Operate European tech infrastructure without a dependency on America challenge (Impossible)
For 99% of smartphone users, you can't get apps onto their phones without Apple and Google signing the app and letting you into their store, and users can't install the app without an Apple/Google account.
Why remove a dependency on Google, when you'll still be 100% dependent on Google?
Anybody working on "Digital ID" has already made peace with the fact that it can be turned off overnight if Trump says so.
Why adding an additional, unnecessary, superficial requirement?
It's not necessary to provide the functionality and enforces the dependency onto he potentially hostile actor (case in point: Microsoft disabling email account of Chief Prosecutor of ICC because US requested so).
It stifles innovation in the future and hurts GrapheneOS right now.
Let me turn the question back at you: why do you think adding unnecessary dependency is better than not adding it?
Does it serve users, governments, service?
Does it anything good for the interested parties or does it only serve Apple, Goggle and the US government?
On Android you don't need to sign in with a Google account. You do need it for the play store but many brands have alternatives. Like the Samsung app store, Honor has their own too, I'm sure more brands do. And there's always aurora.
Yes not many use it but if you cut this path off then people will never get there.
You can just as well say "the correct reaction to having a guns aimed at your head is NOT to give the guy another gun ... you know, in case the first one fails to fire when he starts pulling triggers".
Plus, the net difference is that this gives Google and Apple the ability to kill the ability of individuals to make payments (and tax them) ... do you want that?
(And I would say, compared to having European banks tax them, the answer is not so obvious)
The real issue is, of course, that this moves the burden of keeping phones secure onto Google and Apple, who are very willing to take on that burden in trade for a percentage of all consumer payment traffic in Germany. It's yet another choice between "spend money now to build a government department to secure payments ... or have Apple/Google do that for you". And they're choosing to save a little bit of money in the short term in trade for what is effectively a new tax.
Oh, but Google doesn't really excel in making phones "secure".
Sure, their researchers are great, but Google itself claims that several years old phones running Oreo are safe and secure. They also extended the time for vendors to bring patches to the new vulnerabilities, they themselves slowed down - compare timeframe between patches released by GrapheneOS and patches released by Google - the latest GOS release provides patches for vulnerabilities that will be fixed by Google in.... October 2026: https://grapheneos.org/releases#2026040300
Being able to install whatever apps you want on Android without any sort of dependency on a Google signature or API was the standard for a decade and a half.
Let's not act like things have always been this bad and thus we should just accept it as the norm, because they haven't, the noose is actively tightening as time goes on.
A casino or bookmaker doesn't need to heuristically identify betting behaviour that's 'smart'. They don't need to spot evidence that could be hidden by good opsec. No need to find micro-expressions or hidden cheating gadgets. Nor to do background checks to know you've got a buddy with insider knowledge.
All they need to do is check if you're cashing out more chips than you came in with.
It's not trivial for the casino to track this against a determined adversary. If you're already thinking about "good opsec", you can get someone else to help cash out your winnings.
A buddy from out of town, or a losing regular, or a poker player who the casino doesn't care if they win. In Vegas some casinos' chips are negotiable, officially or unofficially, in other casinos.
I've worked in industries where customers don't like paying invoices.
Fortunately, the widget we sell is good enough they'll want to buy again within a few months. So our rule is pretty simple - we won't send another batch of widgets until they've paid the overdue invoice for the last batch.
And if they've dicked us around too much in the past - we send them a proforma invoice. They can pay before we dispatch.
> just let it slide because the relationship feels more important than the cash
What use is a 'relationship' with a customer that doesn't pay?
Sure, you might hope to parlay a good relationship into larger orders in the future. It's natural to have dollar signs cloud your vision when you're talking to someone at a well known multi-billion-dollar company. You hope this person ordering $500 of widgets for a prototype will place an order for $500,000 of widgets in due course.
But the truth is, for every person with the authority to place that huge order there are 100+ interns building one-off prototypes during 3 month summer internships. If your contact can't get a $500 invoice paid, then you're not talking to someone with the authority to spend $500,000.
