Unlurker

Privacy doesn't mean anything anymore, anonymity does (servury.com)

I would much rather have privacy with e2e encryption than have anonymity. The way that works is a direct connection between two parties without use of a central server, like webRTC.

Maybe ironically - just going on the title because I can't read the rest as a result - it's behind a cloudflare gate.

What scares me is that the more privacy oriented you are, the easier you are to fingerprint. At what point does privacy mean blending in with the crowd and not sticking out?

You're thinking about browser fingerprinting (client-side), but my post is about service-level anonymity (server-side). Browser fingerprinting: "Your unique combination of extensions/settings makes you identifiable among other users." Service anonymity: "There are no other users to compare you against because we don't collect identifying data." When you sign up with just a random 32-char string, there's nothing to fingerprint. No email to correlate. No IP logs to analyze. No usage patterns to build a profile from. Fingerprinting matters when services collect behavioral data. We architected our way out of having that data to begin with.

>When you sign up with just a random 32-char string... There's STILL a browser fingerprint, IP logs to analyze, usage patterns to build a profile from. You may claim you don't collect it, but users need to take your word for it. This is just pseudonymity, which (as many BTC users found out) only gets you halfway there. Real anonymity is way harder, often impossible. Don't get me wrong, it's good to see organisations that care about privacy and in fact this blog post encouraged me to consider your services in the future. We have some use cases for that at work. Though by using cloudflare you're NOT putting your money where your mouth is.

Charles Proxy (charlesproxy.com)

I loved Charles, I used it for many years. It only stopped when an update changed the UI in ways that were confusing, and also the chrome network tab really did everything I need in terms of inspecting requests / responses.

I once used Charles Proxy to change all the game configs for Candy Crush Saga on my phone back in 2013 by intercepting and replacing the API requests - I made all the puzzles have 1-2 colors and infinite powerups. I guess they didn't care much about the security because I ended up spending way more time in the game

Never learnt the use of this tool. The certificate configuration tripped my head during my work. This gives brain damage because it doesn't make sense. Why to check network payload when you are sure the data was sent. -frontend developer

I feel obliged to mention Fiddler. The tool I loved almost 20 years back and felt like it came from future. IIRC it was/is more powerful than Charles. Fiddler was Windows only but at one time they had builds for other platforms in works. Sadly they got acquired which changed their roadmap, and I had also moved on from Windows. https://www.telerik.com/fiddler

This. I tell people tales of that beautiful tool. have you found anything for a MacOS? My hunt so far has been futile.

https://proxyman.com/

How come a reverse-proxy, better than the network tab in dev tools ?

You can do more, e.g., changing the status code

I don't have elaborate needs and have used Charles for many years. A few years ago I switched to https://proxyman.com and found it easier to use.

Pretty nice. Does it work for Xcode simulators? I use Charles extensively (I am using it for the development I’m doing right now), and it needs to work on simulators. Cost isn’t an issue for me. Fitness to purpose is important. I won’t cripple my development capacity, in order to save $50.

It does. I find the UI better and setting it up easier too

Yes, Proxyman has great sim integration, including the ability to filter by apps within the sim. It's a far better macOS app than Charles, and I've never found it to be lacking a feature I used in Charles.

Cool. I appreciate the tip. I’ll give it a go. Thanks!

Looks much better, thanks for that tip

Android introduces $2-4 install fee and 10–20% cut for US external content links (support.google.com)

To me the only surprise is that anyone went for the whole "yeah it's open source, honest" all these years ago. You don't invest millions and billions when you're Google only to give up the control and financial interest.

Is it too much to hope for some fin-syn restoration? And not just for TV, but for all digital content. Make it, or distribute it, but never both.

99% of consumers don’t give a shit. Find something better to do with all that effort. Holy shit. Leave Google alone, unironically.

I can't believe we got to the point people are throwing random tantrums to defend Google without even using arguments.

Well in hindsight, that „Don’t be evil“ turned out to be such a blatant in-your-face lie shouldn’t come as a surprise when dealing with Epstein vicinity enjoyers.

