HN Gopher Feed (2017-11-04) - page 1 of 10
Fake WhatsApp update from "WhatsApp Inc." with Unicode whitespace:
158 points by jakub_ghttps://twitter.com/virqdroid/status/926437790140772362
paulryanrogers - 1 hours ago
Why don't they have a normalized slug to ensure name uniqueness? Or
if so why would it consider whitespace differences unique?
dfc - 1 hours ago
What is a "normalized slug"?
nerdponx - 1 hours ago
All names get reduced using Unicode normalization.
Arnt - 1 hours ago
The kind of excerpt-like thing you see on the end of many many
modern URLs. "rare-white-moose-captured-on-film-in-sweden" in
this one: www.bbc.com/news/av/world-europe-40918494/rare-white-
moose-captured-on-film-in-swedenIt's machine-produced and
surprisingly good at revealing accidental/unintentional/evil
duplicates, considering how cheap it is.
fuhrysteve - 1 hours ago
I suspect that if they haven't already, they will now
jakub_g - 1 hours ago
They could do a lot of things, if they cared.For example: limit
app and account renames; when creating/renaming app/account,
compute levenshtein distance to all the existing ones and if
distance < threshold, make it subject to manual review and make
it unlisted before cleared.Problem is, from my observation, that
Google has a culture of hating any manual processes, because they
do not scale, so they avoid them, unless compelled by law.2nd
problem is that they have big enough market share that they don't
have to care about things that are not convenient to them.
Slightly off-topic but in a similar way, Apple can increase
iphone price 10% per year and get away with it, because people
TazeTSchnitzel - 1 hours ago
Manual processes scale just fine. They just don't want to pay
icelancer - 57 minutes ago
Exactly. Hearing "support doesn't scale" is complete
bullshit. They just would prefer to skirt the costs.
mycat - 40 minutes ago
True, for example, AWS is doing fine for years with manual
customer services despite its scale.
maerF0x0 - 16 minutes ago
Or visually rendered and use some kind of picture diffing to
decide if they're visually similar ?
pasbesoin - 9 minutes ago
Recently, I went to install the Amazon Kindle app onto my new
phone. From the Google Play store. It all looked good, except for
the strangeness of an individual's name listed as the name for the
street address and contact information for the app. That was
something I did not recall from previous visits to the app in the
Google app store.So, the Kindle app's not on my new phone. Because
the validation portion of curation is, ultimately, left up to the
individual. And I didn't have time to go chasing around the Web
making sure I was hitting the correct/official app store page. I
probably was. But I've been well-trained to "pause and check" on
such details.P.S. I now recall, causing further hesitation, the
"other apps" sections of the search results and/or Kindle app page,
included an Amazon Video app. And that app had the same name
listed in its details.Now, the last I recall, Amazon Video was
specifically NOT available in the Google app store. Forcing people
on non-Amazon devices who wanted to use it, to have to add the
Amazon app store and adjust permissions to allow installing apps
from it. At least, temporarily; once you had that or whatever app
you wanted from Amazon, you could then adjust your devices settings
back to their defaults. Unless/until you wanted to pull an update
to such an app -- then, rinse and repeat.So... I see a weird bit
of contact information. And I see it also for an app that prior
experience taught me was not available in the Google app
store...And, with repeated stories like the OP, I can't trust the
Google app store to be well-curated.What else can I say? Meh...
apeacox - 1 hours ago
But gmail doesn?t make any differences between user.name and
nolok - 59 minutes ago
Why would this be relevant? What I do with one field in one of my
product for one set of reasons has very little to do with what I
do with another field entirely, in another product entirely, for
a whole other set of reasons...
ovao - 19 minutes ago
By design. It isn?t accidental.
dabber - 53 minutes ago
I can't see Twitter on my mobile with my host adblock. Could
someone let me know if this is something I should be worried
about?Is it just a typo squatting incident? If so, how long has it
been up and has it been pulled?
