[conite]

Violation of what? Which law?

Is there a global law about authentication protocols?

It's proprietary. It's copyright and I.P. infringement.

[bbfanfan]

Personally I like UI of Sailfish OS. Can't really complain

I'm not sure I understand the value of using Sailfish OS with Android apps. Most Android apps share their data with Google and marketers, so, if privacy is a goal, one has to be very careful using any Android apps at all.

Posted with my trusty Z10

[Drael646464]

It's proprietary. It's copyright and I.P. infringement.

The authentication protocol is proprietary? Well perhaps. I'm not really sure what it entails. Not a lawyer either!

In my mind, it could be simple as a return from a certain address in the system, like a variable, or complex like a handshake.

I assume that would only apply to paid apps, and financial apps, yes? MicroG can't spoof paid apps, that might be why. Of course the majority of useful apps aren't paid.

[Drael646464]

Personally I like UI of Sailfish OS. Can't really complain [IMG=540x960]https://uploads.tapatalk-cdn.com/20190601/2250ff26d47fea230175f11d9a431721.jpg[/url]

It's attractive no doubt. Beautiful transitions too.

[bb10adopter111]

The authentication protocol is proprietary? Well perhaps. I'm not really sure what it entails. Not a lawyer either!

In my mind, it could be simple as a return from a certain address in the system, like a variable, or complex like a handshake.

I assume that would only apply to paid apps, and financial apps, yes? MicroG can't spoof paid apps, that might be why. Of course the majority of useful apps aren't paid.

If I invent a new kind of electrical connector and patent it, other companies can't imitate it or create connectors for it without a valid license from me, it's the same thing. It doesn't matter if it's free or paid for.

Posted with my trusty Z10

[conite]

The authentication protocol is proprietary? Well perhaps. I'm not really sure what it entails. Not a lawyer either!

In my mind, it could be simple as a return from a certain address in the system, like a variable, or complex like a handshake.

I assume that would only apply to paid apps, and financial apps, yes? MicroG can't spoof paid apps, that might be why. Of course the majority of useful apps aren't paid.

Makes no difference if it's free or paid.

On top of that, the use of the apps requiring those services would contravene their own ToS too.

There is no way around it. It's illegal.

[bb10adopter111]

Personally I like UI of Sailfish OS. Can't really complain [IMG=540x960]https://uploads.tapatalk-cdn.com/20190601/2250ff26d47fea230175f11d9a431721.jpg[/url]

If privacy isn't a concern, then that's fine. It's just that a lot of people who want an alternative to Android and iOS have privacy concerns, and I wanted to make the point that it's both the OS and the apps that can compromise privacy.

Posted with my trusty Z10

[Drael646464]

Makes no difference if it's free or paid.

On top of that, the use of the apps requiring those services would contravene their own ToS too.

There is no way around it. It's illegal.

If you install FB from the amazon store it doesn't need GMS. My impression is that most apps do not validate with the play store, but instead use other services.

If a service calls for a map location, and open maps serves that instead of google maps, is that really an IP violation? I'm not sure one way or another.

And if it's the app makers who have liability, that doesn't stop Huawei from selling their phones or people buying them. That would mean google gets it's big boot out, and starts threatening app makers to have special validation or lose store priviledges (which would possibly work in huawies favour with their third party app store, be it apptoide as is rumoured or whomever)

When it comes to IP, it matters very much who is liable. See: napster, torrenting, firesharing sites etc. It's kind of the key issue.

[conite]

If you install FB from the amazon store it doesn't need GMS. My impression is that most apps do not validate with the play store, but instead use other services.

If a service calls for a map location, and open maps serves that instead of google maps, is that really an IP violation? I'm not sure one way or another.

And if it's the app makers who have liability, that doesn't stop Huawei from selling their phones or people buying them. That would mean google gets it's big boot out, and starts threatening app makers to have special validation or lose store priviledges (which would possibly work in huawies favour with their third party app store, be it apptoide as is rumoured or whomever)

When it comes to IP, it matters very much who is liable. See: napster, torrenting, firesharing sites etc. It's kind of the key issue.

If Huawei pre-loads a services framework that spoofs Google, then they are liable. They wouldn't be able to sell devices outside of China.

[Drael646464]

If Huawei pre-loads a services framework that spoofs Google, then they are liable. They wouldn't be able to sell devices outside of China.

