• Nollij@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    73
    arrow-down
    2
    ·
    1 year ago

    This is a highly concerning allegation, and it does explain some interesting results I’ve noticed lately. I’ve wondered why, especially when searching for products, an expected result isn’t there unless I invoke it by name. I’d chalked it up to their competition having more mindshare and thus a higher page rank score. Now I’m not so sure.

    Worse, it somewhat supports claims that the far-right has been making, although those claims still completely miss the mark.

    • rgb3x3@beehaw.org
      link
      fedilink
      arrow-up
      22
      ·
      1 year ago

      What annoys me most is that you’ll get that product carousel at the top of sponsored products that aren’t what you want, then 3 or 4 results of sponsored links, then maybe you get the actual thing in the 5th real result.

      It’s a really bad search experience.

      • floofloof@lemmy.caOP
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        1 year ago

        That’s my experience of it too, and yet the Google users I know refuse to try anything else because they insist every other search engine gives useless results while Google gets it right. Perhaps it depends what kinds of things you tend to search for, but I usually do better with Duck Duck Go, and sometimes even with Bing. People’s love for Google search at this point has to be based in how it used to be, not how it is today.

        • Mario_Dies.wav@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          I’ve thought the same thing, and I’ve concluded there must be a significant percentage of people who use search engines in a completely different way than I do. Like my dad saying to his tablet, “Ok google, play [song from the 1960s].” If people think this is what a search engine is supposed to do, then I imagine a search engine that actually behaves like a search engine would be pretty disappointing.

          • pizzaboi@lemm.ee
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            I think this is it. Google has done an incredible job of making sure you can accomplish a huge amount with very little friction… so long as you do it with their products and give them your data. If that fits your goal, there’s no denying that going all-in on Google is going to work well for you.

            If all you want is a place to enter text and get a page of links, not so much.

      • Saxoboneless@lemmy.world
        link
        fedilink
        arrow-up
        15
        arrow-down
        2
        ·
        1 year ago

        I think the claims I’ve heard irl are something along the lines of “can’t trust Google search results, they’re censoring 'em!” I figure the things they’re mad Google “censors” are probably literal or borderline fascist content - and I also tend to assume they’re probably misusing the word censor. I think the tenuous connection here is just that yeah Google is probably doing some shady stuff with their search results.

        • Nollij@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          Yeah, pretty much this. A lot are upset that when you Google for something like vaccine safety, your top results are things like the CDC and the WHO instead of their favorite Bigfoot hunter conspiracy theorist.

          And for some reason, they all seem to act like there’s an actual person on the other side, individually restricting results.

  • Schwim Dandy@reddthat.com
    link
    fedilink
    arrow-up
    27
    arrow-down
    1
    ·
    1 year ago

    I can’t say I don’t use Google as I own an unrooted pixel on the Fi network but I’ve done what I’m able to lessen the information given to them by stopping the use of the search engine, browser and sandboxing any Google pages in my FF browser. It started bothering me how much I was relying on one company for nearly everything online.

    My next phone will likely be rooted and running a different OS.

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      27
      ·
      edit-2
      1 year ago

      Pixel is still one of the best options overall despite other Google enshittification. There are plenty of ways to move away from Google defaults without changing the OS. If that’s not enough, you’d still benefit from their software support. Third party OSes like LineageOS and Graphene can use Google’s updated sources and binary blobs for driving the hardware during the same 5-7 year support lifespan. As a result those OSes should be able to run securely on a Pixel at least till the end of its official support span.

    • limonfiesta@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      4
      ·
      1 year ago

      Rooting can harm the security of your device, significantly.

      I understand you’re wanting to root for privacy reasons, and I’m not saying you should never root, just understand the risks.

      Instead, I’d suggest keeping your Pixel and installing GrapheneOS.

      Or, find another phone that is supported by DivestOS.

      Both of those ROMs are privacy and security hardened and relock your bootloader for a secure boot.

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        13
        ·
        1 year ago

        Rooting can harm the security of your device, significantly.

        Why is that? On a rooted device you still benefit from Google scanning installed apk, and root access is protected by an explicit accept dialog.

        It’s the exact same setup as UAC on Windows or the admin prompts on Linux and Mac.

        • floofloof@lemmy.caOP
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          The rooting process itself often involves running an exploit and trusting whoever wrote the rooting tool not to use that exploit to do anything undisclosed. If you wanted to install an undetectable rootkit, slipping something into such a tool wouldn’t be a bad way to do it.

          • lemmyvore@feddit.nl
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            The rooting process itself often involves running an exploit

            It most certainly does not. Exploits were used a decade ago, nowadays you unlock the bootloader using a manufacturer-provided key. And regardless of the key you need physical access to the device and rebooting into a special runtime.

