Related
This is a continuation of this thread: http://forum.xda-developers.com/showthread.php?t=567870, which covered cracking the original "basic" copy protection of Marketplace.
---
I have now cracked the "advanced" copy protection used by Marketplace. As you may know, this is a "better" protection than the original "CAB copy protection" Marketplace offered. This "advanced" protection uses license keys that are verified when you run the application, and given out and controlled by Microsoft.
Several developers are annoyed that Microsoft does not allow us to use our own licensing schemes, and are forced to use "no protection" (the original CAB copy protection) or use Microsoft's scheme which is essentially a single point of failure for all Marketplace protected apps.
This new "advanced" protection was released today by Microsoft, and as far as I know no app available already uses it at the time of this writing.
So I got the code snippets you are supposed to put in your app and it was simply jawdroppingly WTF. While it was not exactly easy to beat, it took me less than two hours to devise a "generic" hack, without modifying any files on the device. (Well hey, at least it's better than the 5 minutes it took for the "basic" protection, right?)
A "generic" hack? Yes, by this I mean that this single hack (actually, running an EXE in the background) will completely bypass the entire code snippet provided by Microsoft that is supposed to check and validate your license code, for all Marketplace apps that use this "advanced" protection.
I will not publish the code that performs this hack, so don't ask. My goal is not to crack Marketplace apps, my goal is to get MS off their ass and allow us to use our own licensing systems, like the good little resellers they're supposed to be. I will tell you that it has to do with runtime patching the crypto API, but that's it. All in all, I don't think it will take long for the warez people to duplicate this hack.
---
Some further reasoning about anti-piracy, solutions, etc can be found in post 13 on page 2.
if there are no apps that use it yet, how do u know your hack works?
Because the Marketplace portal provides code ("code snippet") you have to compile in your EXE, and that takes care of the whole licensing thing.
So you look at that source, spot the weak points, devise a hack. Then compile a program using said "code snippet" and try the hack on it.
If developers simply copy/paste the snippet they are given by the Marketplace portal, this hack will work.
Chainfire said:
This is a continuation of this thread: http://forum.xda-developers.com/showthread.php?t=567870, which covered cracking the original "basic" copy protection of Marketplace.
---
I have now cracked the "advanced" copy protection used by Marketplace. As you may know, this is a "better" protection than the original "CAB copy protection" Marketplace offered. This "advanced" protection uses license keys that are verified when you run the application, and given out and controlled by Microsoft.
Several developers are annoyed that Microsoft does not allow us to use our own licensing schemes, and are forced to use "no protection" (the original CAB copy protection) or use Microsoft's scheme which is essentially a single point of failure for all Marketplace protected apps.
This new "advanced" protection was released today by Microsoft, and as far as I know no app available already uses it at the time of this writing.
So I got the code snippets you are supposed to put in your app and it was simply jawdroppingly WTF. While it was not exactly easy to beat, it took me less than two hours to devise a "generic" hack, without modifying any files on the device. (Well hey, at least it's better than the 5 minutes it took for the "basic" protection, right?)
A "generic" hack? Yes, by this I mean that this single hack (actually, running an EXE in the background) will completely bypass the entire code snippet provided by Microsoft that is supposed to check and validate your license code, for all Marketplace apps that use this "advanced" protection.
I will not publish the code that performs this hack, so don't ask. My goal is not to crack Marketplace apps, my goal is to get MS off their ass and allow us to use our own licensing systems, like the good little resellers they're supposed to be. I will tell you that it has to do with runtime patching the crypto API, but that's it. All in all, I don't think it will take long for the warez people to duplicate this hack.
Click to expand...
Click to collapse
amen
hallelujah
hit me now
YEAH
have given the issue some press : http://www.1800pocketpc.com/2009/11/13/marketplace-advanced-copy-protection-cracked-in-less-than-2-hours.html
anti-piracy protection is intended to stop ordinary users from transferring cabs between devices and it is successful at that. there is no protection that will stop apps from being pirated, certainly not for handheld devices. the new advanced protection is adequate and any further techniques are redundant and a waste of time, because no matter how 'strong' they are, they WILL be cracked.
Slightly if not totally off-topic: A mainstream consumer's view
mnet said:
anti-piracy protection is intended to stop ordinary users from transferring cabs between devices and it is successful at that. there is no protection that will stop apps from being pirated, certainly not for handheld devices. the new advanced protection is adequate and any further techniques are redundant and a waste of time, because no matter how 'strong' they are, they WILL be cracked.
Click to expand...
Click to collapse
I agree with you and your premise. Now a quick story.
I consider myself a mainstream consumer... but I have been a member of XDA for, what, i think 4 years, using 2 WM phones, first the T-Mobile MDA, then the Wing (HTC Herald), and I am about to switch to Android with the HTC Hero. I am reasonably savvy about tech, just not a coder. But I've done all the hard SPL, flashing ROMS, using beta software, and supporting developers here with pretty significant donations. I am also a User Experience / Usability designer for web as a profession. THAT'S MY BACKGROUND.