So you say. But, let's take my example, serving open street maps locations instead of google maps.

Does that use anything proprietary? What specifically, is their code you are aware of in such a call, that would be considered substantial enough to be IP?

Are you certain that would stand up in court? It sounds a bit like you are starting from that assumption and working backwards. Unless you are very familiar with how the system makes such calls, and law as relates to technology, but you haven't really indicated as such.

An authentication protocol with the play store I can understand, from a lay POV.

How does an android emulator like bluestacks manage such legal concerns? Do they have google licenses for their emulator builds?

This is an interesting thought train. I also wonder to what degree most apps on google play actually use GMS. From looking at permissions on aptoide, it generally looks quite limited. Like maybe one or two api calls per app.

[conite]

So you say. But, let's take my example, serving open street maps locations instead of google maps.

Does that use anything proprietary? What specifically, is their code you are aware of in such a call, that would be considered substantial enough to be IP?

Are you certain that would stand up in court? It sounds a bit like you are starting from that assumption and working backwards. Unless you are very familiar with how the system makes such calls, and law as relates to technology, but you haven't really indicated as such.

An authentication protocol with the play store I can understand, from a lay POV.

How does an android emulator like bluestacks manage such legal concerns? Do they have google licenses for their emulator builds?

This is an interesting thought train. I also wonder to what degree most apps on google play actually use GMS. From looking at permissions on aptoide, it generally looks quite limited. Like maybe one or two api calls per app.

If an app does not require Google services, and requires open maps instead, then no one is in violation of anything. If however an app is specifically looking for Google Maps, and you intercept that request and replace it with open maps, then you are in violation.

[Drael646464]

If an app does not require Google services, and requires open maps instead, then no one is in violation of anything. If however an app is specifically looking for Google Maps, and you intercept that request and replace it with open maps, then you are in violation.

I don't think that's how intellectual property law works, personally.

Let's put it into simple land.

Android app says 'App 415 reporting here', and google play follows with some complex handshaking and codes.

That would be IP. It's original, it's unique. In my layman's opinion.

If the app says instead "what's at GPS location xyz"

And the answer is "44 simon street"

That's not intellectual property IMO because it's not complex or unique enough. And the code behind that answer can be completely different.

Again, I'm not a lawyer, although I've talked to a few and they tend to talk in probabilities rather than certainties, and I left coding class after stage 1. But I do know there are certain prerequisites for something to be considered IP. It's not just 'anything anyone makes'. Even copyright has restrictions.

[Drael646464]

For a really common example, caller ID spoofing is only illegal in the US if it "with the intent to defraud, cause harm, or wrongfully obtain anything of value".

Similar with MAC address and IP spoofing, it's not in itself, illegal, only if it's used to do something illegal. Which would bring it back to the issue, of whether the API communication was intellectual property or not.

And I'm not familiar enough with coding, or coding with GMS api's to personally answer (or for that matter the law). Although I would guess that an authentication process would be considered so.

[app_Developer]

For a really common example, caller ID spoofing is only illegal in the US if it "with the intent to defraud, cause harm, or wrongfully obtain anything of value".

Similar with MAC address and IP spoofing, it's not in itself, illegal, only if it's used to do something illegal. Which would bring it back to the issue, of whether the API communication was intellectual property or not.

And I'm not familiar enough with coding, or coding with GMS api's to personally answer (or for that matter the law). Although I would guess that an authentication process would be considered so.

APIs are often considered IP. Windows APIs set a lot of this precedent back when there were attempts to build Windows clones, but then there are other more recent precedents which are murkier. Building a clone of Google services is probably crossing a line.

Also Huawei at some point licensed this stuff and every software license I’ve ever seen expressly prohibits reverse engineering or making a clone of the software you just licensed

[conite]

I don't think that's how intellectual property law works, personally.

Let's put it into simple land.

Android app says 'App 415 reporting here', and google play follows with some complex handshaking and codes.

That would be IP. It's original, it's unique. In my layman's opinion.

If the app says instead "what's at GPS location xyz"

And the answer is "44 simon street"

That's not intellectual property IMO because it's not complex or unique enough. And the code behind that answer can be completely different.

Again, I'm not a lawyer, although I've talked to a few and they tend to talk in probabilities rather than certainties, and I left coding class after stage 1. But I do know there are certain prerequisites for something to be considered IP. It's not just 'anything anyone makes'. Even copyright has restrictions.

