395 comments

[ 263 ms ] story [ 2869 ms ] thread
I wonder if this is why the mega-app model is so common for Chinese companies. It's far easier to justify collecting a million permissions when your app does a million things.
I think that is more a resurrection of the department store and mega-corp models: if you do a bit of everything then the bottom falling out of one market won't affect you badly as the other areas can soak up the temporary loss. Also, if you have positive name recognition in some areas this can benefit the others, and there is a passive advertising pressure of people using you for one thing seeing something else you have in store or linked to your name (where a more organic search to fulfil a need might be as likely to lead to a competitor as to you).

The difference that might break this analogy being that with a mega-app there isn't really a diversity of revenue streams despite the diversity of products/features: it all comes down to stalking to be able to better sell advertising.

Also a great way to share cookies, avoid CORS, and probably a zillion other complexities that result from running on multiple subdomains.
Yeah, but do you want to bet that during the management call and the subsequent engineering call that made this decision, the main topic of discussion was the direct financial benefit from improved tracking?

We'll never know, but if we could find out, say 1 year from now, I'd bet 100:1 that was the main driver.

Wow...i didn't for even a second think it was anything other than a way to get a financial benefit. Kudos to you for not be as cynical as me.
(comment deleted)
The 2 things aren't mutually exclusive. Because it reduces complexity you will likely see a financial benefit from the cost of the engineering team alone. Having managed an infrastructure with a ton of subdomains I can say that it's almost certainly in their best interest to standardize the domain across all tools at least for engineering. Your data is just an added bonus :)
And to increase XSS blast radius!
thought they have moved mail.google.com to google.com/mail a while ago. Tracking would still be possible over 2 domain, but then google would have to do a bit of ETL operations. Guess this will save some more engineering.
It's funny for browser vendor to push those "security" features, only to work around them in their own products
I actually find that somewhat reassuring, similarly to a Google employee criticising the security practices of a Google-operated certificate authority in public[1]: it demonstrates that the team responsible for instituting security policies in the interest of users still has some autonomy.

[1] e.g. https://bugzilla.mozilla.org/show_bug.cgi?id=1709223#c19

This is also so they can invade your privacy, and correlate all of your searches to your geolocation.

    Privacy and intimacy,
    As we know it,
    Will be a memory,
    Among many to be passed down
    To those who never knew.
    Living in the pupil of one thousand eyes.
Are you missing a Not operator in that last line?
It's lyrics from a song - the last line sounds like a new sentence, so it's punctuation that I'm probably missing.

I've added it for clarity.

What a pleasant surprise! I hadn't listened to Symbolic in a while.
Unfortunately this is really not an option for (some) areas in the US. After having moved to a populous LA area from Germany I was baffled at the lack of detail in the maps. Basic things like building numbers are entirely missing. Even after adding more and more details I would never fully rely on OSM here sadly. And if it only works sometimes why even bother using it in the first place? At least this was my progression. From fully using OSM, I am back to Google.

The only good in-between solution is MagicEarth which supplements OSM maps with data from lord knows where. However although they claim to be privacy cautious they are quite opaque.

Also, do not fully rely on Google Maps knowing house numbers. Looks like in some areas (in UK for example) Google used some sort of OCR to find house numbers. There are houses and Wales with random house numbers that only have a house name; Numbering ends a few houses into dead-end alley where the Street View car didn't come; Or totally wrong numbers where house number sings are hard to read.
House names, rather than numbers, are very common in rural UK.
Searching for my address just straight up doesn't work.

Named house rather than a number, and the postcode isn't a particular street but covers a number of little tracks up to various farms.

I also don't have a road name.

The address syntax is:

Building name

Town

County

Post code

The combination of no road and no number means Google absolutely fails. It just gives suggestions of businesses nearby... Ish.