To date, my experience buying WM apps has been universally AWFUL. Whether it was, just recently, Resco Picture Viewer from PocketGear, or WM Defrag from Wizcode, or PocketPlayer from Conduits. I am more than happy to buy excellent software that works, and has a decent UI. But in each case, the process of buying the app and getting it onto my phone has been absurd, and frustrating beyond belief. Each provider makes all sorts of assumptions -- often wrong -- including "you must be downloading this from a PC, so we will download for you an executable that runs on a desktop PC then installs via active sync onto your device."
Whatever the percentage is, doesn't matter: A lot of people, like me, download all my cab files, and purchase apps, on my Mac... and either email myself the .cab file or .zip files, or place my microSD card from my phone into a USB reader. Thus, what a frikkin headache to end up getting PocketPlayer on my phone... but because i didn't download it from a Windows PC, I was screwed.
This stuff is archaic. This past week it has taken 5 days to get Resco Picture Viewer on my phone after purchasing from PocketGear.com . They have a completely retarded transactional process, a terrible UI, broken software in terms of user recognition and resetting username and password, and a completely phone-UNFRIENDLY site, with most sub-level menus not even accessible from browsers like Opera Mobile, Netfront, Iris ... They are dumbass pull downs using god knows what -- flash or javascript, whatever. But fact is: a simple navigation process to access the products on the phone itself can't even be achieved by these clowns -- yet everyone is in overdrive now trying to get their version of "THE" WindowsMobile app store online, while Microsoft stumbles.
The fact is: I would LIKE to see a uniform transaction process which is designed professionally, and supports great usability design, and once I buy the app, quit making me go through absurd backflips just to get access to the cab file. Stop requiring me to use a Windows PC. And stop all the "special OUR way" authentication processes. Because if they were so good, there wouldn't be the kind of problems I have described. I'll even grant anyone who wants to -- to say "well you're just a dumb**** user who doesn't understand their particular process"... I'll grant you that, and my answer would be:
If you plan to sell a lot of apps -- ie, make money via VOLUME transactions vs pricey apps -- a la iphone -- then it makes a hell of a lot of sense to make a uniform system of delivery if you're buying it through an app store, and for god's sake, cut the crap and figure it out. It's not so hard to send an authentication code via email or text message. But it's exactly WRONG to be having 1000 developers using 1000 special "our way" authentication processes, because the odds of 1000 app developers having a great, simple, effective UI and safe authentication system that prevents priacy of their app is pretty low, based on the experiences I have had to date with MAINSTREAM products for WM.
That's my view. But I see a whole lot of clumsiness from the Windows Mobile side of the fence pertaining to this whole new way of monetizing apps. There's a reason apple succeeds in that department -- even with their bloated catalog and draconian approval processes. They understand how to deliver products to consumers -- vs repelling them from a dumbass process, no matter how good that process may be in theory.
quicksite said:
I agree with you and your premise. Now a quick story.
I consider myself a mainstream consumer... but I have been a member of XDA for, what, i think 4 years, using 2 WM phones, first the T-Mobile MDA, then the Wing (HTC Herald), and I am about to switch to Android with the HTC Hero. I am reasonably savvy about tech, just not a coder. But I've done all the hard SPL, flashing ROMS, using beta software, and supporting developers here with pretty significant donations. I am also a User Experience / Usability designer for web as a profession. THAT'S MY BACKGROUND.
To date, my experience buying WM apps has been universally AWFUL. Whether it was, just recently, Resco Picture Viewer from PocketGear, or WM Defrag from Wizcode, or PocketPlayer from Conduits. I am more than happy to buy excellent software that works, and has a decent UI. But in each case, the process of buying the app and getting it onto my phone has been absurd, and frustrating beyond belief. Each provider makes all sorts of assumptions -- often wrong -- including "you must be downloading this from a PC, so we will download for you an executable that runs on a desktop PC then installs via active sync onto your device."
Whatever the percentage is, doesn't matter: A lot of people, like me, download all my cab files, and purchase apps, on my Mac... and either email myself the .cab file or .zip files, or place my microSD card from my phone into a USB reader. Thus, what a frikkin headache to end up getting PocketPlayer on my phone... but because i didn't download it from a Windows PC, I was screwed.
This stuff is archaic. This past week it has taken 5 days to get Resco Picture Viewer on my phone after purchasing from PocketGear.com . They have a completely retarded transactional process, a terrible UI, broken software in terms of user recognition and resetting username and password, and a completely phone-UNFRIENDLY site, with most sub-level menus not even accessible from browsers like Opera Mobile, Netfront, Iris ... They are dumbass pull downs using god knows what -- flash or javascript, whatever. But fact is: a simple navigation process to access the products on the phone itself can't even be achieved by these clowns -- yet everyone is in overdrive now trying to get their version of "THE" WindowsMobile app store online, while Microsoft stumbles.
