Connect with us

Biz & IT

Google tweaks Android licensing terms in Europe to allow Google app unbundling — for a fee

Published

on

Google has announced changes to the licensing model for its Android mobile operating system in Europe,  including introducing a fee for licensing some of its own brand apps, saying it’s doing so to comply with a major European antitrust ruling this summer.

In July the region’s antitrust regulators hit Google with a recordbreaking $5BN fine for violations pertaining to Android, finding the company had abused the dominance of the platform by requiring manufacturers pre-install other Google apps in order to license its popular Play app store. 

Regulators also found Google had made payments to manufacturers and mobile network operators in exchange for exclusively pre-installing Google Search on their devices, and used Play store licensing to prevent manufacturers from selling devices based on Android forks.

Google disputes the Commission’s findings, and last week filed its appeal — a legal process that could take years. But in the meanwhile it’s making changes to how it licenses Android in Europe to avoid the risk of additional penalties heaped on top of the antitrust fine.

Hiroshi Lockheimer, Google’s senior vice president of platforms & ecosystems, revealed the new licensing options in a blog post published today.

Under updated “compatibility agreements”, he writes that mobile device makers will be able to build and sell Android devices intended for the European Economic Area (EEA) both with and without Google mobile apps preloaded — something Google’s same ‘compatibility’ contracts restricted them from doing before, when it was strictly either/or (either you made Android forks, or you made Android devices with Google apps — not both).

“Going forward, Android partners wishing to distribute Google apps may also build non-compatible, or forked, smartphones and tablets for the European Economic Area (EEA),” confirms Lockheimer.

However the company is also changing how it licenses the full Android bundle — which previously required OEMs to load devices with the Google mobile application suite, Google Search and the Chrome browser in order to be able to offer the popular Play Store — by introducing fees for OEMs wanting to pre-load a subset of those same apps under “a new paid licensing agreement for smartphones and tablets shipped into the EEA”.

Though Google stresses there will be no charge for using the Android platform itself. (So a pure fork without any Google services preloaded still wouldn’t require a fee.)

Google also appears to be splitting out Google Search and Chrome from the rest of the Google apps in its mobile suite (which traditionally means stuff like YouTube, the Play Store, Gmail, Google Maps, although Lockheimer’s blog post does not make it clear which exact apps he’s talking about) — letting OEMs selectively unbundle some Google apps, albeit potentially for a fee, depending on the apps in question.

“[D]evice manufacturers will be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser,” is what Lockheimer unilluminatingly writes.

Perhaps Google wants future unbundled Android forks to still be able to have Google Search or Chrome, even if they don’t have the Play store, but it’s really not at all clear which configurations of Google apps will be permitted under the new licensing terms, and which won’t.

“Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA. Android will remain free and open source,” Lockheimer adds, without specifying what the fees will be either. 

“We’ll also offer new commercial agreements to partners for the non-exclusive pre-installation and placement of Google Search and Chrome. As before, competing apps may be pre-installed alongside ours,” he continues to complete his trio of poorly explained licensing changes.

We’ve asked Google to clarify the various permitted and not permitted app configurations, as well as which apps will require a fee (and which won’t), and how much the fees will be, and will update this post with any response.

The devil in all those details should become clear soon though, as Google says the new licensing options will come into effect on October 29 for all new (Android based) smartphones and tablets launched in the EEA.

Update: Google has now confirmed that Google Search and/or Chrome will be available for OEMs to license (non-exclusively) without a fee.

While the Google apps that will require a fee are: Google Play Store, Gmail, Maps, YouTube, Duo, Play Movies, Play Music, Drive and Photos. It is not disclosing the fees being charged.

This suggests OEMs will be able to offer a phone with the Play Store (plus the bundled Google apps) and a non-Google search engine and browser as the default, for example. Or a device without Play but with Google Search or Chrome.

The company also appears to be offering OEMs incentives to place Search or Chrome prominently under the new license.

Responding to Google’s announcement, a Commission spokesperson told us: “It is Google’s responsibility to comply with its obligations under the Decision. The Commission will closely monitor Google’s compliance to ensure that the remedy is effective and respects the Decision.”

“It is for Google to decide exactly how to comply with the Commission’s decision. The decision does not require Google to charge for any of its apps or for the Play Store,” the spokesperson added. “In fact, the Decision is designed to allow, for the first time, competing search and browser providers to compete on the merits with Google for pre-installation on Android devices, leading to greater choice for consumers.