        • limonfiesta@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          You just answered your own question. How many users click approve without thinking? How many install Xposed modules that intentionally, or unintentionally, create security issues?

          I didn’t say rooting will break your security, just that it can. Rooting exponentially increasing the attack surface, which for some users isn’t a concern, but for your average user, it probably should be.

          In this case, this person wanted to increase his privacy, which is why I recommended what I did.

          Also, FWIW, there’s a reason why GrapheneOS and DivestOS specifically design their ROMS to NOT be rooted and to RELOCK the bootloader.

          • lemmyvore@feddit.nl
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            edit-2
            1 year ago

            Saying “rooting can harm the security of your device significantly” is like saying “crossing the street exposes you to mortal danger”. It’s technically true but fails to take into consideration a huge amount of factors, to the point it loses all meaning. Either qualify your statements or refrain from making such generic ones.

            You just answered your own question. How many users click approve without thinking? How many install Xposed modules that intentionally, or unintentionally, create security issues?

            You do realize that most of the Internet runs on servers where people have admin access? And there’s no shortage of attacks against machines on the Internt. If they can manage to function under these conditions I think my phone will also be fine.

    • WashedOver@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I’m pretty reliant on a couple of big providers I find. Usually Amazon is my first search stop then Google. I find I need to disable my ad blockers to be able to use the sponsored links. I often am searching for a solution product not a specific item so I’m curious about the options. Then I narrow down into specific items which Google does a pretty good job of I find for me.

      I was an early Google adopter so I’ve been using Google for a lot of things over the years.

      I often use search within Google Maps to find locations hours, reviews on a experience, and a location or business’ website.

      I’ve recently switched to Duck Duck Go and FF and I find it might be a familiarity to the types of localized results I miss as I’m still pretty plugged into the Google eco system and duck duck go doesn’t seem to hit the mark as closely for me.

    • Jessvj93@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I’m on android and how I protect myself in this phones environment is:

      VPN - Mullvad is my go to

      App Cloner - Obfuscate and scramble my GPS, Wifi, Phone Model, Google Analytics ID, and MAC address on isolated apps.

      Brave Browser- Set to delete cookies, history, ect when it closes

      Last Pass - So the above is easier to regain access to accounts

      • blindsight@beehaw.org
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        How does rooting “cripple” security? You still need to give Superuser permission to apps on an individual basis. So long as you only give Superuser permission to widely-used open-source apps, what’s the “crippling” change?

        Or do you mean having an unlocked bootloader, which gives anyone with physical access to your device tools to unlock your phone? That’s related, but different, from rooting. And you can lock your bootloader and keep root access, so they aren’t interchangeable.

        • zwekihoyy@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          you can’t lock your bootloader and retain access for one. that’s an easy way to brick your device. it cripples security because in order to gain this access you are patching in the sudo binary (which doesn’t normally exist on Android and is therefore not designed to be securely used) and a bunch of selinux policies that give extremely vague permissions systemwide. data exfiltration is made a much simpler task when a user has rooted their device.

          it is also increasing attack surface. you now have to trust that this per app permission model is actually functioning correctly and isn’t exploitable.

          edit: it is worth noting that having root access on a desktop Linux system is horribly insecure as well, though. I completely remove sudo on my systems (although considering one can just invoke su -c or su - root that doesn’t help too much in actuality)

          • ReversalHatchery@beehaw.org
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            edit: it is worth noting that having root access on a desktop Linux system is horribly insecure as well, though. I completely remove sudo on my systems (although considering one can just invoke su -c or su - root that doesn’t help too much in actuality)

            You have just proven you never or very rarely use a computer. How do you even update the system without sudo or an alternative to it?
            Without root permissions you basically can’t manage your system anymore.

            • nyan@lemmy.cafe
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              su - is actually the traditional way of getting superuser permissions on a Linux device—enter your root password, and it gives you a root shell that can perform all administration tasks. I’ve never even had sudo installed on my systems, because it doesn’t improve security for my specific use case. (How relevant is this to the various Android-device-related points? Not at all, really.)

            • zwekihoyy@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              1 year ago

              a better solution than giving blanket root access would be an API/daemon that provides more fine grained permission control, similar to how flatseal manages the flatpak sandbox.

              edit: anyone wanna help me on a new project idea…?

            • zwekihoyy@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              one of the reasons I use nix package manager is because it doesn’t require root. it has separate build users and a daemon responsible for privileged file management. I also have a separate user with access if I absolutely need it, or I can log in with a live session and chroot into my system.

              if you need root for a general purpose application then it’s badly designed

        • zwekihoyy@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          well sure, for customisation sake there is plenty benefit. the security concerns are more plentiful, however

  • Ordoviz@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Wired has removed the story because it “does not meet [their] editorial standards”.