74 comments

[ 3.2 ms ] story [ 139 ms ] thread
Me to Google: Stop messing with not being evil. It's hurting Everyone.
If arbitrary code execution, according to Samsung, is of "moderate" severity, I'd hate to see what their idea of a real bug is!
The highest level of severity is reserved for anything that allows users to uninstall the crapware they ship with their phones.
No kidding

It's ridiculous how a brand new phone from Samsung comes with non user-removable Facebook spyware and all their Bixby stuff that all want you to create an account

I broke my phone and bought a cheap burner phone, it was 20 dollars and honestly I'm not sure I'll ever buy a nice phone again. It's 720/1gig of RAM but it's only a mild annoyance, it's just as good as my old expensive one.

Anyway it came preinstalled with FB and I'm wondering now if, even though I deactivated it, it spies.

That's for sure why the phone was for sale at that price, it's subsidized with lots of bloat ware

Vote with your wallet and buy pixels or Apple phones.
Pixels are not so easy to buy for some reason (outside of the US), only through the web site and some stores.

I'm also voting with my wallet against Apple taking out the headphone jack.

https://store.google.com/regionpicker

Not sure what you are talking about. If I google buy google pixel outside of the US it takes me to this where I can select my region. I includes many regions/countries outside of the US.

Many, but not all. Half of Europe is missing, for example.
Also missing is all of the American continent other than North America and Brazil. And selecting Brazil, there's only the Nest Mini and the Chromecast, and nothing else.
Sorry I did not go through the purchase process, it seems you cannot ship phones outside of the country where it is available.
Pick the Netherlands, for example. No way to buy any (smart)phone.
I bought my current Pixel by walking into a nearby store the night after my previous phone bricked itself in my hotel room, and simply picking the box up and walking to the register. Getting them to sell me just a phone, and not insurance, maintenance, service, style advice, or a fitness plan took about ten minutes, but buying the phone was easy.

Persuading Google and everybody else relevant that this was not a SIM hijack (new phone, same number, old phone was totally bricked so couldn't help, other non-work PCs were hours away) was not easy but I wouldn't want it to be.

I wanted to buy a Japanese Pixel 4 because of the local train access, but it was so ridiculously expensive. In the USA there are constantly discounts allowing you to buy the pixels for a couple hundred dollars below retail price.

In Japan and other places of the world the whole thing is over a hundred bucks more expensive than retail. Over a 1000 dollars for a phone?

I'd rather buy an iPhone then. I ended up getting a second hand iPhone 8 for $250 as second device instead. Most of it better than most previous year android flagships and dirt cheap with 97% battery capacity.

I'm trying really hard to keep my "freedom" on android devices, but what the actual f. The only reasonably priced flagship CPU devices are from Xiaomi.

Most companies either don't have the ability to unlock the bootloader anymore or brick some random thing of the device or software if you do. Yeah sure the pixel does that and has good source code support, but over 1000 USD for 128 GB? Apple devices have better value for money and you won't have to play lottery about whether the next two android updates will actually work properly.

I only buy Apple products, because of their durability. One of my friends are still using an iphone 6s, he did not even needed to change the battery
Hey, I have a completely functional, regularly used Samsung Galaxy S5 (IMO the last good phone Samsung made, and I currently run an S9 as my daily phone, and my partner has an S10).

Anecdata is weird when it comes to mobile devices. It seems that some phones are really not created equal to others in the same production run. I presume it's sort of like processor binning, but not actually tested in the factory. Every now and then a customer gets a phone that performs perfectly, and the battery lasts for over a decade (obviously with recharging!) ;-)

I agree on personal experience varies wildly.

I also bought an iphone 7 three years ago and it was working fine with 85% battery life, before I broke the screen and replaced it.

Before phone, I was using Samsung phones exclusively, S4, Note 4 etc, they all died within two years.

What's the price of a Pixel 3A in your part of the world?

I got one after having iPhones since the Nexus 3 (I think), and I'm quite happy with it. It cost me 300 euro, and it feels like it can handle everything I need. I specifically went for the Pixel 3A because leaving the Apple ecosystem I wanted the alternative that is most likely to be stable, updated, and not filled with crapware. so far I have no complaints, and I even prefer much of this new phone over my previous iPhones (iPhone 7, iPhone 5S before that).

