes a spam filter and operates a mailing list. Messages with certain characteristics get blocked by the spam filter. Both the evil spammers and the good mailing lists adjust their messages so that they don't get blocked, and the company consequently updates the spam filter to try to keep blocking the spam. At this point you want to haul the mailing list operator into court for taking measures to make sure their legitimate, user-requested messages don't get flagged as spam by the spam filter? Why?
Slashdot Mirror
Both extremes are wrong
The trouble is that you still kind of have to pick one. Google is like a dog that chases that rats and raccoons out of the yard. The dog doesn't scare off the vermin because it cares whether the raccoons get into the bird feeder or spread trash all over the driveway, it does it because it's a dog and that's what dogs do.
But you still have to make a decision as to whether you want to feed the dog and try to keep it around so that your yard stays free of vermin. And that seems like a pretty obvious decision, even if the dog leaves the occasional advertisement on your doorstep.
Yes, but it seems the MPAA are trying to get a ruling that would put the legitimacy in question.
Which is why we need to fight them, obviously. Because YouTube is useful to us, as people. Making it go away would be very bad for us, as people.
I mean what the hell is this "OMFG Google is evil because their interests align with ours and so they aren't helping us out of charity!" Who cares? They're helping us, aren't they? Don't look a gift horse in the mouth.
And when they aggregate that information and sell it to a background checking company who manages to establish a near-monopoly that flags you as a high-risk employee because a photo that's identified as you that you can't get taken down includes a gun and a liter of vodka?
You know that new privacy policy they have that everyone has been complaining about? It says they can't do anything like that.
There's still the compulsory licensing option. Not a great option, but it works around your argument.
You're ignoring the part where it doesn't exist. If not, please name the compulsory licensing body for motion pictures so that I can start a Netflix competitor that has 100% of all copyrighted content legally.
Because this is the current angle the MPAA is attacking competitors from. And we all know the MPAA won't be satisfied until every site has either shut down or been bought by their members.
Yeah. Have you seen the argument they're using now? It basically goes like this: Sites where the most popular material is infringing are illegal.
Now let's think this through. The MPAA owns most of the copyrights on the most popular material. Which means all they have to do is not license it, and most of the most popular material users post will be infringing. What they are actually arguing, then, is that all user-generated content sites not licensed by the MPAA are illegal. They get a veto over technological innovation because all they have to do is do nothing, and not license their stuff to the new technology, and then the site immediately becomes illegal because the users post it anyway, and the MPAA can sue and destroy the site at will.
It seems pretty obvious why that should not be the law.
The problem comes from two places: The first is the tax law. Taxes in the US favor share price appreciation over dividends, because the share price appreciation doesn't get taxed until you sell the shares (and in the meantime you collect interest on the would-be tax dollars), but the dividends get taxed immediately. It's kind of a stupid rule, but the most obvious way to fix it is to stop taxing dividends. That would have the effect of greatly increasing economic efficiency, because all the corporations that currently hoard cash and invest it in stupid nonsense like government bonds (which just encourages Uncle Sam to issue more debt) would instead give it to individual investors, who are more likely to invest in startups and things that actually help the economy. But it would have the consequence of lower taxes on "rich" investors, which is politically unpopular.
The second problem is created by the first: Because corporations are encouraged not to issue dividends by the tax laws, they can either hoard money or buy back stock, both of which result in a higher share price compared to issuing that amount in dividends. And for most corporations that aren't Apple-sized, hoarding money is in the interests of the corporation's executives, because it reduces stock price volatility (because more of the stock price is the value of its cash reserve, which is independent of the business decisions of the management and the fate of the market the company is in), and because it provides a buffer to stave off bankruptcy during hard economic times or colossal management screw ups, and because it makes the company a less attractive takeover target for larger companies that might come in and replace the management because the buyer would have to pay the value of the cash reserve in addition to the value of the company itself.
The problem is that any company that isn't in the Fortune 500 then starts accumulating cash which it can't actually issue as dividends at any point thereafter, because doing so would actually reduce (rather than merely fail to increase) the share price, and cause certain types of shareholders (especially employees with stock options) to revolt. So you get companies hoarding cash, which they can't issue as dividends, and which they don't spend, they just buy low-risk investments. It's kind of an economic fail, but again, the only particularly good way to fix it is to stop taxing dividends so that stockholders will actually want companies to pay them, and you immediately run into the "tax cut for the rich" problem.