“Android remains licensed for free under an open source regime. The Decision also allows companies, for the first time, to develop and market competing operating systems based on the Android open source code (so-called “Android forks”).”

This article was updated with comment from the European Commission and clarification from Google

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

OpenAI invites everyone to test new AI-powered chatbot—with amusing results

Published

on

Enlarge / An AI-generated image of a chatbot exploding forth from squiggly radial lines, as was foretold by the prompt.

Benj Edwards / Ars Technica

On Wednesday, OpenAI announced ChatGPT, a dialogue-based AI chat interface for its GPT-3 family of large language models. It’s currently free to use with an OpenAI account during a testing phase. Unlike the GPT-3 model found in OpenAI’s Playground and API, ChatGPT provides a user-friendly conversational interface and is designed to strongly limit potentially harmful output.

“The dialogue format makes it possible for ChatGPT to answer followup questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests,” writes OpenAI on its announcement blog page.

So far, people have been putting ChatGPT through its paces, finding a wide variety of potential uses while also exploring its vulnerabilities. It can write poetry, correct coding mistakes with detailed examples, generate AI art prompts, write brand-new code, expound on the philosophical classification of a hot dog as a sandwich, and explain the worst-case time complexity of the bubble sort algorithm… in the style of a “fast-talkin’ wise guy from a 1940’s gangster movie.”

ChatGPT also refuses to answer many potentially harmful questions (related to topics such as hate speech, violent content, or how to build a bomb) on the grounds that the answers would go against its “programming and purpose.” OpenAI has achieved this through both a special prompt it prepends to all input and by use of a technique called Reinforcement Learning from Human Feedback (RLHF), which can fine-tune an AI model based on how humans rate its generated responses.

Reining in the offensive proclivities of large language models is one of the key problems that has limited their potential market usefulness, and OpenAI sees ChatGPT as a significant iterative step in the direction of providing a safe AI model for everyone.

And yet, unsurprisingly, people have already figured out how to circumvent some of ChatGPT’s built-in content filters using quasi-social engineering attacks, such as asking the AI to frame a restricted output as a pretend scenario (or even as a poem). ChatGPT also appears to be vulnerable to prompt-injection attacks, which we broke a story about in September.

Like GPT-3, its dialogue-based cousin is also very good at completely making stuff up in an authoritative-sounding way, such as a book that doesn’t exist, including details about its content. This represents another key problem with large language models as they exist today: If they can breathlessly make up convincing information whole cloth, how can you trust any of their output?

Still, as people have noticed, ChatGPT’s output quality seems to represent a notable improvement over previous GPT-3 models, including the new text-davinci-003 model we wrote about on Tuesday. OpenAI itself says that ChatGPT is part of the “GPT 3.5” series of models that was trained on “a blend of text and code from before Q4 2021.”

Meanwhile, rumors of GPT-4 continue to swirl. If today’s ChatGPT model represents the culmination of OpenAI’s GPT-3 training work in 2021, it will be interesting to see what GPT-related innovations the firm has been working on over these past 12 months.

Continue Reading

Biz & IT

Hive Social turns off servers after researchers warn hackers can access all data

Published

on

Hive Social

Hive Social, a social media platform that has seen meteoric growth since Elon Musk took over Twitter, abruptly shut down its service on Wednesday after a security advisory warned the site was riddled with vulnerabilities that exposed all data stored in user accounts.

“The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages,” the advisory, published on Wednesday by Berlin-based security collective Zerforschung, claimed. “This also includes private email addresses and phone numbers entered during login.”

The post went on to say that after the researchers privately reported the vulnerabilities last Saturday, many of the flaws they reported remained unpatched. They headlined their post “Warning: do not use Hive Social.”

Hive Social responded by pulling down its entire service.

“The Hive team has become aware of security issues that affect the stability of our application and the safety of our users,” company officials wrote. “Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience.”

The Zerforschung post said the vulnerabilities were so serious that they were withholding technical details to prevent the active exploitation of them by malicious hackers.

The series of events raised questions about why Hive Social waited some 72 hours to shut down its site after receiving notification users’ most private data was free for the taking. Zerforschung said that after multiple communications, Hive Social claimed to have fixed all issues when that was clearly not the case. The social media site said it never claimed the vulnerabilities were fixed.