You realize that the Pixel 2,3 and 4 also don’t have headphone jacks....
It didn't sound like he uses Pixels.
He mentioned buying a Pixel but didn’t because of the difficulty in buying one. One of his primary complaints against an iPhone was about it not having a headphone jack.
Newer Pixels have the same issue as iPhones that you mentioned (Jack)
The problem is no one except Samsung makes any decent tablets, and even Samsung is hardly decent - crap cameras, no NFC... and the Apple ecosystem is a walled garden.
Microsoft, Asus and Huawei also do nice tablets.
Microsoft tablets are far from “nice”. They run Windows with all of the bloat that entails.

This isn’t meant to be an anti-MS screed. I would say the same if Apple released a “Mac tablet”. Windows is perfectly fine as a PC operating system and I use it everyday and have been developing on and for Windows my entire career. But, as a tablet operating system - No.

It’s only been within the last couple of years that I’ve been deploying to Linux and it’s still .Net Core.

Pick your poison I guess. I’d rather have security than freedom when it comes to a cell phone. I’d also rather Apple decide what the wall looks like than Verizon.
On the one hand I agree, on the other why should Google have a monopoly on adding bloatware to my phone. Might as well go the whole nine yards and pre patch the unremovable chrome with an ask toolbar.
It's a bit easier to remove Chrome from a Pixel than it is to remove Safari from an iPhone!
At least can you disable facebook, Bixby sadly not..
Moderate is typically a reasonable severity for, in the article's words, "possible arbitrary code execution". Lots of bugs might allow arbitrary code execution - too many to address them all at the same severity as a vulnerability known for sure to allow it.
That ship sailed over a decade ago.

Arguing that a buffer flow, etc. is only theoretical unless you can show an exploit is nonsense at this point.

It makes it less likely that an attacker has right this second found and begin using an exploit. As you say, the ship has sailed over a decade ago; your stack will have unpatched CVEs, no matter how cautious you are or how hard you work. The most important parameter that remains available is which patches require which degree of expedited rollout.
The higher levels are used for things like remote code execution, and remote code execution that does not require user interaction. Things that are local only are not as big of an issue, especially on a single user device.
that guy was the most annoying interview i have seen in a while.
Telling hardware vendors not to modify kernel code feels grotesquely anti-competitive.
Definitely a bad look for Google to say they're the only ones allowed to write kernel/driver code.
That's not what the article says.
Google doesn't say that at all. What they say to samsung is to push there changes up so that the kernal teams can review them.
Just like Google Android team does, oh wait...
Can you clarify that? I did some searches and all I could find was reports that google made large contributions to the Linux kernel.
AOSP is just a subset of Google's changes made to Linux kernel.

Thanks to Project Treble, Linux on Android feels more like a pseudo micro kernel than traditional Linux.

Then it is more like Linux + grsecurity than plain Linux, as it has LinuxSE, seccomp, Fortify, hardware pointer validation (on supported devices) and a couple of other security measures enabled by default, constraining what NDK is actually allowed to do.

It has its own way of OOM killer daemon, it is compiled with clang.

Google is indeed a major Linux kernel contributor, but in the context of Android team, they only contribute a subset of their changes.

This seems like one of those accidents that create valuable backdoors for intelligence agencies with plausible deniability.
Honestly, the truth is probably very mundane. It’s more likely that inter-department political vying for power has created a lot of redundancy, unnecessary work justified, and everything’s just barely being held together by the public’s faith that because they’re big they’ve got it all figured out.
Once, some time ago, I was working on an Interesting Feature for an app using wifi hotspots to connect multiple devices. There were LOTS of problems getting this working properly on arbitrary devices, but I found that Joe-random devices pumped out of a back room in Shenzen... Actually usually weren't bad. The worst were Samsung devices: endless changes deep in the stack for no apparent reason, which created all kinds of funny behavior that had to be discovered the hard way and accounted for. (Also, it turns out there are like twenty different phones called the J2. Nightmare for bug reporting...)
I've had surprisingly good luck with generic hardware based on well-known chipsets.

Samsung, though. They see themselves more like Apple and want to control more of the ecosystem, but they're not very good at it, and no one wants it. They make decent hardware, but they let their software ambitions get in the way.

cough ...bixby... cough
Man, I hate comments like this.

At least leave a link to whatever it is that you’re referencing or say why you think it's relevant.