Essentially, Apple is saying "our shares are undervalued". They have more information than the general public (hence the inefficient market comment). Apple says it is willing to buy at this low price, so th market says "time to buy".
I think it's important to point out something else here: They just have a huge pile of cash and nothing to do with it.
What they could do is issue it all as dividends, but that actually makes the share price go down. Because you start with a company that has ~$140B in cash, and you end up with a company that has the same non-cash assets but now has $120B in cash. Obviously the latter company is not worth as much money, because it doesn't have as much cash. The shareholders start with a share in a company worth $550, the company issues the dividend and the shareholders end up with a share worth $530 and $20 in cash. The cash has to come from somewhere and it comes out of the share price.
Allowing the share price to go down like will cause a lot of people to be unhappy. It's especially bad for employees who have stock options.
Doing the buyback instead has a lot of advantages, primarily as a result of leaving the share price where it is while still giving investors who want cash a way to get it without diluting their ownership stake in the company. If the company buys back 5% of its outstanding shares and you tender 5% of your holdings, you end up with cash in your pocket but no smaller percentage ownership of the company, and the employees and others who don't want the share price to go down are happy to see that it hasn't.
No one, except the spammers, that is. The spammers won't care, because they'll just open a new site under a new domain.
Opening a new site on a new domain that "suddenly" has a ton of links to it is pretty easy to detect algorithmically. You throw in a couple more things like "same IP blocks as the previous spammers" and you've got a short list of sites for immediate blacklisting.
The ones paying any attention would know about it. And the result of that would be that most of the SEO companies would go out of business and the remainder would be selling pure, unadulterated, more-harm-than-good snake oil.
It's also worth pointing out that as long as the targets are only the ones who actually used SEO in the first place, they're only getting what they deserve. Screw anybody who thinks polluting everyone else's search results is a good idea.
I'm not sure how effective that would be against what I'm describing.
The idea is that you give the SEO bastards some time to come up with their latest successful strategy for increasing the rank of a site, then you make a list of the sites that have done that, then you blacklist all of them in one shot for a long period of time. The second it comes out that people who use that tactic get blacklisted, the sites are all already blacklisted. It's a one shot deal, so you can't figure out which tactic they're going to punish you for ahead of time. The only safe play is to not do any of them.
And then at the same time as you punish the people who were doing that, you fix the algorithm so that the tactic in question doesn't work anymore -- which means you don't have to punish people for using it ever again, because it no longer works. That prevents asshats using the tactic against competitors, because the punishments for using it are over as soon as you discover they exist.
I hope this is the start of a new war by google against the SEO business, one where humans benefit by being able to find sites that are actually relevant.
I can propose a tactic that might work pretty well: Whenever Google figures out the latest spamming method the SEO people are using, make a list of all the sites that currently do that (ideally in the way that only or primarily the SEO people are doing it), and then give all those sites a long-term decrease in ranking, even if they stop doing that thing. Make it two years before you can get your site back into the higher rankings.
Soon enough everybody will realize that "get SEO" is a synonym for "get your site removed from the first page of results for the next two years" and then finding methods of fooling the Googlebot in the short-term won't matter anymore because no one will be willing to attempt it if they can get slapped with a long-term penalty.
If I understand your point correctly it's that Google as an institution has an incentive to prevent ad blocking and so forth, which is "supported by what evidence there is," and that therefore we should ascribe that intent to the actions of its individual software engineers without any further evidence.
What I'm pointing out is that that doesn't make a lot of sense: They don't uniformly behave as though that is their goal, and in the instances where their actions are consistent with that theory (which, naturally, are the only ones you hear Microsoft publicizing), it doesn't make a lot of sense to infer causation rather than merely correlation based on nothing more than speculation about motivation.
Taking a random page off of Autosport.com (a site I currently have open), gives me a Twitter button which redirects to a sign in page when clicked, a LinkedIn button which redirects when clicked, a Facebook button which redirects when clicked, and indeed a Google +1 button which, surprise surprise, redirects anyway because I'm logged into a Google+ account which is not my own (business account) and requests permission to continue.