The fact is: I would LIKE to see a uniform transaction process which is designed professionally, and supports great usability design, and once I buy the app, quit making me go through absurd backflips just to get access to the cab file. Stop requiring me to use a Windows PC. And stop all the "special OUR way" authentication processes. Because if they were so good, there wouldn't be the kind of problems I have described. I'll even grant anyone who wants to -- to say "well you're just a dumb**** user who doesn't understand their particular process"... I'll grant you that, and my answer would be:
If you plan to sell a lot of apps -- ie, make money via VOLUME transactions vs pricey apps -- a la iphone -- then it makes a hell of a lot of sense to make a uniform system of delivery if you're buying it through an app store, and for god's sake, cut the crap and figure it out. It's not so hard to send an authentication code via email or text message. But it's exactly WRONG to be having 1000 developers using 1000 special "our way" authentication processes, because the odds of 1000 app developers having a great, simple, effective UI and safe authentication system that prevents priacy of their app is pretty low, based on the experiences I have had to date with MAINSTREAM products for WM.
That's my view. But I see a whole lot of clumsiness from the Windows Mobile side of the fence pertaining to this whole new way of monetizing apps. There's a reason apple succeeds in that department -- even with their bloated catalog and draconian approval processes. They understand how to deliver products to consumers -- vs repelling them from a dumbass process, no matter how good that process may be in theory.
Click to expand...
Click to collapse
Couldn't agree more!
I'll add one more reason I wrap my head in ductape every time I download/install an app.
Think it's bad with every developer having their own authentication method? How about when each developer has a DIFFERENT authentication scheme for every app they make?
I like a rant - thanks for doing it for me as I agree with you 100%.
The top of my annoyance list (which you did include) are sites selling mobile software which are NOT mobile browser friendly, WTF is that all about?
Big Up, I still don't think anyone else would have done it in two hours.
Hey you warned them didn't you.
Haha Chainfire is there anything you cant do?
More in the Dutch press:
http://tweakers.net/nieuws/63713/nederlander-kraakt-nieuwe-beveiliging-windows-marketplace.html
While I do appreciate the "rant", I think you're missing my point - or perhaps I just don't agree. (Edit: that is in response to this post http://forum.xda-developers.com/showpost.php?p=4936479&postcount=7)
When I say "use our own licensing schemes", I do not mean codes sent back and forth through websites, screen you have to type stuff in etc. This is exactly not needed because Marketplace is also the delivery mechanism. In other words, the license code can be installed by Marketplace directly without the user ever seeing or hearing about it.
This is partly how the new system works, actually. However, if Microsoft supported license codes you give them things would be more secure (though granted, for a large part by obscurity).
Some authors will not care and simply not use it all, for example with the cheap apps it may not be worth their while. Others may wish to track license key usage, so that if suddenly 10.000 users start using the same key instead of the 1 who bought it, that key can be disabled, etc. Some may want the app to call home, some will not. Imagine that developers that do employ such anti-piracy measures will write their own verification / communication code, this beats the single point of failure we currently have. The crackers are back to having to crack each app independently and even then have a much lower chance of success.
Marketplace is the perfect opportunity to implement such a system that does provide some piracy security for the authors while for once it does not unnecessarily annoy the user.
To make the obligatory bad car analogy that fails in many ways, take you car keys. Everyone thinks it's normal to have a car key, so people can't just take your car. Of course, in line with some of the arguments against anti-piracy measures, car keys aren't really that useful, as there's always a brick - the universal key, and a car thief that really wants your car will get it. (You also lock the doors on your house, right?)
Now, the current situation is pretty much that everyone has the same car key. How useful is a car key in that situation? They way I see it (and I'm sure I'm not alone in that), is more like the actual car key situation. Some car keys are laser etched, or have something RFID-like in them and a receive in the car, or simply use different shapes, etc. That's a lot more useful than everyone having the same car key.
Sure, no matter what you do, eventually things will get cracked and it is a cat and mouse game. One of the reasons this is easily doable is because of the open nature and the very few restrictions of Windows Mobile. This is a good thing. No developer in their right mind would want to get to a restrictive system like is the case on the iPhone or other mobile OS's. That is not the point. That doesn't mean anti-piracy measures are useless though, far from it. The longer you can keep a release from being warez'd, the less you lose.
There are two arguments I hear coming back in various places by various people:
(1) If the normal users can't just copy it, then that is enough (even MS says this)
(2) Piracy works as advertising, you get more eventual sales, etc. etc
Both of these, are from my own experience, completely untrue. The thing is if one person cracks it, it usually spreads on those warez sites pretty quickly.
The big thing here is, the average user is apparently tech-savvy enough to search the warez sites first before buying, and that is just how it is:
We have played the game with that one warez site, monitoring sales when (apparent) cracks were listed and when they weren't (they do remove releases on request). This made a 30-50% difference in sales (with the number being highest during the weekends, and lowest during weekdays). For me that is enough data to know that both (1) and (2) are complete nonsense in the case of mobile apps. No matter all the pretty reasons and perhaps seemingly logical reasons you may come up with for (1) and (2), the numbers don't lie.
