I was surprised to see Alpha Vantage[0] on this list. As far i'm aware, they provide real time access to stock prices, and their service is free. Additionally, other services [1] exist that do the same, which are also free.
How might they turn their service into a viable business?
There's a lot of discussion here about hype, but I think many are overlooking exactly why expectations were so high.
Downloads of new mobile applications have been decreasing in growth steadily for years now[0]. Instead, user's spend more time inside their existing applications, particularly messenger applications. Take a look at just a few of their user bases:
Considering that writing a single bot that was capable to connecting to all of these platforms was trivial, it gave the developer access to a new and very significant user base.
Add to this the fact that Facebook, Google, Microsoft, Slack and others, with a combined market cap in the trillions, were simultaneously contributing to the support of chatbots in one way or another.
It's a classic rendition of the Hype Cycle[4]. We're probably somewhere in the "Trough of Disillusionment", but give it a few years and we'll get to the "Plateau of Productivity", and chatbots will probably make their way to a more useful purpose.
Glass wasn't hype by any means, it just didn't take hold in the consumer market (which, who's to say Google didn't predicate that). It's been in use by massive enterprises for years now, from Boeing to GE to large healthcare organizations.
You need/needed READ_PHONE_STATE if you wanted to suspend your app data/saving and allow calls to be accepted you did.
For instance you are playing a game and a call comes in, you needed them to allow that and to possibly not crash your game and save your data as well as for some analytics/social network integration.
Also if you allowed os level music to be played over game audio, you need that to handle music and app state when a call came in.
It was/is a default on many large app platforms including game engines like Unity and any social network app integration such as Google Play Game Services and Unity analytics [1][2]. When you have READ_PHONE_STATE you could get the number and more.
For games it wasn't such a big thing but for apps like Facebook that are always running and kept alive playing a silent sound [3], it could get every call that ever came in on record and apparently did. With these holes, apps could scrape everything and they did [4].
Where's the reference that you needed READ_PHONE_STATE to suspend your app? Shouldn't the app be automatically suspended when the caller app goes into the foreground?
The Facebook app itself is the real issue as both the Facebook app and Facebook Messenger require everything including READ_PHONE_STATE and contact permissions and pretty much everything[1][2].
> Where's the reference that you needed READ_PHONE_STATE to suspend your app? Shouldn't the app be automatically suspended when the caller app goes into the foreground?
Mostly for analytics and social platforms to access unique identifier for analytics you needed it such as in Unity up to 2015 [3][4].
> The Android build enforces READ_PHONE_STATE if the code has references to SystemInfo.deviceUniqueIdentifier. INTERNET is added when any network classes are referenced. ACCESS_NETWORK_STATE is added when calling Application.internetReachability
Also, early on it was required for saving state and or ensuring the app didn't crash. Mobile OSes were moving fast and without it the apps didn't auto suspend which they mostly do now. You can see some of this discussion in the links I included above. Anything older than Android Ice Cream required it as well.
It is added in by many plugins as well such as Google Game Play Services or other Analytics packages that most people didn't check. There was a reason the market was and is flooded with analytics packages.
It seems to re-pop up in analytics packages quite a bit and many aren't checking close enough per this example 2016 [4][5][6][7].
Largely it is due to people just building and shipping fast, there are other things that trigger it but the most common are doing things on suspend when a call comes in or to help allow the music to play in your game/app and turn off when a call comes in or analytics packages.
For the most part it is not needed now but up to 2016 it still was in many areas since Android started.
There is a lot of misinformation in this thread about Android's roll in all this. Clearly - they need better, more fine grained permissions - but they have been working towards that goal for years now.
There also seems a lot of pro-Apple bias that seems unwarranted/
I'd love to hear some discussion on the following:
I really like developer focused companies like Buglife. However, what path could Buglife take to reach a $1B dollar company?
The post notes that they are currently in 300 apps. I'd assume the majority of these 300 are on a free plan. Let's assume that they hit a growth spurt and end up in 10,000 apps. Let's also assume that every one of those customers is paying for their Premium plan. That works out to a little over $2 million a month in revenue.
Not only that, but there are already very established companies in this space (Fabric/Crashlytics, Firebase, Sentry, etc.). It's also fairly trivial to switch to another provider.
How do companies like this propose they hit that $1B mark?
1) Does YCombinator only invest in companies with a plan to become $1B?
2) What you're doing right now isn't necessarily the thing you end up doing in the long term. Sometimes it makes sense to create a simple product with a smallish market that people use now, and adapt over time to address or create a larger market. This other discussion today is relevant: https://news.ycombinator.com/item?id=16334035
> I think it's a pretty well known fact that YC tends to invest in companies that have the opportunity to be billion dollar ventures.
"Tends to" isn't the same as "always". I expect they'd rather invest in unicorns, but maybe they're willing to invest in a few more modest endeavors for various reasons.
> What sort of opportunities do you think a company like Buglife could focus on?
Beats me. I wouldn't have guessed that Amazon was going to become a cloud provider back when they were just an e-commerce site. I think Paul Graham has said that sometimes YCombinator will accept founders who have an uninteresting idea if they seem like the sort of people who are capable of generating new ideas and changing course as the situations demand.
I love Crashlytics, it was a great success and continues to be an awesome service. However, this comment highlights my question. Crashlytics was an early "first mover" in this area, has been a goto for developers for years now, and could likely be considered as a "best case" scenario for this type of software. Yet, it was acquired for far less than a billion dollars.
My original comment was in regards to the well known fact that YC tends to invest in companies that have the opportunity to be billion dollar companies. In fact, it's a known question during interviews[1].
So, my question is what do these founders say when asked this question? What possible paths are there to a billion dollars for this type of company?
The only way to open up ADB over a wireless connection is to set the device in tcpip mode on port 5555 and then connect via adb using the device's IP and the mentioned port.
However, adb is not shipped on Android devices (though adbd is). How is it that a malicious device can install an application on another device as claimed by the article?
My (possibly un-educated) guess is that these particular infected devices are insecure out of the factory, with these ports open and debugging enabled.
It's not unheard of for certain shoddy Chinese electronics to have glaring security holes out-of-the-box, and a lot of these types of botnets go after insecure IoT devices. A decent section of the IoT market uses Android, and it wouldn't surprise me if these ports are left open with the debugging installed.
> you didn't have to ask users for permissions to access contacts, sms, SD card and other data
This isn't true. Android 6.0 introduced runtime permissions, where permissions could be granted in the context of the application. Previously, the permissions still had to be granted, but they were granted before the application was installed.
You get asked when you install the app but nobody looks at that huge list of permissions, especially if not accepting means you don't get to use the app
There's a huge difference between apps being able to do stuff without ever asking permission and apps asking permission but users choosing to ignore it and just say yes to everything.
While I agree with permission overload at install time, users pay more attention when permission prompts come up one at a time at first-use. It also gives the app a reason to stagger in permissions only when the feature is used, lest the user loses interest and drops off.
How might they turn their service into a viable business?
[0]: https://www.alphavantage.co [1]: https://iextrading.com