Google has agreed to acquire cybersecurity startup Wiz for a reported $32 billion. This deal, expected to close in 2025, marks a significant investment by Google in cloud security and will bolster its Google Cloud Platform offerings. Wiz specializes in agentless cloud security, offering vulnerability assessment and other protective measures. The acquisition price tag represents a substantial premium over Wiz's previous valuation, highlighting the growing importance of cloud security in the tech industry.
Apple is reportedly planning to add support for encrypted Rich Communication Services (RCS) messaging between iPhones and Android devices. This means messages, photos, and videos sent between the two platforms will be end-to-end encrypted, providing significantly more privacy and security than the current SMS/MMS system. While no official timeline has been given, the implementation appears to be dependent on Google updating its Messages app to support encryption for group chats. This move would finally bring a modern, secure messaging experience to cross-platform communication, replacing the outdated SMS standard.
Hacker News commenters generally expressed skepticism about Apple's purported move towards supporting encrypted RCS messaging. Several doubted Apple's sincerity, suggesting it's a PR move to deflect criticism about iMessage lock-in, rather than a genuine commitment to interoperability. Some pointed out that Apple benefits from the "green bubble" effect, which pressures users to stay within the Apple ecosystem. Others questioned the technical details of Apple's implementation, highlighting the complexities of key management and potential vulnerabilities. A few commenters welcomed the move, though with reservations, hoping it's a genuine step toward better cross-platform messaging. Overall, the sentiment leaned towards cautious pessimism, with many anticipating further "Apple-style" limitations and caveats in their RCS implementation.
Google DeepMind has introduced Gemini Robotics, a new system that combines Gemini's large language model capabilities with robotic control. This allows robots to understand and execute complex instructions given in natural language, moving beyond pre-programmed behaviors. Gemini provides high-level understanding and planning, while a smaller, specialized model handles low-level control in real-time. The system is designed to be adaptable across various robot types and environments, learning new skills more efficiently and generalizing its knowledge. Initial testing shows improved performance in complex tasks, opening up possibilities for more sophisticated and helpful robots in diverse settings.
HN commenters express cautious optimism about Gemini's robotics advancements. Several highlight the impressive nature of the multimodal training, enabling robots to learn from diverse data sources like YouTube videos. Some question the real-world applicability, pointing to the highly controlled lab environments and the gap between demonstrated tasks and complex, unstructured real-world scenarios. Others raise concerns about safety and the potential for misuse of such technology. A recurring theme is the difficulty of bridging the "sim-to-real" gap, with skepticism about whether these advancements will translate to robust and reliable performance in practical applications. A few commenters mention the limited information provided and the lack of open-sourcing, hindering a thorough evaluation of Gemini's capabilities.
The Department of Justice is reportedly still pushing for Google to sell off parts of its Chrome business, even as it prepares its main antitrust lawsuit against the company for trial. Sources say the DOJ believes Google's dominance in online advertising is partly due to its control over Chrome and that divesting the browser, or portions of it, is a necessary remedy. This potential divestiture could include parts of Chrome's ad tech business and potentially even the browser itself, a significantly more aggressive move than previously reported. While the DOJ's primary focus remains its existing ad tech lawsuit, pressure for a Chrome divestiture continues behind the scenes.
HN commenters are largely skeptical of the DOJ's potential antitrust suit against Google regarding Chrome. Many believe it's a misguided effort, arguing that Chrome is free, open-source (Chromium), and faces robust competition from other browsers like Firefox and Safari. Some suggest the DOJ should focus on more pressing antitrust issues, like Google's dominance in search advertising and its potential abuse of Android. A few commenters discuss the potential implications of such a divestiture, including the possibility of a fork of Chrome or the browser becoming part of another large company. Some express concern about the potential negative impact on user privacy. Several commenters also point out the irony of the government potentially mandating Google divest from a free product.
The Register reports that Google collects and transmits Android user data, including hardware identifiers and location, to its servers even before a user opens any apps or completes device setup. This pre-setup data collection involves several Google services and occurs during the initial boot process, transmitting information like IMEI, hardware serial number, SIM serial number, and nearby Wi-Fi access point details. While Google claims this data is crucial for essential services like fraud prevention and software updates, the article raises privacy concerns, particularly because users are not informed of this data collection nor given the opportunity to opt out. This behavior raises questions about the balance between user privacy and Google's data collection practices.
HN commenters discuss the implications of Google's data collection on Android even before app usage. Some highlight the irony of Google's privacy claims contrasted with their extensive tracking. Several express resignation, suggesting this behavior is expected from Google and other large tech companies. One commenter mentions a study showing Google collecting data even when location services are disabled, and another points to the difficulty of truly opting out of this tracking without significant technical knowledge. The discussion also touches upon the limitations of using alternative Android ROMs or de-Googled phones, acknowledging their usability compromises. There's a general sense of pessimism about the ability of users to control their data in the Android ecosystem.