Does your location have a Place ID? Google originated Place IDs for exactly this type of use case, so that people could find places like yours without an address.
Australia went to mandatory house numbers in, I think, the 60s but my grandmother refused and gave out only her house name until she passed away in the 21st century.
Not heard of MagicEarth before - looks interesting but what's missing is a "Why/how is it free" statement. They don't cover how they monetise this, what's their business model.
Makes more sense to switch to bing maps, since they have ever so slightly better satelite imagery and there's no way in hell anyone would use bing for anything else anyway.
Interesting. In my experience, OSM's level of detail in Amsterdam is much higher than Google's. Especially in bike routes, an area that Google often sucks at.
OSM is usually better in Europe. Even some rural paths were mapped as streets in Google maps. But in USA it is probably other way around.
A lot of the US road map was imported from TIGER (<https://en.wikipedia.org/wiki/Topologically_Integrated_Geogr...>). This is an electronic mapping system set up in the 90s by the US Government to aid in conducting the census. The TIGER data doesn’t have any address information at all, just road shapes. No information about the type of road, the number of lanes, the quality of the surface, presence of sidewalks, signals at intersections, anything. Just the paths the roads follow, and those paths are often of extremely poor quality. The resulting OSM maps are barely usable; sometimes they are not even recognizable by locals.

So OSM has decent geographical coverage of the US, but relies very heavily on individual contributors to correct the deficiencies and add useful information to the maps. The only way it will be usable for you is if others have improved it. The only way it will be usable for others is if you jump back in and do the same.

> TIGER data doesn’t have any address information at all

In the EDGE tables it does have ZIP codes and house number ranges, split into left and right side of the road. ZIP codes were imported into OpenStreetMap data. House number ranges are imported into the OpenStreetMap search into a separate database table, so searching works in a lot of areas but it's far from complete, all the issues you mentioned with roads that don't even exist etc

I stand corrected. Maybe the TIGER data or the import process was improved at some point in the last decade?
While I like OSM for some use cases, and have contributed, it can not work as a replacement for google maps for every day use. My biggest problem is the search - absolutely unusable.
Technical nit: OSM as such does not have "a search". Geocoding (as it's known) is a separate component and if you dislike the one used by the openstreetmap.org there are other services that render OpenStreetMap data for you – perhaps with a better search!
Here's a question for someone who understands cross-site cookies (which isn't me): Why does www.google.com/maps 's site permissions show https://www.openstreetmap.org/ as one of the sites 'that can use cross-site cookies and site data'?
I found OsmAnd absolutely essential in my extensive off-road travels in Central America and Spain, paid to support it via Google Play, but i could not for the hell of it figure out how to submit photos and places. It forced me to create a separate account and then always gave me errors when i tried to submit
The separate account is needed for openstreetmap uploads/notes/corrections. You can add places on osm.org also or retry with the osm account using Osmand.
I have what i think is a separate account. Could you link a GitHub where i can create an issue and upload error screenshots? Even if it's not a bug but a feature, it should still be useful, because this flow is very confusing.
There are two ways to login

Oauth and user/password, you can try both under plugins/openstreetmap editing/settings/Login to Openstreetmap

The official Telegram support group is also good for getting help:

https://t.me/OsmAndMaps

If you need OSM on Android, I can recommend:

- "Organic Maps" (a fork of the old MapsMe codebase) if you want a clean, simple user experience

- "OSMAnd" if you want a very powerful, highly customizable map application, which comes at the cost of a steeper learning curve

Both apps are open source and support navigation, offline maps and POI search.

The things I miss most compared to Google Maps is live traffic information and the powerful search. However, this has a privacy cost, so I generally try to use OSM first, and only fall back to Google Maps (in the browser) if I really need to.

I'm a OSMand user and OSM contributor. However, sometimes I hate the routing OSMand provides, taking me through narrow streets with awkward turns. Wish they used GraphHopper... A nice feature in OSMand is that even if you get the free version off the Play store, if you log in with OSM and are active, you get free map updates and all the "plus" functions. And on top of that, the full plus version is available off F-Droid.

By the way, OSMand has some support for reporting traffic issues (police, crashes), but it's very very limited due to low adoption way below a critical mass. Also, reporting traffic status would probably require OSMand to run a pretty beefy server and get the current speed/traffic info from all the users - many chose it exactly because they don't want that.