Hive Social’s user base reportedly doubled in the last few weeks, going from about 1 million to 2 million as of last week, according to Business Insider. Despite the massive growth, the social media site continued to be staffed by just two people, neither of whom had much of a background in security.

Representatives of both Hive Social and Zerforschung didn’t respond to questions sent by email.

While there are no reports that the vulnerabilities were actively exploited, there’s no way at the moment to rule that out. Anyone with a Hive Social account should be prepared for the possibility that the data they provided during sign up, as well as private messages, whether deleted or not, have been obtained.

The lesson from this event further supports advice Ars gave on Tuesday concerning Mastodon, another social media site that has also seen skyrocketing user numbers in the aftermath of the Twitter takeover by Musk. Put nothing on the site that you wouldn’t mind being public. Confidential information should never be put in direct messages or any other place. Here’s hoping Hive Social users already knew that.

Continue Reading

Biz & IT

My secret life as an 11-year-old BBS sysop

Published

on

Enlarge / Benj Edwards’ computer running The Cave BBS in 1994.

Thirty years ago last week—on November 25, 1992—my BBS came online for the first time. I was only 11 years old, working from my dad’s Tandy 1800HD laptop and a 2400 baud modem. The Cave BBS soon grew into a bustling 24-hour system with over 1,000 users. After a seven-year pause between 1998 and 2005, I’ve been running it again ever since. Here’s the story of how it started and the challenges I faced along the way.

Enter the modem

In January 1992, my dad brought home a gateway to a parallel world: a small black plexiglass box labeled “ZOOM” that hooked to a PC’s serial port. This modem granted the power to connect to other computers and share data over the dial-up telephone network.

While commercial online services like CompuServe and Prodigy existed then, many hobbyists ran their own miniature online services called bulletin board systems, or BBSes for short. The Internet existed, but it was not yet widely known outside academic circles.

A photo of a Zoom 2400 BPS modem like I first used in 1992.
Enlarge / A photo of a Zoom 2400 BPS modem like I first used in 1992.

John Scagon

Whereas the Internet is a huge connected web of systems with billions of users, most BBSes were small hobbyist fiefdoms with a single phone line, and only one person could call in and use it at a time. Although BBS-to-BBS message networks were common, each system still felt like its own island culture with a tin-pot dictator (the system operator—or “sysop” for short) who lorded over anyone who visited.

Not long after my dad brought home the modem, he handed off a photocopied list that included hundreds of BBS numbers from our 919 area code in North Carolina. Back then, the phone company charged significantly for long-distance calls (which could also sneakily include parts of your area code), so we’d be sticking to BBSes in our region. This made BBSes a mostly local phenomenon around the US.

My original Raleigh-area BBS list from 1992, dated December 9, 1991.
Enlarge / My original Raleigh-area BBS list from 1992, dated December 9, 1991.

Benj Edwards

With modem in hand, my older brother—about five years older than me—embraced calling BBSes first (we called it “BBSing”). He filled up his Procomm Plus dialing directory with local favorite BBSes such as The Octopus’s Garden, The Body Shop, and Chalkboard. Each system gained its own flavor from its sysop, who decorated it with ANSI graphics or special menus and also acted as an emcee and moderator for the board’s conversations.

I have a distinct memory of the first time I realized what a BBS was. One day while I looked over my brother’s shoulder, he showed me the file section of one of those BBSes—a list of available files that you could download to your local computer. Pages of free-to-download shareware games scrolled by. My eyes widened, and something clicked.

“You can download games for free?” I remember thinking. I noticed one file labeled “RAMPAGE.ZIP” that was one hundred kilobytes—or “100K,” as listed. Thinking of Rampage on the NES, which was one of my favorite games at the time, I asked my brother to download it. He declined because it would have taken over five minutes to transfer on our 2400 BPS modem. Any file around one megabyte would take about an hour to download.

Online time was precious back then. Since most BBSes only had one phone line, you didn’t want to hog the line for too long or the sysop might boot you. And there was extra jeopardy involved. Since we were using our regular house telephone line to connect, the odds that my mom would pick up and try to dial out—thus ruining the transfer process—remained very high. But whatever the risks, the thrill of remote projection by computer sunk into me that day and never left.

Continue Reading

Trending