So, how would you like to get a 30-50% paycut? It's not like us developers are getting rich here, you know. Can we be blamed for trying to prevent this?
Now, here we have the chance to implement a system that is completely transparent for the user and can be made reasonably safe (and updatable), an obvious win-win situation for everyone involved except the warez people. Why exactly shouldn't we be aiming for this?
What is also painfully apparent here, as Microsoft themselves claim reason (1), that they have no idea what they are talking about.
i am no programmer so excuse my ignorance but doesnt everything eventually get cracked. Is there any mobile platform which hasnt a non cracked market place or sites where you can download paid apps for free?
Well done Chainfire
Hello Chainfire,
I am the webmaster of the Tamoggemon Content network, and just covered you:
http://tamsppc.tamoggemon.com/2009/11/13/advanced-marketplace-drm-broken/
http://tamswms.tamoggemon.com/2009/11/13/advanced-marketplace-drm-broken/
Furthermore, an email went out to MSFT asking for a statement. but this is not the reason why I registered here (!!!) - I am instead here to vent a bit being a Symbian dev myself.
While I fully understand your frustration, I think that allowing every developer to run his own DRM is not gonna do the store good. The reason is that the store was made to make purchasing apps simple - and by allowing everyone to run his own DRM I dont see much of a venue to do this anymore.
Whenever some kind of backend gets involved, there is a single point of failure - the only trhing I can think off now would be a very complet system based on servers.
Or, of course, platform security like on S60. But trust me - we wont want that!
Thanks! However, if you read my other post carefully you'd see it wouldn't make any difference to the ease of using the store (it wouldn't make any difference for the user at all), just to a part of the backend. And of course, each DRM system has a single point of failure, but the difference is in my case there is a point of failure per app, while in the current case it's a single point of failure for everything. There is no perfect solution, but there are better solutions than the current one.
I've been contacted by a handful of big WM devs by now who are of somewhat the same opinion.
microsoft.... when it comes to security, they are clueless as usual.
only apple is worse.
I find they windows-7 VPN and "encryption" funny , is there anybody that would trust it ? - even if it was not for the backdoors ?
Just wondering, is anyone else having problems accessing the windows marketplace from the phone? I was able to download a couple of apps yesterday after I installed a custom ROM (TPC Pro Series V3.2), but today I get a message saying there is an update, it installs the update but then I get the following message:
"Windows Marketplace for Mobile cannot connect right now. Try again later."
Is this because of the custom ROM and the latest update to the marketplace, or is this something other people are experiencing?
Remember the days when purchased mp3s were DRM protected and some companies like Sony even put rootkits on music CDs? Did that stop piracy?
Hopefully Microsoft will not repeat these mistakes... There is no need for any further 'protection' for marketplace apps. If a developer isn't satisfied with this mechanism then he/she doesn't have to publish their apps on the marketplace. There's no point in having a centralized app store if every developer uses his/her own licensing scheme.
So a while ago, I decided I would get into java, for the purpose of building a personal assistant/concierge type of app, but after a few days of learning, Siri was released - an app for the iPhone which does everything I was thinking of doing, and they stated that they had the goal of releasing for other OSs (Android, BB, WM) so I quickly abandoned that idea, my decision based on the fact that I, an amateur and a real novice, could not create an app that was nearly as robust, and that it would never be able to compete with theirs.
Well as some may have read recently, Siri was bought by Apple
http://www.businessinsider.com/appl...istant-app-as-war-with-google-heats-up-2010-4
And here is their page, which can probably explain what they do better than I can
http://siri.com/about/
This has got me thinking about it again, and was wondering what people would think about this sort of app, whether it would be worth my while trying again?
Would there be any call for this, and would there be any other devs willing to lend a hand to a noob?
My knowledge of Java is limited, but I am certainly willing to learn (preferably as I go).
Thanks in advance for any feedback.
There is a small company called google which kinda does the same thing.
Please enlighten me, in what way does Google provide a service which allows people to, in plain (spoken/colloquial) english find cinema times and book them, book restaurants, order taxis, find out about events happening in the local area and generally manage your life, all from one application, rather than sifting through lists of search results yourself? Sure anyone could go to the separate websites of all the aforementioned, but might it be easier to do it from one app?
I may be wrong, and if I am then I apologise, but I have not heard of a service like this from Google.
If you have used google voice search then you would already see that it does most part of it.
Also check google IO 2010 2nd day video.
Taking a speech class and had a chance to write about the Android platform. Figured I'd share here. Enjoy and comment as you will.
I wish to start off by saying welcome to the future. A bold proclamation yes, but with such experiments and ongoing research by numerous scientists today, technological breakthroughs are vast and epic. One of the many platforms so to speak that is having phenomenal breakthroughs is in the mobile systems department. Here lays a couple companies with R&D plans that carter towards certain parties promising slick user interfaces, application channels, and a complete web experience. Couple that with feature rich phones that allow one to text, call, global positioning (GPS), and well, you have a product to sell. Google has done just that. Taking bits and pieces of everything one could ever ask for, and merging it all into its mobile operating system titled Android. Represented by a green round-headed robot figure, Android is passing its two year anniversary, and has surpassed other prominent mobile architectures like Apple’s iPhone software. But what exactly is Android? Why would one desire to chuck away their limited iPhone, or stray away from the Blackberry Enterprise lineup? One word: Open source. Couple that with the experience (the art of customizing your device), and the synchronization aspects of the device for virtually any account you have on the net, and you have a total package.