Maybe you know. I've been told twice that OSMand can show the altitude above sea level of a location, but I cannot for the life of me figure out how. Have you any idea?

Thanks!

It's these steps:

- go to pugins section and activate the contour lines plugin

- then go to download maps and load the contour lines data for your region

- go to configure map and check the show contour lines option

I think you need the f-droid Version or the paid pro Playstore version or the subscription. Please note that this will only show marked contour lines and not interpolate/estimate the elevation for any point. So you need to search for the next line and get your own idea what that means for the specific location. Not ideal for very flat areas with sparse contour lines.

For the current position you can show GPS elevation (settings, configure screen, widgets)

Perfect, thank you! In fact most of my apps are from F-droid when possible.
On iOS, I have mine configured to show the altitude in the top right corner of the map view. The settings are admittedly confusing but if you just poke around in the map display settings you should find it!
I use OSMand for walking and biking and it's great, much better than Google Maps in my region. Just remember to choose the right kind of traffic in the settings when starting navigation.

It's not as good for driving.

I have Organic Maps, because I thought it would be nice to have in case of an emergency where I don't have internet, but sadly just a few weeks ago, I had such a case and Organic Maps couldn't find the address and the map itself didn't have all the roads on it (nor satelite or topology map), so I couldn't even use it as a normal map... In the end I had to resort to one archaic ways and ask local humans for directions...

Google maps does offer being able to download for offline use, but if you don't have internet it quite often doesn't want to do navigation, unless you trick it with saved directions.

How does Garmin do it (I'm guessing map licencing issue)?

And how come this isn't already a solved issue?

I also had some success with HERE maps: https://wego.here.com

Their Android app: https://play.google.com/store/apps/details?id=com.here.app.m...

Their Apple app: https://apps.apple.com/app/id955837609

The performance is good (especially on a budget Android device, better than the recent versions of Google Maps, even), they're reasonably accurate (I'm in Eastern Europe) and include navigation, traffic information, public transportation, as well as the ability to save regions for offline browsing.

I can't comment on the company behind it, though, but it's a nice alternative nonetheless (and there are simple prompts for choosing whether you want to send them any data, e.g. to enrich traffic information).

Edit: as a criticism, some Android reviews suggest that recent updates have made the app less performant than previous versions, though I didn't notice anything in particular on my current device (2020 budget phone). Some also suggest that navigation needs more work.

One of the best features of HERE maps is the ability to download entire countries' maps and turn off data.

This was a life saver when roaming when data charges were really exorbitant.

Google Maps Android also supports offline maps downloading of selected regions. However the download is only valid for a year.
From where do they get traffic information? The only viable app that I've ever seen for traffic data is Waze, because of the huge install base. I do remember HERE from when they were a Nokia brand, but even with that history I think that they'd be too small to have good traffic information.
HERE is currently owned by a consortium of Mercedes-Benz, BMW and Audi. So I guess that's where their traffic info is from.
Thank you. Sounds like they'll have a ton of data for LA, not so much data for Detroit ))
I can also recommend this app for driving. My experience is better with this than with goggle and speed limit information is very useful.
Is panning and zooming in OSMAnd not a huge pain for anyone else? The map rendering (of downloaded maps) is extremely sluggish and absolutely useless for me to use. (Even worse than the tile-based rendering of early Maps on iPhone.)

Organic and MagicEarth work fine for me. I really wonder if it is just my setup or if everyone else suffers from this. I am on a Pixel 5 with CalyxOS using the OSMAnd+ from Fdroid (but same with normal OSMAnd from Aurora)

I have the exact opposite experience with OSMAnd on Android.

The map rendering of OSMAnd is faster than Google Maps (using a 3+ year old smart phone with a low-end Realtek SoC). Like really way way faster/snappier.

My setup is a Chinese brand Android 10 with default OS (rooted)and OSMAnd+ from Fdroid.