I know enough that I'm very confident in my interpretation. Precedent would agree as well.

[Drael646464]

APIs are often considered IP. Windows APIs set a lot of this precedent back when there were attempts to build Windows clones, but then there are other more recent precedents which are murkier. Building a clone of Google services is probably crossing a line.

Also Huawei at some point licensed this stuff and every software license I’ve ever seen expressly prohibits reverse engineering or making a clone of the software you just licensed

I'm not sure that say, MicroG is either 'reverse engineering' or 'building a clone'. It's simply open sourced software that's designed to respond to calls in code the same as those api's. API's themselves are certainly IP. But here the only part that's reverse engineered is the call itself, not the API's content. For eg, maps, the notification system.

My question is, how much of the way they communicate to apps is IP. You could hardly consider 'a notification system' stolen IP. Or 'a global street map'. Other companies have both, and they work basically identically. BB and windows for example have street maps. Apple, tizen, sailfish have notification systems.

The question is how peculiar is the way the notification system works in terms of handling in code, or the maps system etc. The way the API and the app talk to each other. They look and function basically the same to the end user.

That's not exactly the same as reverse engineering an API, IMO. It's certainly not as broad in scope as building the entire win32 codebase or windows services; it's generally a much simpler system and most of android is already open sourced. Some of it may, or may not, interact with apps in a very simple manner, as per my example of 'GPS location = what?', or 'show notification x'".
Although it would certainly result in a lawsuit, regardless.

I'm fairly certain Huawei doesn't strictly need to spoof google GMS though.

They have all the GMSless apps via aptoide or similar, due to Amazon's efforts. They also potentially have PWAs running windowless with notifications provided they put that in (they did say they'd support 'all web apps'); so twitter, uber, tinder, google maps, gmail, youtube. Like with windows, those don't need to all be in store, they can just be 'save as app' in the browser like in the new edge. Such apps are made publically available via the web, regardless of platform and as such can't be legally restricted.

That's a pretty decent app base to start from (400k amazon+pwa), when you don't need any of it to sell to China (because they use superapps), and you sell more than just smartphones. They can just plug away along side Amazon, at googleless development, using their assured profits in other areas, and brand recognition in Africa and Europe to fund the effort.

It will certainly cause them to take a hit, but the path is much more open than when anyone else attempted the same, because of progress already made, the move to html5, and their size.

[stlabrat]

Hmm, interesting logic. Remind me the old days when Taiwan semiconductor industry was still in its infancy, it put some of semi block on website so you can form asic easy. However, those blocks are fragments of their customers design. Result some termination of contract and pull out of the region in a rush. (sounds about the same thing happened in software now. IMHO) . There are very loud voice on CB site for open source BB10, knowing how open source were ripped off with no $, palm, as one example, keep under wrap definite is better way for bb. (redhat, java under new owner just pop in mind).

Posted via CB10

[Bbnivende]

Librem is interesting. You rent their app set for $8 dollars a month and they say that their apps will be available on the Google and Apple stores?



“The Get Everything package, which $7.99 a month, includes Librem Chat, Librem Mail, Librem Social, and Librem Tunnel. In the future, it also will include Librem Files, Librem Backup, Librem Pay, and other services. “

“Users can download Librem One’s apps on Google Play or iTunes and enter their unique login to use the services across multiple mobile devices. “


I am not sure that Privacy fans are big on monthly fees.

Maybe BB10 could be resuscitated using the same model ?

[app_Developer]

I'm not sure that say, MicroG is either 'reverse engineering' or 'building a clone'. It's simply open sourced software that's designed to respond to calls in code the same as those api's. API's themselves are certainly IP. But here the only part that's reverse engineered is the call itself, not the API's content. For eg, maps, the notification system.

To be clear, when I say API, I don't mean web service (which many people mean nowadays), I mean actual APIs (any interface between distinct components, such as my app making calls against the location services of your OS)

For example if you make a library that implements this function:

loclookup (a,b,c) -> dict

Then that function is part of the API of your library. If I come along and make a function that calculates that dict some other way, then I've not stolen your implementation, but I've still reproduced your API.

So if I implement *exactly* the calls that Google does for location services in Android, then I am using their API. The actual calls that the app makes and the callbacks that the app receives (as locations get resolved) ARE the API.