Having a total package within arm’s reach, and inside your pocket is quite a powerful tool. With Google’s Android platform, there is never a point where you can say No. Any and every idea can and could be coded into the device if you have the means to do so. Open source is the ticket. Asking yourself what this means is actually a very simple question. Open source is the definition of computer code that is freely available to anyone who wishes to find it. Google has opened up the software to all who have a spirit to create and provide applications (Apps) and programs to others. Hackers, coders, and all techy guros have created a plethora of net-libraries ranging from support groups, forums and websites to further help noobies in the process. Sounds like a lot, but in reality, the experience is quite easy going. Competitors like Apple and Blackberry have limited their system to developers by safekeeping some of its computer code. This limits creativity, as it puts restrictions and limitations as to what exactly what one can create. Add to the fact that companies like Apple also screen apps to a much higher caliber, halting smaller apps without much bang in the beginning to be choked to death. It seems as if anything is available for pleasure with Android though. If it doesn’t exist, pop into a forum and jot down a reply on a thread. If that’s not enough, I’m sure you have one friend that has already found solutions in the “Green-Guy”. There is always someone there who has the tools necessary to create it, or rather has already created it in the first place.
From forums and coders who have the know-how and tools to create a mind-blowing experience, the customization factor of Android is truly one of its largest selling points. To be quite honest, each and every android device could be considered a work of art. It’s all in how the user desires it for themselves…how deep the user wants to venture; how deep goes their rabbit? From changing backgrounds and wallpapers, to adding widgets to your home screen, the android spectrum allows one to make the phone their own, morph it into how they see fitting. But how is this different from other products? Surely other phones allow their users to alter what they see on screen. Yet I assert, the android experience is different. Almost, if not every aspect of android is customizable. Icons can be altered, the font can be changed, dates, times, anything can be tweaked. Sites like XDA, AndroidSpin, and AndroidandMe provide great reviews, heads up, and forums to browse through numerous applications, both beta and final. The options are endless, and it’s open in the air to anyone who desires a bit of change. Many new phones come preinstalled with newer software, as you might here Froyo, Éclair or Gingerbread tossed around. These are simply codenames for newer versions of software from Google. If your carrier doesn’t support the newer software, chances are a coder has already made it available for you. Convenience without a price attached!
Free in price is seemingly synonymous with freedom. Freedom to choose. Freedom to enjoy. Freedom to experience. Freedom from a stationary computer. Android is a thriving system that allows you to constantly stay on the up and up. Synchronization appears a mystery as your Facebook, Twitter, email, and numerous other accounts are integrated into the system via apps or at stock. With live widgets that monitor in real time your accounts, any and all social networks, social feeds, and business/personal accounts are updated instantly. No more carrying around a tiring laptop, or waiting to login the networks at any given campus. 3G speeds and now 4G on some carriers are making mobile devices the in crowd, as speeds are comparable to standard net speeds. As many people day are on the up and up, or rather, out and about, a mobile system that constantly allows access to ones desired feeds is grand. Couple that with ability to alter documents on the fly, listen to your favorite music (via Pandora, or from the Phones Internal Memory…think iPod), you have a complete package. It’s not just a Media Device, a Business Device, a Cell Phone, as it truly lives up to the name of Smart Phone.
For me the choice was easy. I thrive off customization, the ability to make my phone a tad different, even faster, or more efficient then what the original company did for me. But as Android ages, everything looks bright and promising. To proclaim dark clouds linger would be insanity. From its initial creation of being open-sourced, to customizing features and its ability to be versatile, Android has shattered the mobile systems realm. As it races to the top, Android allows users to update on the go, with synchronization from virtually every social feed. When people ask me about phones and what should be right for them, there is no question for me. It’s never been a question about what Android can’t do, but what Android does.
<- Laughing Out Loud.
It's full of grammar faux pas, by the way.
Still very well written *only read first paragraph* but I was impressed, not bad Also maybe a bit many commas...
BTW, shouldve been posted in the off topic section
Nice Speech. I Enjoyed reading it.
Sent from Conical. 07
the original link.....http://www.zdnet.com/blog/google/confessions-of-a-google-junkie-or-privacy-what-privacy/3553
Summary: A lot has been made of Google’s new privacy policy and terms of use. I say bring it on.
There are very few aspects of my life that don’t somehow involve Google. My phone runs on Android, my favorite tablet just got an OTA update to Ice Cream Sandwich (!!!), I use Chrome across all of my computers, I develop AdWords campaigns, I use Analytics to develop metrics for the day job and dive into SEO, I handle many of the CBS Interactive Google webcasts, I use Google Docs almost exclusively for productivity, and my wife doesn’t know where I am half the time until she checks my Google Calendar (which, in fact, aggregate two other Google Calendars).