If I admit to killing someone in court, because I regret it, I acknowledge I have a debt to society I need to pay, and honesty is the first step on my route towards eventual reform - that's an improvement.
If I admit to killing someone because I want everyone to know I'm a tough, viscous killer and they'd better not piss me off or they'll be next - that's not an improvement.
You'd rather a vicious killer who pretended to be harmless and actively tried to fool you?
As to the behavior itself, I imagine the merits are heavily dependent on context. International politics depends to some extent on demonstrating a willingness and ability to engage in violence. That's not the whole story but it's definitely part of it.
> Any cloud engineer worth their salt is going to have their programs be stateless and their data replicated across multiple data centers.
That doesn't help much in a shooting war, unfortunately.
Redundancy is great for uncorrelated outages - if a freak weather event or power problem knocks out data centres in London, and your backups in Paris and Frankfurt are unaffected.
But if there's a war and London is getting bombed? Good chance Paris and Frankfurt are also getting bombed.
As I remember, that was before the rise of multi-platform, web-based and mobile apps.
You'd get Office 2003 and it'd follow the Windows XP style with lots of blue [1] and you'd get Office 2004 for Mac with the brushed metal styling [2] - and many applications only targeted a single platform.
Whereas in the modern age you get Slack for Web, Slack for Windows, Slack for Mac, Slack for Linux, Slack for iOS and Slack for Android - and it tries to be consistent across different platforms, instead of being consistent with different platforms.
> The Dubai government denies this strike happened
In the UAE it's illegal to talk about the strikes, or post videos of them online. $55,000+ fine and 2+ years in prison. Over 100 people have already been arrested.
When the two different governments said contradictory things, in other situations a journalist would arrange for a local correspondent to head over to the Oracle building and see if it's visibly damaged, maybe get some photos.
It's interesting, because I initially thought these restrictions in UAE were strictly because of operational security. That is why Israel and Ukraine, for example, also forbid posting images of missile impacts: it provides valuable targeting information to the enemy. In Israel the legal framework is military censorship; in Ukraine it's martial law. Enforcement against individuals is strong in Ukraine, and more selective in Israel - presumably because Ukraine has a bigger internal infiltration problem, or perhaps because Israelis are more disciplined or have more effective social pressure?
In any case, in turns out I was mistaken: apparently in UAE the wave of arrests are not framed as operational security, but a wider ban on information that could "spread misinformation", "cause panic", "affect national security", or "damage reputation". So it's a wider legal framework with more complicated implications - less of a no-brainer than I initially thought!
I'm not sure I'd put "reliable" in any description of the USPS. I get my neighbors mail in my box often. I can only assume some of my mail gets delivered to them as well.
> The social contract was "your ads aren't annoying or invasive
Even back in the 1990s the internet was awash with popups, popunders and animated punch-the-monkey banner ads. And with the speed of dial up, hefty images slows down page loads too.
You must be a true Internet veteran if you remember a time ads weren’t annoying!
I remember a time before ads. I remember the first time I got "spam" email - email not directly addressed to me that ended up in my inbox. I was very confused for some time about why this email was sent to me.
> Even the GDPR gives us enormous leeway to do literally this, but it requires participating in tracking networks that have what amounts to a total knowledge of purchases and browsing you do on the internet. That's the only way they work at all.
That data sounds like it would be very valuable.
But I think if I sell widgets and a prospective customer browsers my site, telling my competitors (via a data broker) that customer is in the market for widgets is not a smart move.
How do such tracking networks get the cooperation of retailers, when it’s against the retailers interests to have their customers tracked?
I suspect a lot of retailers simply aren’t aware that that data is being collected and sold off to their competitors (or to ad networks so their competitors can poach their audience)
For 99% of smartphone users, you can't get apps onto their phones without Apple and Google signing the app and letting you into their store, and users can't install the app without an Apple/Google account.
Why remove a dependency on Google, when you'll still be 100% dependent on Google?
Anybody working on "Digital ID" has already made peace with the fact that it can be turned off overnight if Trump says so.
reply