I have NEVER seen a licensing agreement which would allow me to re-implement functions from a library which I have licensed.

Huawei might be forced into this corner if they've lost ARM and BT and so many other things anyway. But if they go down that road, they will be out of western markets.

ADD: Also, if Huawei is forced down this road by the extremely undereducated current WH, then effectively the tech world will be split between China and the RoW. That's interesting, and means a lot of opportunities in China and a major stormcloud over silicon valley.

[Chuck Finley69]

To be clear, when I say API, I don't mean web service (which many people mean nowadays), I mean actual APIs (any interface between distinct components, such as my app making calls against the location services of your OS)

For example if you make a library that implements this function:

loclookup (a,b,c) -> dict

Then that function is part of the API of your library. If I come along and make a function that calculates that dict some other way, then I've not stolen your implementation, but I've still reproduced your API.

So if I implement *exactly* the calls that Google does for location services in Android, then I am using their API. The actual calls that the app makes and the callbacks that the app receives (as locations get resolved) ARE the API.

I have NEVER seen a licensing agreement which would allow me to re-implement functions from a library which I have licensed.

Huawei might be forced into this corner if they've lost ARM and BT and so many other things anyway. But if they go down that road, they will be out of western markets.

ADD: Also, if Huawei is forced down this road by the extremely undereducated current WH, then effectively the tech world will be split between China and the RoW. That's interesting, and means a lot of opportunities in China and a major stormcloud over silicon valley.

Bound to happen and unfortunately necessary... Corporations and governments have a right to protect IP from other nation states especially diametrically opposed enemies.

[app_Developer]

Bound to happen and unfortunately necessary... Corporations and governments have a right to protect IP from other nation states especially diametrically opposed enemies.

That’s a big change happening in the world.

On my todo list for June are rethink investments based on this. (Again: Big opportunities in China from all this, and significant drag on western Tech growth stocks)

Also: learn Mandarin fast.

[Drael646464]

To be clear, when I say API, I don't mean web service (which many people mean nowadays), I mean actual APIs (any interface between distinct components, such as my app making calls against the location services of your OS)

For example if you make a library that implements this function:

loclookup (a,b,c) -> dict

Then that function is part of the API of your library. If I come along and make a function that calculates that dict some other way, then I've not stolen your implementation, but I've still reproduced your API.

So if I implement *exactly* the calls that Google does for location services in Android, then I am using their API. The actual calls that the app makes and the callbacks that the app receives (as locations get resolved) ARE the API.

So you are saying the API isn't the code that it runs, say, the notification service or locatin, but rather the calls that occur between them? Well then, I suppose any substantive spoofing would be theft of IP. Seems weird to think about that being an IP, but if there's precident, and that's that the API is considered, I guess that must be the case.

Huawei might be forced into this corner if they've lost ARM and BT and so many other things anyway. But if they go down that road, they will be out of western markets.

They have their own chipset, it's more just the radios they need to pony up in the next year or so. The chinese are keen as heck to remove all US tech (hence why they banned google years ago), it's it's conceivable they'll kickstart something.

ADD: Also, if Huawei is forced down this road by the extremely undereducated current WH, then effectively the tech world will be split between China and the RoW. That's interesting, and means a lot of opportunities in China and a major stormcloud over silicon valley.

Infrastructure is a national security threat. Banning the phones was heavy handed, but China and Russia have both openly admitted planning for war with the US, and their strategy relies on super EMP, hacking, sabotage, and infrastructure attacks, the keep the military busy with issues on the homeland. It's a genuine practical consideration who you build major infrastructure with, especially anything governments and military rely on, but also central public infrastructure. It's not impossible to insert a microkernel of some kind into chips for snooping, or a remote kill switch.

I think that's worth keeping in mind with all this trade war stuff; there will be advisors behind the scenes saying this stuff should be kept out of a certain circle. 5g routers probably qualify, should 5g come to be a technology that is relied upon (which it could).

War with a superpower like the US, should it occur, would not be a 1 on 1, normal war. It would be very asymmetric, with a lot of focus on infrastructure. Hence the US govt is very right to be a bit paranoid (again, banning the phones is a bit much).

For huawei;If such a path, spoofing, would get them banned across the world, there would be no point in doing it's illegal to install google services in china. Like at all, not one chinese phone sold comes with GMS or the playstore.