I’m increasingly turning to Google+ as my source of relevant information and opinions, a function previously reserved for Twitter, and I’ve even dispensed with bookmarks, instead using Google Sites to organize important pages and resources.
I live, eat, breathe, work, and play Google and there aren’t many people more aware of Google’s business model and the amount of data it collects than I. So is it just sheer stupidity and naiveté that has me utterly embracing the Google ecosystem and relatively unconcerned about newly announced privacy policies that have caused so much consternation this week? Before you jump down to the talkbacks to tell me how stupid I really am, read on for another couple paragraphs.
As Larry Dignan pointed out in his post about the new policies last night,
Google noted that it already has all that data, but it’s now integrating that information across products. It’s a change in how Google will use the data not what it collects. In other words, Google already knows more about you than your wife.
From my perspective, though, I can live with Google knowing a lot about me. It knows, for example, that I’ve recently developed an obsession with the electric guitar and have been researching inexpensive models that I might just be able to justify as a birthday present to myself. It doesn’t judge, it just shows me the best deals in display ads on the three models of guitar and 2 models of amps I’ve been reading about the most. My wife isn’t aware of this obsession and her take on it would be judgmental (God love her!): “When will you have time to play guitar? And we’re supposed to be saving money! And what’s wrong with your acoustic guitar?”
Taking this a step further, as Google’s new privacy policies and terms of use do, I should expect to start seeing guitar-related apps in my suggestions in the Google Market and the Chrome Marketplace. Guitarists on Google+ should start appearing in suggested people to add to my circles and Google Reader should offer to download Guitar Player Magazine feeds for me. And, more likely than not, I’ll start seeing more guitar-related ads as well.
Google’s goal, of course, is to sell advertising. That’s about 97% of their revenue. By pulling people like me into their increasingly unified ecosystem, they can demonstrate very high click-through rates to potential advertisers and charge a premium to reach highly targeted and yet incredibly vast audiences.
They need to give me something in return
For me to buy into this, they need to give me something in return. Something to make all things Google really sticky. Like a wide array of free tools from Google Docs to Google Music to Google Voice. And cheap tools that I buy for my business like Google Apps and AdWords. Their new policies are designed to be more transparent, but also to pave the way for these tools to talk to each other better, making them even stickier through a unified experience and more relevant services.
Back to the wife comparison that Larry brought up. My wife knows that every Friday night is pizza night in our house. So does Google, since every Friday around 4:30 I pull out my Android and use Google Voice Search to find the number of whatever pizza joint we decide to patronize that week. Fine. Google, however, can actually do something more useful with that information than my wife can (”Where should I order pizza, sweetheart?” “Wherever, just not that place down the road. Or that other place. And make sure they’re having a deal!”).
Come Friday morning, the ads I see on Gmail or Google search should start being pretty pizza-heavy: Dominos, Papa Johns, and a place or two that has an active Google Offer. As I’m driving home that evening, the GPS on my phone should set off an alert when I drive past a well-reviewed pizza place (assuming I’ve set location-based preferences to alert me to destinations with at least four-star average reviews). And the minute I type a P in my mobile browser, Google Instant should leap into action and display nearby pizza places and a news story about a new place to get pizza in the next town.
We’re not quite there yet, but this is the sort of integration and experience that Google is covering in its new policies and terms of use. I know that my privacy red flags should probably be going off. Google has gigabytes of information about me and is using that information to help its advertisers sell products. That’s bad, right?
Guess what, folks? This is the semantic web
And yet, I don’t think it is. Many of the same techies who cry foul over these new policies have also been pushing for the development of the semantic web to make it easier to find what we actually need in the trillions of web pages floating around the Internet. Guess what, folks? This is the semantic web. When our search engines know what we actually mean, when data on the web automagically becomes information we can use easily and quickly, we’ve arrived.
And the semantic web can’t exist without “the web” (whatever that is) knowing a lot about us. It takes data for a computer to understand our needs and process natural language efficiently. Some of those data will necessarily be fairly personal.
Now, if I start getting spam from pizza places or calls on my Google Voice number from Dominos because Google has sold my contact information and preferences to advertisers, we have a problem and I’ll be waving my privacy flag as high as anyone else. However, when I opt in by opening a Google account and staying logged in as I surf the web, I’m not only consenting to the collection and aggregation of data about me, I’m asking that it be done so that the web and related tools can be more useful to me. This sort of data mining lets me work faster, play easier, and find the best pizza in a 20-mile radius.
For its part, Google needs to remain the trusted broker of these data. No, I don’t like the idea that our government could brand me a terrorist and seize these gigabytes of data under the Patriot Act. The alternative, though, is an ever-growing morass of web sites and tools that I get to dig through manually.
And, by the way, even if I’m not logged in to my Google account as I’m doing it, my ISP knows the sites I’ve visited, too, and could just as easily (if not more so) be compelled to turn over this information to the real Big Brother in all of this.
