At Google I/O 2016, Google announced two new messaging products: Allo, for text messaging, and Duo, for video communications. These are the most recent in a series of messaging products Google has created, none of which have succeeded in attracting a really large user community the way that other messaging products have done. Google doesn't release figures for monthly active users of Hangouts, while WhatsApp has a billion users, Facebook Messenger and QQ have 850 million, and WeChat has about 700 million. The stakes in messaging are very high, and, so far, Google is an also-ran.
In 2015, it looked like Google might go in a different direction, perhaps acting as a spoiler for proprietary messaging apps that don't interoperate and don't use carrier protocols like SMS and MMS. Google bought a company called Jibe that makes next-generation messaging servers for standard telecom protocols called Rich Communications Services, or RCS. If Google based a messaging system on RCS it w…
Photo by Matthew Hester (CC BY-ND 2.0)
Google has become something of a slumlord. While Google+ has been accused of being a "ghost town," at least it looks pretty, even now after what feels like a long period of stagnation and un-addressed bugs. But Google+ isn't the most neglected neighborhood in Googleland.
Where is the Blogger blog?
Various parts of Google, notably Search, use Blogger to convey news about new releases and their development road map. Blogger is key infrastructure for Google itself. But where is the Blogger blog? Like some other semi-abandoned properties, Blogger no longer has frequent updates about features.
If you want a history of Blogger and it's features, you'll have to rely on Wikipedia. Evidently there are ardent Blogger users who keep track of these things.
Why does this matter? There are a lot of abandoned places on the Internet. Blogger, however, is emblematic of the problems that precipitated the departure of Vic Gundotra from Google+…
This might not be the single most interesting bug in all of Android, but out of the ones I have encountered or heard of, it definitely caught my attention.
Combating fragmentation with a single code base
A key set of features of Android is good forward and back-compatibility. That is, you can write an app that uses new APIs, but runs on old systems, by testing for the API level and not calling unimplemented features. This enables developers to keep a single code-base for many versions of Android.
However, old Android versions can't see their own future. That means that when new permissions are introduced, it is possible that an app created their own permissions with the same name. And therein is the basis for a vulnerability identified in this paper by Indiana University and Microsoft Labs researchers.
The result is an app that never asked for a permission, but got one anyway. That's bad! It's not just bad implementation bad, it's design-flaw bad. On the …