Those are somewhat different species of buttons. The third party website in those cases specifically inserted code for the buttons so that users would +1/like/whatever the website's own content, which directly benefits the website. What I'm talking about is putting the button on an ad, which only indirectly benefits the website it's actually on (by making ads more relevant/profitable), and which might be on websites that hadn't wanted or expected an ad that would spawn a new tab just for that. I could also see how the advertisers themselves would object, since you have a user who was interested enough in their ad to want to +1 it who is now distracted from actually buying the interesting thing advertised by a new tab that has them signing into Google+.
There could also be a million other reasons. Maybe they didn't even think about it, and this was the just the first implementation that came to mind. Maybe they had some internal reasons based on existing infrastructure. We're both just speculating about their motives.
My point is that when you have a competitor playing Cardinal Richelieu it doesn't make any sense to ascribe ulterior motives to ambiguous conduct, because there is no possible way to operate a large corporation such that no one will ever do anything that can't be painted in a bad light by assuming without evidence that their motives are impure.
Then I guess I don't really buy it. I mean Chrome and Safari are both based on Webkit, which was mostly not created by Google. (It was originally KDE and then Apple played a big role.) By the time Google entered the scene most of the major architectural decisions had already been made and implemented, so if anybody designed it in a way that makes plugins that block javascript harder, it was KDE or Apple.
Likewise this thing with the cookies: I mean think about it. If it was this huge top down conspiracy then why is one department submitting a patch that prevents the work around the other department is allegedly being bad for using? The whole thing smells like standard issue human imperfection rather than some grand evil master plan.
And what's so bad about putting the Plus 1 button on the page regardless?
They wanted you to be able to +1 ads if you like them. I kind of doubt the third party websites would be happy to see a redirect from their website to the Google+ sign in page in the event someone is not signed in.
The entire way in which they did this screams "we want to track you", despite your protestations to the contrary. No one needs to provide evidence that there is an actual database behind it, the implementation they went out of their way to use specifically allows for it when they don't need to do it that way at all.
You keep assuming that they "went out of their way" to do this somehow. More likely chain of events is that they designed it to use cookies in the first place, then someone realized it wasn't working properly on Safari and implemented a work around. Submitting a form is far, far, far less work than figuring out how to make the whole thing to not use cookies, adding a redirect to the sign in page and otherwise redesigning the UX.
The difference is that in the Microsoft case they actually had some, you know, evidence. The Halloween memos and so forth. So what I'm saying is, do you have any evidence, or is it just a conspiracy theory?
That sounds suspiciously like a conspiracy theory.
You seem to be under the mistaken impression that "real journalists" do not exist on the internet. More and more that is the only place they exist. To some extent they are still employed by newspapers, but newspapers have almost universally begun posting all their stories on the internet.
I might except that some "real journalism" still happens on radio (mostly NPR), but NPR is also on the internet.
Also, this:
most of the "news" [] is just rehashes of news stories done by real journalists.
I mean what do you think the Associated Press is all about?
Is this the sort of thing you're looking for, or do you want something else?
if you watch the liberal news and then watch FOX you can usually figure the truth is nowhere in the vicinity of either of them.
FTFY.
TV news is totally useless. The only "news" worth watching on television is The Daily Show, and only then because they serve as such an excellent reminder of why you should never watch any of the other ones.
Real news comes from the internet.
Google was quite explicitly abusing this vulnerability, and they got caught after signing something that suggested they would never do it.
So says Microsoft. But why would anyone ever believe anything Microsoft says about a competitor?
So if I submit a patch and they don't jump to it fast enough to suit me i can then pwn them consequence free?
To be perfectly honest I do think that computer hacking laws are totally redundant and should all be repealed. If you don't secure your system, blackhats in Russia and China (and Americans with identity-concealing botnets) are going to pwn you anyway, so it doesn't really matter whether you can prosecute the stupid ones in America because you need good security in any event and once you have it then the law is useless. All the law does is allow overzealous prosecutors to harass people, many of which are really being prosecuted for political reasons. (See: Dimitry Sklyarov, Lori Drew, etc.)
But that's really beside the point, because the thing in question is not a security vulnerability. I made the comparison above to spam filtering: You don't prosecute the operator of a mailing list that users have signed up for when they take measures to avoid being flagged by a spam filter.
they guy took a job at MSFT nobody would read it anyway
And for good reason.