The only possible cause I could think of is that CalyxOS is somehow missing proper video drivers for your Pixel?

Hmm interesting, thanks for letting me know. I always wondered why people recommend OSMAnd when it performs so poorly. Will look into this.
It may be a bug of Android: Newer Android versions have further locker down sd card access. The implementation is apparently super slow for stuff like what Osmand uses. Dont put the map data onto the sd card or use one of the predefined locations

https://github.com/osmandapp/OsmAnd/issues/12046 https://github.com/osmandapp/OsmAnd/issues/13254

Edit: If that is not the culprit then check if OpenGL rendering is activated.

You can also deactivate unneeded features from being rendered (buildings, areas, etc). And lastly there are smaller road-only maps (no POI data and no adresses though)

Thanks for letting me know. I don't have a sd card, activated the dev plugin and enabled opengl but did not see any real improvement. I will open an issue with a screen recording on their repo now that I know it is not supposed to be this bad.
It's not just you. This comment claiming better performance than Google Maps is baffling to me. OSMand has been slow on every phone I've owned (OnePlus 2, Pixel 3a and Pixel 6a). Enabling OpenGL and restarting improves panning/zooming framerate, but tiles are generated at the same slow speed (maybe even slightly slower).

What really matters is the amount of data. In my local town I can scroll around no problem, but in a more actively mapped area like Amsterdam it takes at least couple seconds to load.

Lets not forget StreetComplete is a dead easy app to use to help contribute to OSM. It just asks you a few questions like "is this bench still here" or "is there a bike lane on this road" etc

https://streetcomplete.app/

Can I use this app to suggest issues? In one of my projects I found a bunch of buildings that have either the wrong direction or the wrong coordinates. Think "Random street 1, 2 and 4 are next to each other, but Random street 3 is 500m away". But since it's a city I don't live in I can't go there in person and confirm.
You can report issues by long pressing and tapping "Create a note" which people will eventually review and fix.
I love this app and use it frequently. Great excuse to take little walks around town.
Organic Maps is also significantly more optimized in my experience (or maybe a more fair thing to say would be: is faster because it does less). So it pays to have both because OM is basically the "fast path" for its use case in more ways than just the interface.
Both Organic Maps and OsmAnd are available on iOS as well.
I hope the author of OSMAnd makes enough money from the play store to finance continued development, because the application is amazing, it has an interface that is not dumbed down, it does not phone home to the mother ship, it gives you great tracks, in short it is a great tool that respects the end user.

I wish more applications were like it, first thing I install on my phone.

But is the app as good as Google's? I always struggle with OSM maps.

I think at the moment there's a massive discount on OsmAnd+. Worth it?

Really depends, it can be much better than Google depending on country/region. Google Maps is not in every country good. Definitely better for any kind of outdoor activity like hiking, bicycle, ski etc. and offline usage.
The problem is you loose a certain percentage of businesses and also user recommendations (no real alternative there). There is no real incentive for businesses to make yourself visible on OSM (probably many don't even know it exists).
Obviously YMMV.

I live about 1 mile from suburbs in a town called Bingley in Yorkshire, England.

I can't trust Google maps locally (though its good for local business searches), as the mapping quality is terrible. My village and local town have roads missing, numerous public rights of way missing (over both public and private land). Major areas of trees missing. OSM is much, much better.

See the difference:

https://ibb.co/fk74k3s https://ibb.co/GTKMTzn

I am noticing more and more how poor Google maps is for non-drivers (such as myself recently having to stop driving), such as not being able to do walking routes over local foot bridges, OSM with OSRM or Grasshopper is fine:

https://ibb.co/NtTf6kr https://ibb.co/sq60YQy

> OSM with OSRM or Grasshopper

Is this usable on mobile? Can you tell a bit more?