Far more trust in Google than the Feds
Honestly, I have far more trust in Google than I do in the Feds. Google is motivated by money: they need my trust to keep collecting those data to keep making it easier for me to buy things from Google’s paying advertisers. If that trust is broken by inappropriate sharing of data, then my eyeballs go elsewhere and so do the advertisers who target me via AdWords and AdSense. Our government has no such financial motivation. Money talks.
The fact that the speech recognition on my phone kicks ass because I use Google Voice all the time and it’s learned how I talk might be a little creepy, but it’s far more important that I can do a Google search or send a text while I’m driving without taking my eyes off the road.
Welcome to 2012, folks. The semantic web has arrived. Use it well and let’s keep Google’s new policies in perspective. And Google? Don’t be evil. I have a lot of colleagues who will be pointing, laughing, and saying I told you so if you ever are.
Nice article.
I think the key for Google's continued success is to keep the advertising passive, suggestions when you're searching etc. aren't in your face but they work.
You see a lot of people complaining that they've been searching for something online and then all of the adverts on the websites they visit contain something pertaining to that, and they grumble that it's annoying. Personally, I'd much rather see an advert to something that's relevant to me rather than a cluttered webpage of irrelevant information.
By targeting adverts and increasing their relevance to the individual, they are far more likely to be successful. This means that the revenue per advert is going to improve and websites aren't going to need to cover their website in adverts (at the cost of the user experience) to make it profitable.
Plus given the huge amount of free stuff that google gives you, it's a bit rich for somebody to complain that they're trying to get something back off you.
I too would much rather see things directly targeted towards me then just random ads. And everyone is up in arms about google recording what you do. Well i think of it this way, i'm fine with them getting to know me and my behavior and what i do, as long as they keep providing FREE products for me.
Ahh the good old "If they are going to screw me without consent, I would much rather they knew my name, stroked my hair and whispered sweet nothings into my ear while they did it."
I prefer to treat my online habbits like the strange neighbour a few doors down. Say "hi" in passing, and realise that while they probrobly know more than I would want them to from when I've invited them over for coffee and from peeking in my windows as they walk past, know that I don't actually have to put up with their $#!+ if they become too creepy.
Thats why its important there are alternitives and competition, and that we as consumers don't put our eggs all in one basket and be prepared to protest or move on if they stretch the friendship too far.
I know privacy is impossible in this day and age but that doent mean you have to lie back and take it. "because you know it means well and it does give you nice gifts once in a while"
My suggestion is cut your reliance on any one brand and spread out the load.
hungry81 said:
My suggestion is cut your reliance on any one brand and spread out the load.
Click to expand...
Click to collapse
I like the author am reliant on Google these days. I'd be happy to look at alternatives. Granted they work on the platforms I needs them to, Android 2.X and 3.2, Linux+chrome, windows XP + chrome, and windows 7 + firefox or chrome. The linux requirement cuts out a lot of things, iTunes/iCloud for example.
Have any suggestions who/where i could go for:
Music
Docs
G+
Gmail
Needs a slick webUI, and the searching ability of gmail
Calendar
I need delegation and the ability for my wife to add me to events and share calendars.
Reader
works on all my devices, and syncs between them
I would very much like my phone to know when I leave work. Now i could do this with some sort of timer, but I end up working somewhat flexible hours, and have a leaving time of anywhere within an hour and a half. I would like it to know that since I now have "buy bread, milk, and eggs" on my to-do list (thanks hun!), that it needs to remind me of that on the way home. Even better if it can just direct me to a store with a deal on one or all of those things.
I like that the first hit in Google I get for cookies is the wikipedia page for http cookies and the second is to pythons cookielib module. Where as I bet my grandmother gets, chocolate chip cookies. The ability for Google search to know that I have a particular artist in my collection, and show me the bind's page near the top of the results without me having to add "band" to my search terms.
Anyways, if and when Google starts selling my data to 3rd parties, I'll export my data and move. Google makes it fairly painless to do that.
tl;dr I'm new, I'm not a very knowledgeable developer, I have an idea that I want your opinion about.
Heyo Peoples,
I'm new and I like to think a lot about cool new stuff with mobile devices (web, software, hardware, etc). I've been thinking a lot recently about how people like to use mobile devices, and how we might use them in the near future--thinking past what's being done now, and into what comes next.
I've been wondering for a while why there isn't an existing piece of functionality on mobile devices that allows a user complete control of the device and every piece of information on it. Imagine a GUI except instead of graphics, it's like interacting with a person. (aside: first person to say Siri should be shunned like an Amish girl who went to a movie theater).
Is it outrageous to say that you should be able to pick up your phone and have it find anything, from anytime in the past that you have done with or on it? I know that would take mountains of data, but is it silly? In it's most basic form, this would just be a search feature. In it's most eloquent form it could be an operating system. Imagine being able to ask your phone what you did last Wednesday, or maybe where you were. What if it could recall emails or documents based on date, time, location where you were when you wrote it, keyword, or contact, based on verbal interaction? What if it tracked data usage by application, or allowed you to measure and optimize system performance with a verbal command (ex. "Shut down all apps except for Google Maps" or "How much data am I using per minute").