The chinese use superapps (MeWe etc), that offer messaging, video sharing, markets for purchasing things, social media, the works. Huawei can continue selling in China without any concern for google, or whatever global markets decide to do.

And that's one of the reasons they don't need spoofing for the global market. They can use amazon's GMS free 400k app efforts, prexisting PWA's like google maps, gmail, youtube, twitter, uber, tinder; for their international market, and even if their 1/4 of the market share positions in europe, africa, india take a hit , they have continued money in china, and all the other products they make to keep them afloat whilst they build out the GMS free ecosystem. They can be persistent in the manner amazon has been, but on a grander scale, and with, overlap in effort outcome.

The can, and most likely will keep trading with all of the rest of the world, as only direct trade with the US is banned. What this does do though, is make either writing without GMS, OR better yet, writing PWAs more attractive.

Between windows support, other html5 based OSes like android go, KaiOS, and also both Android, Amazon's OS (does it support web apps fully), and whatever Huaweis fork is, someone writing modern web apps can be on almost every platform first world and developing, in store, or not in store.

And market fracturing increases the attractiveness of the platform agnostic. KaiOS is already as big as the iphone is in the west, in some developing countries, and that's html5. Huawei makes up much of the chinese market, and decent portions of other markets (like 1/4 of EU, and africa). Amazon's OS I don't imagine is non-existant either. And if you want your service to run clean in a browser, and run app-ized on windows. IDK, seems to be all roads pointing rome in a way.

IDk, and there's a few spelling errors here, but to me this just looks like this few last years are really deepening the case for web based apps running locally, and all running on similar technology (html5) which slight variations by platform for KaiOS/android go, versus PWA. The Huawei split just deepens the case for that. If your app is on the web, you are everwhere. If it can be then put into all the stores, for many platforms with small changes (and Huawei's store won't be their's it'll be aptoide most likely), then that saves you the bother of dealing with the OS at all, and you this get more potential users.

Sure iOS doesn't have PWA yet, but basically literally everything else with a decent userbase has, or something very similar (like the html5 and java based apps on kaiOS). By switching from android, to PWA/html6 (or to a lesser degree, writing out GMS dependencies to get into huawei and amazon) you'd be massively expanding your userbase. It's like it's building into a knock on effect.

[app_Developer]

So you are saying the API isn't the code that it runs, say, the notification service or locatin, but rather the calls that occur between them?

Yes, the I in API means Interface.

They have their own chipset, it's more just the radios they need to pony up in the next year or so. The chinese are keen as heck to remove all US tech (hence why they banned google years ago), it's it's conceivable they'll kickstart something.

They have their own chipset, but it's based on ARM. If the current situation continues, then Huawei needs an entirely new architecture completely free of ARM.

Actually I think China will have to invest in an entirely new CPU architecture and new compilers, etc, if they truly intend to have their own tech which they can sell in say, EU, without infringing on anyone's IP. I'm fascinated by this opportunity personally. Nothing like that has been done in 50 years. There are many of us who missed all of that because we didn't yet exist! We have ideas!

Sure iOS doesn't have PWA yet, but basically literally everything else with a decent userbase has, or something very similar (like the html5 and java based apps on kaiOS). By switching from android, to PWA/html6 (or to a lesser degree, writing out GMS dependencies to get into huawei and amazon) you'd be massively expanding your userbase. It's like it's building into a knock on effect.

If you sit down to write a PWA, or any mobile web anything, you don't sit and write to some w3c standard. You write to the users who are out there. 99% of those users are on mobile chrome or mobile safari. Neither of those two browsers stick completely to the "standards". So if and when developers move to PWAs in large numbers, they will still be writing to Google and Apple's own browsers, not to some "standard" that only 1% of real users use.

UNLESS a Chinese entity builds a truly home-grown browser. That would be extremely valuable to China and extremely interesting to developers if this bifurcation of the tech world plays out.

[Bbnivende]

Bound to happen and unfortunately necessary... Corporations and governments have a right to protect IP from other nation states especially diametrically opposed enemies.

By your logic, Huawei should be able to use the IP that they pay for. Just like TCL pays BlackBerry for its IP.

[conite]

By your logic, Huawei should be able to use the IP that they pay for. Just like TCL pays BlackBerry for its IP.

And they can. They just can't obtain any more, or renew any licences.