I find it interesting that the author thinks "invasive user fingerprinting" would stop with WEI. If you really believe ad networks are _only_ fingerprinting users to fight fraud and will stop doing it after WEI, I have a bridge to sell you.
How else are they going to learn more about me and shove ads that they think I care about?
You are correct - I should be running chmod in the download stage and that is what I did before realizing `--chmod` existed. However, `--chmod` is still a valid solution.
The reason I did not stop with running chmod in the first stage is because this seemed like a common problem - what if I was ADDing a binary or a shell script directly from a remote source and I did not have a download stage?
I'm sure there are better ways to write that Dockerfile - I'm by no means an expert. It just so happens that I noticed this problem when the Dockerfile (it was from a different project. I was modifying it) was in this state and I had nothing better to do than ~yak shave~ investigate why the image size was a bit larger than I expected :)
If I build an image using the Dockerfile in the blog post 10 days later, there is no guarantee that my application would work. The packages in Ubuntu's repositories might be updated to new versions that are buggy/no longer compatible with my application.
OP's suggestion is to build a separate image with required packages, tag it with something like "mybaseimage:25032022" and use it as my base image in the Dockerfile. This way, no matter when I rebuild the Dockerfile, my application will always work. You can rebuild the base image and application's image every X days to apply security patches and such. This also means I now have to maintain two images instead of one.
Another option is to use an image tag like "ubuntu:impish-20220316" (instead of "ubuntu:21.10") as base image and pin the versions of the packages you are installing via apt.
I personally don't do this since core packages in Ubuntu's repositories rarely introduce breaking changes in the same version. Of course, this depends on package maintainers, so YYMV.
Whether you have a separate base or not, it relies on you keeping an old image.
The advantage a separate base has is allowing you to continue to update your code on top of it, even while the new bases are broken.
You could still do that without it though, just by forking out of the single image at the appropriate layer. Not as easy, but how often does it happen?
> If I build an image using the Dockerfile in the blog post 10 days later (...)
To start off, if you intend to run the same container image for 10 days straight, you have far more pressing problems than reproducibility.
Personally I know of zero professional projects whose production CICD pipeline don't deploy multiple times per day, or in the very worst case weekly in very rare cases where there is zero commit.
> OP's suggestion is to build a separate image with required packages, tag it with something like "mybaseimage:25032022" and use it as my base image in the Dockerfile.
Again, that adds absolutely nothing to just pulling the latest base image, running apt-get upgrade, and tagging/adding metadata.
Well, they did offer to pay me $30 for limited data a couple of times.
They once offered to send me a Google Home Mini (retailed for ~$30 at the time) in exchange for my Spotify playlists. This was when YouTube Music launched.
Recently, they offered me $30 if I collect all the stamps in Google Pay's Spring Challenge. To get one of the rare stamps, I have to enroll my credit card in their cash back program, which I'm assuming is going to profile my purchase history.
If you search for Chrome, Chrome will not show up in that box either. And the first browser in that box is, guess what, Firefox. You just searched for it, why include it in the box?
UC Browser is pretty popular in Asia. Statcounter reports 3% market share worldwide, right between Samsung Internet and IE.
>If you search for Chrome, Chrome will not show up in that box either. And the first browser in that box is, guess what, Firefox. You just searched for it, why include it in the box?
Oh, good catch, you are right. Is just a bad title for the box and does not appear to be in any way nefarious. 'Other Web Browsers' would be a lot less confusing.
Am still cocking an eyebrow at 'Is Mozilla Firefox Safe to Download?' though.
I'm not sure if anything changed in a day, but I'm not getting that result at all (in fact, I'm not getting a "did you mean Chrome" either). The latter isn't explainable by me, but for the former... well, remember the search results are tailored to you (that's another pandora's box about echo chambers in itself) so perhaps you've been searching for more security-oriented things and that affects your results. In my case, the first page was mostly official Firefox links, wikipedia, and the very last result of the first page was "Google Just Gave 2 Billion Chrome Users A Reason To Switch To Firefox" so it doesn't seem like there's anything awry going on here.
When I had my Pixel I remember not being able to save reminders or events with the assisstant unless I enabled Google Now Cards, which shoved advertisements and bullshit articles onto my home screen
I remember using Google now cards but stopped after they decided they needed my full history to make them work. I guess I was lucky I missed the advertisement phase.
On my Pixel 2, the only apps I can't disable are Settings, Phone, Messages, SIM toolkit, Pixel Launcher and Play Services. I can disable (not uninstall) rest of the Google apps that were pre-installed.
The Pixel is .7% of the smartphone market and is the Google device, so by default you're already in their ecosystem and you don't need all the spyware as apps.
The vast majority of the Android market, in the US at least I can assure you, has google or carrier based spyware that you can't delete or disable.