Sorry, I don't know. I used the OSM website for the purpose of this comparison. I use the Magic Earth app on my phone, which has proprietary route planning (using open street maps).
osm and wikipedia are proof that an alternative, more desirable, digital universe is not utopically distant but begging to be born. imagine if the world would somehow muster to dedicate something more than token support to such projects / designs

prediction: osm will eventually surpass wikipedia as the most successful crowdsourced effort because the more objective and simple nature of its data allows dramatic scaling. if even 1% of the billions of the world's roaming mobile devices get into the habbit of augmenting the osm database (e.g. using streamlined UI's like streetcomplete or yet to be build apps) the disruption will be on its way

Would you bet money on that? Google Maps is pretty entrenched. A competing 2.4 trillion dollar company that preinstalled their app on the most popular phone in the US couldn't dethrone Google Maps.
my prediction was careful to pitch osm against wikipedia (both of which I love) not against the well known elephant in the room :-)

but on your real point, yes its going to be a long slog...

Or, you know, use the Google maps app (like the company is always haranguing us to do) and turn on “only allow while using” for geo location.
This article is not about one specific service and how an alternative can solve the problem.

It is an example of how companies are dying to permission to track is.

It's a very strange move indeed. maps.google.com implies an application lives there, far better than being on the root domain.

It also means that when you start typing maps.google, you'd get all your history searchable related to maps, although arguably that's useless.

I can't think of a reason why this would be a good technical move for Google (ignoring the don't do evil thingie), other than simplifying... certificates? Less lines in the firewall config... I'm stretching here, help me understand.

Other things: slightly simpler external DNS surface, probably tiny speed improvements because users only need to have the IP of www.google.com, not one for maps, one for www, one for whateverelse.

More possibility for connection re-use, as you'd only need to have a connection open for www.google.com, not one for each service.

And security wise: ISPs can now only see that you're accessing something at google, but not which service exactly. If they also bring in accounts.google.com into the fold, that would make it harder to see whether you have an account or not.

True. I’m sure being a beyondcorp company they can’t figure out how to add dns entries. Those google guys really should learn more about the internet and it’s technologies.

I don’t buy the simplicity argument for a second. The infrastructure exists, has existed for many years, and is not particularly exotic in the world.

The only thing that matters to a surveillance and advertising company is surveillance and advertising. You don’t need to overthink this one.

That’s a rather simplistic take; a company that makes money by surveilling you as you use their products also must care about the quality of their products. If their products suck, fewer people will use them = fewer people to surveil = less money! So not all changes are necessarily directly in the service of surveillance.

Also, I don’t think your reply to the above comment was entirely fair; they didn’t say anything about adding DNS records, and also mentioned several other potential benefits of not using subdomains.

All changes are in the service of surveillance. If making the honey pot sweeter works then they’ll do it. If making it more pervasive and intrusive while not offending anyone away they will do it. They will do nothing that hurts the mission to mine and sell advertisements, and all actions will lead to that.

I know you mentioned other things but they’re all sort of in the same bucket of “not that hard once done” and “google can surely do that without blinking an eye”. I would posit the move away from a subdomain to a root domain is hard and complex and benefits end users not one bit. Perhaps the end state is easier on the margins, but again, I doubt given it’s been that way for so long it’s effectively any easier for engineers or operators at google in any way what so ever.

Well, other than those responsible for surveilling all the things.

As you mention there are plenty of performance reasons to run everything under a single hostname. There's also one especially vital for Maps, it loads a tonne of resources and maps are used in various other services at Google. Now that caches are being siloed down to the host level, having all the resources accessible in a same-origin cache will save bandwidth and increase performance for users.
> "It's a very strange move indeed. maps.google.com implies an application lives there, far better than being on the root domain."

How does "maps.google.com" imply an application "lives there" any more than "google.com/maps"?

Technically speaking, "google.com/maps" is far superior to "maps.google.com" (check out the rest of the comments in this thread for examples: simpler DNS configuration, simpler certificate management, CORS, cookies, etc).

Technically speaking it goes around any security CORS and friends provide
Security is hard, money is easy. Simple choice!
> "Technically speaking it goes around any security CORS and friends provide"

CORS wasn't designed to "offer any security" in this specific scenario anyway.