pacetherace - 1 hours ago
This is so typical of Google's policies. They will not fix
something just because users report
hk__2 - 38 minutes ago
> They will not fix something just because users report it.Nobody
should "fix" something only because users report it.
exikyut - 25 minutes ago
What's the Chromium bugtracker for, then? O.o
ovao - 17 minutes ago
For reporting and tracking actual bugs.
codazoda - 1 hours ago
I wouldn't fix that "bug" either. I don't want confirmation
dialogs all over the place. They are annoying when I try to close
or delete. Yes, I clicked close on purpose.Google has done a good
job with some of their "undo" notifications; these work much
a_t48 - 1 hours ago
A "Don't ask me again" checkbox is a good compromise.
Godel_unicode - 1 hours ago
Especially considering there's a chrome option to have the
startup tabs be the tabs that were last open. No dialogs
necessary, just take me back to where I was.
QAPereo - 1 hours ago
When people bitch about ?walled gardens? I like to remind them just
why people build walls. This... is why. Sure, a world without walls
and locks would be ideal, but only if it?s also a world without
thieves, saboteurs, and jerks.
the8472 - 7 minutes ago
If you prefer being unfree in the name of security, that is your
prerogative. But please don't drag the rest of us with you into
your golden cage.I prefer solutions that offer both, freedom and
security. Such as proper application isolation, user review
systems (a tough nut, yes) and generally having better
reputation/quality signals than just a company name.
draw_down - 1 hours ago
Um.... it didn?t seem to do much good here. Not sure what your
ryanmarsh - 1 hours ago
Scams in the Google Play store are an old problem. It genuinely
perplexes me that Google hasn't solved this problem. Surely they
realize this drives people away from the platform. My parents
don't follow @swiftonsecurity but they do read the news and they
don't want their retirement accounts pilfered. Thus they
overreact to any negative security news in the mainstream news.
So they own iPhones. The volume of bad news about Android
security outweighs iOS.
rectang - 1 hours ago
While physical analogies have their limitations, a meatspace
store where any supplier could drop their product without vetting
would not be a safe place to shop.There has to be some sort of
curation. Algorithms and automation can help with the curation,
but there has to be something.
spiorf - 46 minutes ago
The irony is strong here. You need walled gardena because
walled gardena protect people from dangerous software. Posted as
a comment in a news about dangerous software found in a walled
ufmace - 9 minutes ago
The argument would be that this suggests that Google's garden
should have higher and better-guarded walls to prevent such
things, while many seem to argue that our gardens' walls are
too high. Apple gets criticized for having slower and more
arbitrary manual reviews of all app updates, but they don't
seem to get malicious apps like this in their app store nearly
PeachPlum - 1 hours ago
"Good fences make good neighbors."
hawski - 1 hours ago
Google Play is a walled garden. Maybe a wall is a little lower
then some, but still.Is F-Droid a walled garden?
hawski - 1 hours ago
Google. A search giant. A machine learning leader. They can save me
from a typo in the web search, but can't in the Play store.That's
another reason to switch to F-Droid.
eli - 1 hours ago
What keeps someone from doing the same thing to f-droid?
thriftwy - 1 hours ago
Maybe they have package vetting process with an actual human
avodonosov - 1 hours ago
They have software dev process with actual human, inside.
nolok - 1 hours ago
They don't. More exactly, they try to vet things, after the
fact, and not covering anything. Source : their own faq.
disconnected - 29 minutes ago
I skimmed their docs and I don't see any sort of language
that corroborates what you are claiming.They DO seem to
have some sort of review process in
Application Review Process.I don't know how exhaustive it
is or how effective it is in practice though.
orblivion - 34 minutes ago
You're basically saying that f-droid is better because it's
small. Nothing to do with its selling point of being
FOSS.(And for the record I'm an f-droid user)
kenaiphatdu - 1 hours ago
Agreed. At least with Google, we have something big to blame
Teever - 52 minutes ago
Besides assuaging feelings of rage what does this accomplish