Google attempting to claim any percentage of revenue from an external transaction will never happen. I believe the current situation with the App Store is that Apple has been barred by US courts from attempting to charge a fee similar to this; though they still do in the EU. USG antitrust, especially in the current admin, hates Google, far more than Apple; this structure will never survive being challenged. Charging a reasonable fee for the installation of an app can be, IMO, a fair and reasonably cost-correlative way for app store providers to be compensated for what few services they do provide application developers. That's within an order of magnitude of how much bandwidth would cost, if they were paying market cloud rates, and certainly there are other services rendered, like search indexing. I would emphasize to the people at Google, however, that your customers bought the phone, which came with the operating system, and thus ethically the core technology your application developers depend on has already been paid for. In Google's case, this happens through Samsung/etc's Android licensing; a relationship which landed them on the wrong side of antitrust lawsuits in the US quicker than Apple's racket did. They dip further by charging developers a direct fee to publish on their stores ($100/year for Apple, $25/one time for Google). Attempting to triple-dip by "reflecting the value provided by Android and Play and support our continued investments across Android and Play" convinces exactly no one of your benign intent; not your investors, nor the US Government, nor consumers, nor developers. The only person who may be convinced that any of this makes any sense is some nameless VP somewhere in some nameless org at your mothership, who can pat themselves on the back and say "at least its legal's problem now". Its possible no one at all in this business unit remembers what the words "produce value" even mean, let alone have the remote understanding of what it takes to do so. Exactly everyone who has ever interacted with it know this; your CEO certainly knows this, given how much investment he's made into AI and not into the Play Store. Continuing to cause so many global legal problems, for such an unpromising, growth-stunted business unit, is not generally a good recipe for keeping your job or saving your people from layoffs.

Your statement here is incorrect, or rather out of date. The courts have reaffirmed that they may charge a fee for external payment processors. > I believe the current situation with the App Store is that Apple has been barred by US courts from attempting to charge a fee similar to this;

Wasn't Apple just slapped down for exactly this in court, for the second time? They're really both going to fight this to the bitter end kicking and screaming like toddlers, aren't they. https://www.courthousenews.com/ninth-circuit-confirms-contempt-finding-against-apple-in-epic-games-battle/

I would suggest reading the ruling and not the headline. The ruling specifically states that Apple can charge a fee , just not the fee they had previously chosen of standard rates minus 3%. It may very well be that googles pricing structure fits in the realm of what the courts deem as fair.

The fact that this is being introduced after the whole Epic/Apple thing clearly shows that the penalties in that case were not nearly severe enough and the standards set were not nearly stringent enough. The mere attempt to engage in policies like this should result in fines in the hundreds of billions.

I’d also point out in the same observation that they knew better than to try this in Europe and that their strategy of trying to hold large tech companies accountable seems to be working (with the minor caveat that it’s now official US defence policy to try and break up the European Union and US trade policy is extremely focused on the idea that nobody is ever allowed to fine a US company for breaking the law)

I am morbidly curious about how far the attempt to destroy the USA will be allowed to proceed before even the Republican party has decided that it is probably enough. So far they have exceeded my wildest (and worst) expectations. Unfortunately I can't get myself and those I care about off this planet (no, thank you, Elon) and we all will most likely lose a lot, possibly life and limb on account of this.

The apparent information gathering and brutal review process is unbelievable here. If I'm understanding this correctly, the requirement is that eg Epic Game Store must register and upload every single APK for every app they offer, and cannot offer it in their store until Google approves it, which may take a week or more - including every time the app updates. Meanwhile they get full competitive insight into which apps are being added to Epics store, their download rates apparently, and they even get the APKs to boot, potentially making it easier for those app devs to onboard if they like, and can pressure them to do so by dragging their feet on that review process. > Provide direct, publicly accessible customer support to end users through readily accessible communication channels. This is an interesting requirement. I want to see someone provide the same level of support that Google does to see if it draws a ban.

I want to see what the EU anti-trust organization will make of this.

Isn't this limited to the US?

Yes, but you can bet that if they succeed with this in the US they will try something similar in the EU. They're constantly testing the waters.

From just this page it's rather unclear what triggers this... if an fdroid app that does not use any Play libraries has a purchaseable thing on another site, is that in scope? Do they need to add Play libraries to track it, or be smacked? If yes, it'd certainly explain their "developer verification" effort, as it's a way to enforce rent extraction.

This is only for apps distributed on the Google play store. It has no bearing on fdroid.

> The following fees apply when a user completes [...] any app installs within 24 hours of following an external content link So does this mean a malicious competitor or motivated disgruntled user could fraudulently cause millions of app installs? With the scale smartphone activity fraud farms are at these days, paying a few thousand dollars on such a service to cause a developer to spend a few million dollars on worthless installs (or a lot of resources arguing with Google) seems like a worthwhile endeavour for the motivated.

A malicous competitor could also click on their competitors ads too. Antifraud is important.

The extortionists are at it again

Feel free to not take up their offer. You aren't being extorted to use this.