By using "google.com/maps" they can simplify their systems (by not worrying caring about CORS).

google.com/maps is simpler to type on a mobile phone and more consumer friendly, I’ve always used google.com/ pattern, way easier to leverage autocomplete, type a g to autocomplete google.com then if you are looking for flights type f and in 2-3 clicks you are on google.com/flights
Yeah, but flights.google.com or translate.google gets you there even faster.

dns segments are shown backwards for a reason. it was done so that the most specific part shows up first when searching for something.

I have to admit as a data structure snob. I vaguely wish it were the other way around, sigh, as much as I hate to admit it java classes got it right. I also have to admit it does not really matter that much.

huh? You were always able to share sub-domain cookies with top-level domain cookies no?

Set-Cookie: name=value; domain=google.com

Setting cookies doesn't allow using Browser APIs lie GEO-Location
Can you load, let's say maps.google.com/somepage in a hidden iframe and use postmessage to send location data if it already has access? Or do browsers force top level navigation for such permissions?
There were probably covert ways to obtain the same information but it's now easier for Google to grab the information using regular APIs.

It also means if app X and app Y on their own subdomains were previously using location APIs without any tricks, you are now effectively opting into both apps.

Bottom line: technically it doesn't matter but it probably makes a difference in practice.

Yeah it makes a lot of sense to do it this way, however it does not feel that nefarious when there were plausable workarounds anyway.
Browser could implement finer grain permissions (i.e. only permit the API use for a given top level path regexp) but I bet most users won't bother fine tuning their grants.
What about other apis such as web notifications or webcam and mic access?

With separate domains we could allow notifications for one (e.g calendar) and disallow for another (e.g mail) at the browser level.

Seems like it would now be a blanket allow for all of google.com (with a toggle for each product setting, maybe?) which sounds like a very user hostile move.

I guess it depends if one considers Google products to be separate apps or Google as a whole to be a "Web OS".

(Also on the technical side there's not just google.com but also google.<2 letter country TLD>, which is even worse in terms of CORS, certs, or whatever. Would they get rid of that?)

Google Maps could have set your location in a cookie that is shared with google.com. Then search would have your location anyway when you next visit it.
I'm wondering how much time browsers will take to implement URL match permission granting.
If that was the goal, google could simply &tbm=maps it further.
Nah, Google will never do it because url parameters have terrible SEO... Um wait
Google maps is pretty much one of the only Google products that I still actively use. It's funny that this article was written and published today, since I had noticed the exact same thing yesterday! Does anyone know when it first started?
I’ve been seeing this redirect to google.com/maps for at least a year now because my default has always been to type maps.google.com and I find it weird every time it redirects.
Definitely been a while. Like, perhaps a year or more.

I'm in Asia btw.

recently gmail.com became unreachable and was moved to mail.google.com dont know if its related
for me, gmail.com has been redirecting to mail.google.com/mail for a long time...
I am having a hard time figuring out how this would be affected by GDPR.
Does the GDPR care about the concept of apps and URLs? If not, all it matters is the person/company relationship.
the GDPR cares about the rights the company asks for, how long it keeps it, does it need the rights for the purpose, does it give you an easy way to opt out of the rights collection and so forth.

If in order to not let all of Google have your location information you need to opt out of letting maps have your location information it might be a GDPR problem. Considering also that this was not a problem that people had before if indeed it is a problem now it might be taken as a wilful circumvention of GDPR.

The GDPR does care about different “purposes”, it’s not just about the person/company relationship.

I’m not a lawyer but my interpretation of this is that consent for Google to use location data for maps doesn’t allow them to use that same location data for email.

> Consent should cover all processing activities carried out for the same purpose or purposes. When the processing has multiple purposes, consent should be given for all of them.

https://gdpr-info.eu/recitals/no-32

Exactly. The consent was provided for the specific processing, not the TLD. The processing and all of those that are not incompatible with it, that it asked permission for that furthermore adhere to the requirements imposed regarding specific and informed consent in the GDPR (see Article 4, sub 11 GDPR and article 7 GDPR.
This is not new. I'm pretty sure Google has done that kind of redirection for ages for me.
I think this change probably has more to do with corporate firewalls than anything else. A lot of corporate internet access isn't set up to MITM the requests (a lot of places are setup for this, but a lot aren't). If they places all their services under google.com as suffixes, places that don't MITM won't have any way of stopping it as all they can see is the request to google.com.
Given the history of Google's stance towards privacy and tracking, I think it's naïve to assume technical reasons.