Unlike "Settings", the name is not "Play Services", but "Google Play Services". It makes sense that you shouldn't be able to disable literally everything that was built-in such as Settings (how else are you supposed to undo what you just did...) but the problem is that you can't disable preloaded Google apps (which includes Google Play Services).
Oh you may have misunderstood my comment. On my phone at least, there is an app named "Play Services" which I assume provides things like location services and other background Google platform APIs. You can disable other pre-loaded Google apps individually (Google Search/Assistant, GMail, etc).
FWIW, I too hate that there isn't a replacement for those Play Services. I'm so frustrated - Pixel launcher will not show temperature in Celsius unless I give it "Web and App Activity" permission.
And English Australia / English UK won't display Celsius by default without web permissions? (Granted, that would also mess with the display of calendar dates.)
I think I understand what's happening here. If I click the temperaure on launcher, it opens the Google Search app querying for "weather" - here it is in celsius.
Temperature units preference is saved in Google Search app. Pixel launcher, even though it shows the news cards from Search app, cannot show temperature in the units of my choice unless I give it the "Web and App activity" permission. Just Google things.
Play services makes sure that things like fine location services work on your phone. It can't be uninstalled or disabled because it's tied much deeper to the os than a normal app, and nothing else offers the same functionality that you can normally install. (There's competitors like microg but you can't install them without having an unlocked bootloader)
> Play services makes sure that things like fine location services work on your phone. It can't be uninstalled or disabled because it's tied much deeper to the os than a normal app, and nothing else offers the same functionality that you can normally install. (There's competitors like microg but you can't install them without having an unlocked bootloader)
Isn't that literally the point? When the complaint is that Google is tying itself to the OS and leaving few viable alternative options, the fact that Google is tying itself to the OS and leaving fewer alternative options is more like an admission rather than a defense...
It goes deeper than that. Many (most?) Android apps depend on Play Services. If there were an option to remove it, it would basically be a "break most of my phone" option.
To make this viable, at a minimum, it should be possible to search for apps that don't depend on Play Services, so you could remove most of your apps and replace them with alternatives.
But I expect most users wouldn't do this, and so there is little incentive for most apps to stop depending on Play Services. The only real incentive to do it is to be able to publish the app on Amazon.
Oh the good old IE argument "but it is technically integrated to the OS and providing all kind of essential services, so we are not abusing our monopoly"
While it is not (can be removed/replaced, the limitations preventing to do that are completely artificial and this is probably playing a good role in what has been judged), and even if it was, things should have been bundled differently to begin with (if they can't, that can be considered a conscious decision potentially motivated by a desire to abuse a monopoly, so in all cases that should be redesigned)
So it's mostly same cause/same effects from an high level overview -- and I'm not surprised. Maybe the way to become compliant (after their pointless whining phase has passed) will even be similar? I'm not buying the business model argument. Google browser, play store and so over are now extremely well established and won't be abandoned by any kind of mass exodus any time soon. In ten years, they can be challenged, but that's the fucking POINT: practical competition should be allowed.
It's astonishing that everybody and their dog was scandalized by MS behavior in the time (and some even are today, despite present MS being quite different from the old one), while Google has somehow managed to be considered friendly regardless of the doing exactly the same shit, if not worse, while simultaneously even pretending that they are not evil. Well maybe evil is a strong word, and I can concede that they did not pretend they are not hypocrites :p
Playing devil's advocate here. I feel like Play Services is necessary evil. This is the only thing that's keeping the ecosystem from fragmenting further. Look at the OEMs update cycle. If not for Play Services which are updated independently from Android OS itself, app compatability would be a nightmare. There is nothing to replace it with. Nokia tried and failed.
Other thing is, if every OEM starts writing their own API for these services, app developers will have to write apps for each OEM because they for sure will not work with each other. We will go back to the days of Symbian where apps will come with a huge list of phones it is known to work with.
I'm not buying your first point. Within a month of OEMs releasing the Kernel sources, you can find builds of AOSP over at XDA, Lineage OS and other forums. And with the project Trebble in P, we have builds within a week. I don't think it is hard or Google is making it hard to compile.
As for your problems installing it on other boards, where are the drivers for them? Your classic desktop installation comes with drivers for almost every laptop/desktop board. Android doesn't because the vendors don't contribute. A snapdragon SoC requires a binary blob from Qualcomm. There is nothing you can do without it. It has nothing to do with AOSP being opensource or Google controlling it (Google controls other aspects, AKA the Play Services).
I usually do 'git checkout <branch/tag/sha_of_commit> -- <filename>' to revert a single file to previous state. If I ever need a gui (very, very rare), I would just use 'gitk'. Small and does the work.
How else are they going to learn more about me and shove ads that they think I care about?