Is it too early to start wishing for an interface like that computer on Paycheck (horrible movie with Ben Afleck) or Cortana in Halo? Is this type of interface impractical or implausible?
If you were to make something like this, would it have to be a new operating system built from the ground up, or could you develop an app to do this, or could you hack Android to do it? I welcome all of your feedback.
Lots of questions, and I have very few answers.
Jujubes said:
tl;dr I'm new, I'm not a very knowledgeable developer, I have an idea that I want your opinion about.
Heyo Peoples,
I'm new and I like to think a lot about cool new stuff with mobile devices (web, software, hardware, etc). I've been thinking a lot recently about how people like to use mobile devices, and how we might use them in the near future--thinking past what's being done now, and into what comes next.
I've been wondering for a while why there isn't an existing piece of functionality on mobile devices that allows a user complete control of the device and every piece of information on it. Imagine a GUI except instead of graphics, it's like interacting with a person. (aside: first person to say Siri should be shunned like an Amish girl who went to a movie theater).
Is it outrageous to say that you should be able to pick up your phone and have it find anything, from anytime in the past that you have done with or on it? I know that would take mountains of data, but is it silly? In it's most basic form, this would just be a search feature. In it's most eloquent form it could be an operating system. Imagine being able to ask your phone what you did last Wednesday, or maybe where you were. What if it could recall emails or documents based on date, time, location where you were when you wrote it, keyword, or contact, based on verbal interaction? What if it tracked data usage by application, or allowed you to measure and optimize system performance with a verbal command (ex. "Shut down all apps except for Google Maps" or "How much data am I using per minute").
Is it too early to start wishing for an interface like that computer on Paycheck (horrible movie with Ben Afleck) or Cortana in Halo? Is this type of interface impractical or implausible?
If you were to make something like this, would it have to be a new operating system built from the ground up, or could you develop an app to do this, or could you hack Android to do it? I welcome all of your feedback.
Lots of questions, and I have very few answers.
Click to expand...
Click to collapse
This is probably not as far off as it seems. The developers of "Utter" have come along way in the right direction. You should maybe approach them with your ideas. Not all of them of course . Save some for yourself.
One problem I see is semantics. "Shut down all apps except for Google Maps" sounds good - but do you really mean ALL apps ? The line that would be walked is one where the developer must train the program to not necessarily do what they ask, but do what they WANT. It gets trickier when you realise that some people who aren't your average users might want to test things and shut down an app (in this case) that an average user would never want shut, where they might mess up their phone beyond their ability to repair if they did.
I think speech is a great tool to interact, though I'm not going to be a person to use it. I don't think speech will ever become a default unless there are other technological advances that change how we interact with the world. It's annoying enough to hear someone gabbing loudly to another human on the phone, do we really want people gabbing AT their phones as a default interface ? I think privacy is a driving factor that will keep sound from being a major interface - perhaps it could work for in home applications, but out in public people may not want to announce to the world who they are calling, what they are looking for, or what site they're logging on to, et cetera. Until there's technology to make voice and sound less "public", I don't see this being the future of phones - it's more of a nice thing to have as an "extra" for when a person is comfortable using it.
But, hey, maybe we'll get used to wearing Google Glass and talking to ourselves all the time - or we'll get in-ear buds or implants where we can choose to hear the outside world or not. Just exploring the possibilities here.
I do think it's a big "outrageous" to have infinite backup. Just take a look at how much data companies like Amazon and Facebook acquire on a per-day basis. Think about how much data you use on a daily basis. I don't have the money or desire to be buying new HDDs every other week. Maybe in the future there will be a technological revolution that allows for mass amounts of data to be stored in even smaller spaces. But current technology in that regard is still very expensive and persnickety - read about high capacity SD cards and how fragile they can be and about data needing to be "refreshed" or they can become corrupt. There are lots of issues that make backing up everything you do impracticable.
And, again - privacy concerns. Do I really want my computer to know what I did last Wednesday and who I was with ? What if someone stole my computer or phone and had access to that information ? If we had the technology to do that, who's to say that current encryption would be "enough" - or that someone wouldn't go ahead and try to hack it anyway if they felt finding out basically everything about you was worth brute-forcing your phone or whatever they'd do in the future ? And have no password or a crappy one - even easier for them to know EVERYTHING about you, now.
Highly visual and talk-activated computers are absolutely great for games, movies, and TV. Why ? They function as narrative devices. They allow the actor to say or explain things they otherwise wouldn't have said out loud for personal, practical, or security reasons. They can become characters in their own right. People like those big screen computer displays where the characters are poking things all over and up and down - it looks cool. But not so cool is having your arms get tired from reaching up and around all the time. Not so cool is having to tell the computer out loud what kind of special images you want to search for when you have house-mates living in the next room over.
Just some thoughts. If you have other or counter ideas, go right on ahead.