The man makes a couple of points, but it reads like propaganda -- and the most effective propaganda has a kernel of truth. Because it's a lot easier to make a mountain out of a mole hill than to convince people that white is black. But it's still a mole hill, not a mountain.
the whole mood at google changed after FB showed up and started cutting into their business, suddenly all the cool engineering stuff was dropped unless it had the magical word "social" attached and it went from "How can we make this cool thing?" to "How can we monetize this and/or tie this in with our social schema".
The thing is, Google isn't just tilting at windmills with social. They make their money from search. They have the best search engine. Even the asshats who are always running around spamming for duckduckgo admit that half the time they have to switch back to Google because Google is better. But to have the best search engine, you have to be able to search the stuff people want to see. And a very large part of the content people want to see these days is on social networks.
The problem for Google is that Facebook is closed. They can't index the stuff your friends are posting because Facebook won't let them, or won't let them without charging an amount that consumes the large majority of the value Google gets out of being able to index those posts. They need the web to be open if they want to be able to keep making money searching it, which is a huge problem if Facebook becomes the new web.
The thing is, you're making this assumption that this is going to be a permanent new fixation for them. But really it stops once they win. And they don't even have to win win -- Google doesn't have to monetize social in the same way that Facebook does. I'm not even sure they've realized this yet, but they can win in exactly the same way that the web won over AOL. They can be completely, entirely open. The consequence of that is to let third parties capture a significant chunk of the value of the network, but it makes the network bigger. It's the same way that Android is taking over the smartphone space. And winning that way is stable because instead of having a single, monolithic vested interest in the status quo who can be defeated if stupid or lazy, you have a million small and medium sized companies who benefit from an open network and will fight against any new middle man that comes in and tries to eat their lunch. The amount of work it takes to knock out an intrenched open standard is huge.
Like I said, I'm not sure Google has even realized that yet. For example, I hear a lot of people complaining that the Google+ API is read only. They probably ought to fix that. They probably also ought to put some work behind promoting Google+ as the commenting system for third party websites the way Facebook has been doing and that so
And...? What does that have to do with Microsoft lobbying the government to harass Google about ambiguous cookie settings?
Uhm, it is tracking because Google, by virtue of accessing that cookie, gets to know you visited that website - they get passed the unique cookie associated with your account and they also get the referrer ID of the website. Tracking.
You're collapsing "can" and "do" when they aren't the same thing. The cookie could be used to track you, if every time you visit a website they record it in a database somewhere, but has anyone provided any evidence that they were intentionally doing that?
If they didn't explicitly want to track you, they could implement a completely cookieless implementation of their Plus 1 button which only associates you with your account when you actually click it. But they didn't, because they want the info regardless of whether you clicked or not.
Except that they would need to read your cookie to know if you're signed into Google+ to know whether to put the +1 there at all.
As for whether it's a grey area, if Google submitted a patch to end this behaviour as you say, presumably they thought the behaviour was wrong. Otherwise, why did they submit the patch?
It's a pretty obvious false negatives vs. false positives trade off. There are a ton of legitimate uses for third party cookies, so over-blocking them breaks a lot of stuff. But they also get used by ad networks to track people between websites, which can be undesirable. The problem is that the dividing line between first and third party cookies is very blurry (e.g. is fbcdn.net 'third party' when you're on facebook.com?) and even trying to make the distinction is somewhat questionable. So you draw a line and everybody, both the providers of legitimate features and the ad network trackers, try to come in on the 'not blocked' side. Which is good when done to provide features and bad when done to track users. Then the browser vendors realize what happened and try to tighten things up against the tracking, hopefully in a way that makes it harder to track without breaking useful social network features etc.
You can think of it like spam filtering. Imagine you have a company that makes a spam filter and operates a mailing list. Messages with certain characteristics get blocked by the spam filter. Both the evil spammers and the good mailing lists adjust their messages so that they don't get blocked, and the company consequently updates the spam filter to try to keep blocking the spam. At this point you want to haul the mailing list operator into court for taking measures to make sure their legitimate, user-requested messages don't get flagged as spam by the spam filter? Why?