I’m very curious how Tim Sweeney will react to this. This is very much not the victory lap he was hoping to take (nor are the Apple rulings) 1. I think uptake of third party stores is quite low and there’s a strong incentive to stay available on the primary store 2. The App Store model has very much been that the paid apps are subsidizing the free ones. So it’s somewhat fair to charge for using the infrastructure, if you’re not contributing into the pot (and are siphoning away from it) 3. Those per install costs are brutal. I was thinking they’d do a dollar , but at almost $4, they’re outside what most people would spend. This is a strong way to keep F2P games from instituting external payment processing.

Even a dollar would be too much.

>they’re outside what most people would spend Free mobile games work via whales subsidizing free users. It may be more than the median user, but it's less than the average spend per user.

> I’m very curious how Tim Sweeney will react to this. “Epic has indicated that it opposes the service fees that Google announced it may implement in the future and that Epic will challenge these fees if they come into effect.” https://www.theverge.com/news/848540/google-app-fees-external-link-downloads-alternative-payments

I’m sure they’ll oppose it but I’m not sure what footing they’d have if this doesn’t fall under googles collusion case, seeing as it’s for everyone in the same boat.

You can install your own APK already. It's only slightly inconvenient. But apparently that's inconvenient enough to get zero business.

[delayed]

People keep making the comparison between the Apple App Store or the Google Play store and the XBox store or the Fortnite store. But these are likely irrelevant comparisons. For one thing, the degree of monopolization simply doesn’t exist. Gaming is a market. There are many gaming platforms that are extremely popular. Xbox, PS, Nintendo, Steam, and then just open distribution on PCs which essentially means there is no lock in in this industry. And unlike the “web app” comparison folks try to make, open distribution can easily leverage the same capabilities as the store distributed games can (and in fact, they are more capable than games from some stores, like the Windows store). But more importantly, gaming isn’t an essential part of life, which is basically what smartphones, dominated entirely by iOS/Android, have become at this point. People depend on these platforms. There are businesses you cannot interact with if not through your phone. There are public transportation systems that are almost unusable. And finally, maybe this is just me, but I think the idea that general purpose computing is the same as playing video games just strikes me as wrong. General purpose computing, which is what phones are, are basic infrastructure for modern life. They should be treated differently and we shoudoht allow 2 companies to monopolize and/or embargo them like Apple/Google are trying.

>the degree of monopolization simply doesn’t exist Yes, it does. Your only options are like Fornite, Roblox, or Minecraft. Saying make your own game, is like saying make your own phone. There is tremendous value in the gigantic userbases these platforms have. This value is why platform holders can charge for access to them.

It's really too bad that essential public services can't be hosted on the web so that you could use them on any platform - smartphone, laptop, tablet, whatever - and would have an alternative to Apple and Google's game stores. Basic apps don't need fancy 3D graphics (and even if they did we have webGL etc.)

Apple’s 20 year campaign to intentionally undermine and artificially cripple the web platform has a lot to answer for here.

There is no single organisation that has done more to push the mobile web forward than Apple. Seriously, name one. Nobody gave a shit about the mobile web until Apple launched the iPhone, where one of its main selling points was a “desktop-class web browser”, where Steve Jobs told announced that if they wanted to run apps on the iPhone, they should be web apps. Then suddenly everybody started demanding “iPhone-compatible websites” overnight. Nobody was asking for “mobile websites”, which until that point were shitty WAP/WML things, or – in the best case – cut back m.example.com microsites. People wanted “iPhone-compatible websites”. And then all the other phone vendors used Apple’s open-source WebKit code (open-source thanks to KDE, useful on mobile thanks to Apple) to release their own browsers, and the mobile web took off like a rocket because suddenly it was useful because people could use real websites. And let’s not forget Steve Jobs telling people to avoid Flash and use open web standards instead. There is a very clear before/after with the mobile web, and it’s the launch of the iPhone and all the work Apple put into making WebKit work well on mobile that provided that watershed moment. Apple were championing the web in the time period you claim they were “intentionally undermining and artificially crippling it”. Now, you may be underwhelmed by their performance in more recent years, but it’s simply factually untrue that they have had a 20 year campaign to undermine the web.

They're not even serving the file. That cost is born by the external provider. The four dollars is for providing the platform that the user used to navigate to the link and download the zip file. That's a fun bit of argument from the owners of Chrome.

I’m not sure what you’re referring to here. Google are the file distributor for content from their store. These rules aren’t for linking out from the store to a third party site, but rather for installing an app from the store and then linking out to a third party payment.