It may have been ok to fall for that argument for 10 years, but after AMP, manifestv3, android's location log disaster, the recording of wifi names and countless lawsuits across the globe, it seems that the resource of good faith assumptions has been depleted. Some may even say that trusting google (the corporation) to act on technical or altruistic reasons is delusional.

> after AMP, manifestv3, android's location log disaster, the recording of wifi names and countless lawsuits across the globe

Tangentially, it's funny how the whole Google+ fiasco with forcing G+ account creation for YT etc. was quickly forgotten.

I haven't forgotten because my YouTube account to this day has remnants of that move. The same with my Google Contacts, it is an absolute mess of G+ and Orkut stuff that got shoved in there at some point and Google never cared to clean their absolute mess.
I'm as skeptical as anyone about Google's privacy record but I'm not so convinced that this really helps google invade our privacy more than it already does.
Google: push security theathe features like CORS to make it hard to run cross domain

Also Google: decides to use single domain so any permission you ever give work for all of their apps

Has this not been the case for a while? I think I've been getting /maps for at least the past year.
(comment deleted)
the /maps URL worked for a while, but I never noticed the redirect from maps.google.com (but I wasn't paying attention to that).
Yep. Noticed when I didn't want to enable JS on the whole of Google's domain in μBlock Origin. I switch to another browser for this task alone—especially as some regions have incomplete data for OpenStreetMap
Firefox containers to the rescue.
Probably the best tech we have against tech giants today. I mean, heavier solutions exist (like QubesOS), FF containers are so easy to use, I hope more people learn they exist.
Does it also contain permissions you give to a website? Will it block it if run within a container?
> Does it also contain permissions you give to a website? Will it block it if run within a container?

No.

How? Access to location will stick regardless if you use containers or not.
If you put all G-services in their own container, google.com/mail can't access google.com/maps cookies, so, will it also not track location. Not sure actually, they indeed probably store your "consent" on their server. Could you block location services per container perhaps?

Hmm this is a smart move indeed, all of a sudden I'm logged into G-maps whereas I wasn't before... FireFox helpfully opened google.com/maps in my Google container...

> google.com/mail can't access google.com/maps cookies, so, will it also not track location

google.com has now direct access to your location, it doesn't need any cookies.

Would be nice if you could spoof or block access to your location per FF container. I'll see if I can put in a feature request.
But it "doesn't" know who you are if you have not logged in. Or do you mean that the permission isn't container-specific?

(Of course it can probably make a pretty good guess, just as well it could do before this change.)

I've been using Mozilla's extension[0] that contains everything Facebook-related automatically with Firefox containers and it's been working great.

This morning I looked for a similar extension for Google and I've found this fork[1] of Mozilla's extension. It's working as expected so far but I'd love for it to be officially maintained by Mozilla at some point. There is an open issue about it[2].

[0] https://github.com/mozilla/contain-facebook

[1] https://github.com/containers-everywhere/contain-google

[2] https://github.com/mozilla/contain-facebook/issues/758

Mozilla probably gets too much money from google to do this
Its reverse for translate. https://google.com/translate redirects to translate.google.com
I can understand why: Translate is the only service that works in China. Countries with censorship laws can easily choose what they allow.
They don't work in China anymore.

And when they worked, the domain was translate.google.cn instead.