Bixby is just Samsungs personal assistant program. Similar to Siri or Alexa.
I think it's reasonable to expect the HN crowd to know what Bixby is and why it's relevant. I agree that the comment doesn't add much to the discussion, though.
Sorry, to explain: Bixby is Samsung's attempt at jumping on the "intelligent assistant" bandwagon. It's technically pretty good, but it has been pushed down Samsung user's throats by being non-uninstallable, having a dedicated button on the phone to enable it (that is really hard to disable), and trampling over Google assistant in random ways (like causing occasional issues with Android Auto etc).

It's a lost cause that Samsung refuse to admit should be dead. It's pretty much the canonical example of Samsung making good hardware, but having a terrible plan when it comes to software.

Honestly, I figured everyone on HN would have at least heard of Bixby, as it's been a garbage fire for the last few years, and it touches on ML / mobile / questionable business decisions and terrible UX. This seems like a Venn diagram that includes ~90% of HN users.

Never heard of it, but I'm always happy to be part of the 10% of exceptional people.

Thanks for the explanation!

(comment deleted)
> The worst were Samsung devices: endless changes deep in the stack for no apparent reason,

Well, doesn't google do the same? They just pissed off because they are on the receiving end now.

What's with the autoplaying video and prompt for notifications? Annoying.
Hurting Android is embedding unremovable Google services all over the place and implementing bullshit defaults like auto turning your wifi on and collecting + storing all available networks silently. Pretty sure they are intentionally slowing down old Pixels as well.

/rant

Had to fix a Samsung kernel driver once because their temperature sensor driver stored the measured temperature in Celsius in an unsigned char.

Meaning, of course, that if the processor was ever below freezing, it would think it was running at over 200 degrees, and turn every clock it could find down as far as possible because it thought it was about to catch on fire.

Gosling on why Java does not do unsigned arithemtic as primitive type.

> In programming language design, one of the standard problems is that the language grows so complex that nobody can understand it. One of the little experiments I tried was asking people about the rules for unsigned arithmetic in C. It turns out nobody understands how unsigned arithmetic in C works. There are a few obvious things that people understand, but many people don't understand it.

https://www.artima.com/intv/gosling3.html

Hm, I wonder what kind of questions that entailed. Because unsigned arithmetic in C seems very intuitive to me. I have a hard time coming up with a question that would be hard to answer. Certainly, if we're talking about the C standard, unsigned integers are much more intuitive than signed integers.

Although even if there somehow are hard questions, I'm not sure understanding unsigned arithmetic would have helped whoever wrote that code. Because I think if you asked that person "what does this unsigned type do with -5 C?" the answer would have been pretty obvious.

You might not have any issue dealing with it, but are you sure that everyone on a given team, specially when scaled into off-shoring teams of various skill levels, all will master it?

I have been coding since the mid-80's and I wouldn't definitely assert that I know it well, without having a look into ISO C standard and the semantic expectations of the abstract C machine and implementation specific behaviors.

The problem is that programmers tend to confuse the concept of unsigned integers and non-negative integers. They think that just because a number can never be negative it is OK to use an unsigned integer to represent it. This leads to lots of mixed arithmetic of unsigned and signed types which leads to subtle bugs because neither is a subset of the other.
Usually things like: 1u < -1

But more subtle when you have: a.size() - 1 < len

ANSI C heavily mixed up the conversion rules for expressions involving both, signed and unsigned, integer types (value-preserving vs. unsigned-preserving in K&R C).

This might have been a factor here, given that most of Gosling's peers back then were probably still more familiar with K&R C and its different set of conversion rules.

I miss the uint_64 or uint_32 in Java. It's annoying since the world of C talks in unsigned a lot on network protocols.
leave Android alone!!

sob

ps: seriously, a great OS is chaos because no one respect no one but himself

Me to Google: Stop messing with Linux kernel code. It's hurting Linux.

https://leste.maemo.org/Leste_FAQ#What.27s_wrong_with_Androi...

It doesn't hurt Linux. It hurts a billion Android users floating in a wasteland of devices that never update. But the only part Google could actually control is if they provided the stable driver interface that the kernel refuses to provide, so it's not like Google is doing anything that the kernel mainlining objective wasn't causing vendors to do anyway in the absence of that stability.
Samsung can't stop themselves from making inferior software at every turn.