I suspect this may more be to do with large organisations (and equally foreign governments) wanting to block Google translate, since it can be used as a proxy in some cases.
Hey now, it used to be local.google.com! I sometimes use that just to see if it still works.
Recently safari (on macos 10.15) started auto completing „maps.“ to „maps.apple.com“, although I only tried Apple maps once and always use gmaps. Maybe google noticed this and tries to circumvent safari‘s „preference“ for Apple Maps
Isn't maps.apple.com in your bookmarks? Most browsers suggest from bookmarks before anything else. Maybe it got added there in an update to. you know, improve your experience with the Apple ecosystem.
Its definitely not in my bookmarks. when i start typing, its under the section titled "top hits". google maps is right beneath it, but never first place
As others have noticed, this is not a new move. For the past several years I've been accessing Google Maps simply by typing in maps.google.com and it has always redirected me to google.com/maps.
It's new for me as well. I hadn't seen google.com/maps before.
Even more confusing and a regular cause of annoyance for me that's been ongoing for a while now is there's like a knockoff version of Google Maps built into Google search that it'll kick you into if you click a map from search results. e.g. you type "gyms near me" and it shows you a map in the search results, and you click it to expand. It's still at the google.com/search domain and while you can zoom and pan around, there doesn't seem to be a way to arbitrarily jump into street view wherever you want, which I frequently want to do.

I'm constantly ending up in this view, fighting with it before remembering I need to go to real Google Maps and do my search again.

Same. It's so annoying and I feel like they do not always include the relevant info like the URL in that mode. Though looking now I did not find examples of that.
Funny, for me it’s the opposite. I always try to use the web view, and there’s an annoying pop up that redirects me to download Google maps. When I switch back into the web browser to go back to the web view, it auto redirects me to the app download again. Super annoying.
> Congratulations, you now have permission to geo-track me across all of your services.

I don't think Google needed to do this move to track you across their services. Pretty sure they were able to do that before.

This makes it problematical to block. Previously you could give location permission to map.google.com and not elsewhere. Now you can't be more selective: remove permission from search/other and maps stops working (or doesn't work as well).

As others have pointed out, there are technical benefits too – but most (all?) of these technical benefits are essentially because it works around features designed to limit the scope of permissions.

Most people don't check their accounting settings, to see the massive amounts of data that Google is collecting on them or the amount of tracking they are doing. Even if a person adjusts the settings, its not really known to what extent the continual collection is actually mitigated or privacy is being ensured. To include users data being sent to 3rd parties or governments at Google's prerogative or their employees, or to the extent results and services are manipulated for Google's own internal purposes and benefit.
This made me think how much would I lose if I'll just block all *.google.com domains in the browser? I was using DDG for search and Firefox for browsing for many years without problems, but I also still use Gmail and Google docs (or whatever they are called these days, Google for Work?). Maybe, a blanket ban plus a few exceptions like mail.google.com, docs.google.com, tables.google.com and drive.google.com would not cripple my workflow too much.
> (or whatever they are called these days, Google for Work?)

Gmail is currently branded as part of Google Workspace, and shows the Workspace logo upon sign in. It probably has been that way architecturarly for a long time, but I think they have made it more explicit relatively recently, at least for non-corporate users.

It looks like "Google for Work" is an old name of Google Workspace.

Like their chat apps, they change names so often that I just call them Google Docs most of the time.
Some years back (my memory suggests somewhere between early 2017 and early 2019), Google moved reCAPTCHA to www.google.com, so now anything that uses reCAPTCHA (and that’s a lot, far more than is reasonable when I contemplate the absurdly high efficacy of a simple hidden-by-CSS honeypot when it’s just junk you’re filtering rather than targeted abuse) depends upon www.google.com frame, script and xhr, and www.gstatic.com script.

There may have been other reasons as well, but I have been strongly inclined to consider this a hostile and even malicious action (organisationally, if not individually) from the start, more than the maps.google.com → www.google.com/maps shift (though I think it’s still at least hostile).

Thus you probably can’t quite block even www.google.com even if you never use any Google services yourself.

Google has been prompting me with an Accept / Reject dialog on Maps and YouTube for years. It used to be split in several sections but luckily it became only two buttons a few months ago. I click reject and start mapping / watching.
You guys are still using google and dreaming about working for them?!