In 2008, amidst controversy surrounding its initial Chrome End User License Agreement (EULA), Google clarified that the license only applied to Chrome itself, not to user-generated content created using Chrome. Matt Cutts explained that the broad language in the original EULA was standard boilerplate, intended for protecting Google's intellectual property within the browser, not claiming ownership over user data. The company quickly revised the EULA to eliminate ambiguity and explicitly state that Google claims no rights to user content created with Chrome. This addressed concerns about Google overreaching and reassured users that their work remained their own.
HN commenters in 2023 discuss Matt Cutts' 2008 blog post clarifying Google's Chrome license agreement. Several express skepticism of Google, pointing out that the license has changed since the post and that Google's data collection practices are extensive regardless. Some commenters suggest the original concern arose from a misunderstanding of legalese surrounding granting a license to use software versus a license to user-created content. Others mention that granting a license to "sync" data is distinct from other usage and requires its own scrutiny. A few commenters reflect on the relative naivety of concerns about data privacy in 2008 compared to the present day, where such concerns are much more widespread. The discussion ultimately highlights the evolution of public perception regarding online privacy and the persistent distrust of large tech companies like Google.
Newsweek reports that Google Calendar has stopped automatically displaying certain US cultural events like Pride Month, Black History Month, and Holocaust Remembrance Day in the main calendar view for some users. While these events are still accessible within other calendar layers, like the "Interesting Calendars" section, the change has sparked concern and frustration among users who relied on the prominent reminders. Google has not officially commented on the reason for the removal or whether it is a temporary glitch or a permanent change.
HN commenters were largely skeptical of the Newsweek article, pointing out that the events still appeared on their calendars and suggesting user error or a temporary glitch as more likely explanations than intentional removal. Several suggested checking calendar settings, specifically "Browse interesting calendars" under "Other calendars," to ensure the specialized calendars are enabled. Some questioned Newsweek's journalistic integrity and the sensationalist framing of the headline. A few commenters expressed general frustration with Google's frequent, unannounced changes to their products and services. There was also discussion about the effectiveness and potential annoyance of these awareness calendars, with some finding them useful reminders while others viewing them as intrusive or performative.
A recent study reveals that CAPTCHAs are essentially a profitable tracking system disguised as a security measure. While ostensibly designed to differentiate bots from humans, CAPTCHAs allow companies like Google to collect vast amounts of user data for targeted advertising and other purposes. This system has cost users a staggering amount of time—an estimated 819 billion hours globally—and has generated nearly $1 trillion in revenue, primarily for Google. The study argues that the actual security benefits of CAPTCHAs are minimal compared to the immense profits generated from the user data they collect. This raises concerns about the balance between online security and user privacy, suggesting CAPTCHAs function more as a data harvesting tool than an effective bot deterrent.
Hacker News users generally agree with the premise that CAPTCHAs are exploitative. Several point out the irony of Google using them for training AI while simultaneously claiming they prevent bots. Some highlight the accessibility issues CAPTCHAs create, particularly for disabled users. Others discuss alternatives, such as Cloudflare's Turnstile, and the privacy implications of different solutions. The increasing difficulty and frequency of CAPTCHAs are also criticized, with some speculating it's a deliberate tactic to push users towards paid "captcha-free" services. Several commenters express frustration with the current state of CAPTCHAs and the lack of viable alternatives.
The blog post argues that Carbon, while presented as a new language, is functionally more of a dialect or a sustained, large-scale fork of C++. It shares so much of C++'s syntax, semantics, and tooling that it blurs the line between a distinct language and a significantly evolved version of existing C++. This close relationship makes migration easier, but also raises questions about whether the benefits of a 'new' language outweigh the costs of maintaining another C++-like ecosystem, especially given ongoing modernization efforts within C++ itself. The author suggests that Carbon is less a revolution and more of a strategic response to the inertia surrounding large C++ codebases, offering a cleaner starting point while retaining substantial compatibility.
Hacker News commenters largely agree with the author's premise that Carbon, despite Google's marketing, isn't yet a fully realized language. Several point out the lack of a stable ABI and the dependence on constantly evolving C++ tooling as major roadblocks. Some highlight the ambiguity around its governance model, questioning whether it will truly be community-driven or remain under Google's control. The most compelling comments delve into the practical implications of this, expressing skepticism about adopting a language with such a precarious foundation and predicting a long road ahead before Carbon reaches production readiness for substantial projects. Others counter that this is expected for a young language and that Carbon's potential merits are worth the wait, citing its modern features and interoperability with C++. A few commenters express disappointment or frustration with the slow pace of Carbon's development, contrasting it with other language projects.
Google altered its Super Bowl ad for its Bard AI chatbot after it provided inaccurate information in a demo. The ad showcased Bard's ability to simplify complex topics, but it incorrectly stated the James Webb Space Telescope took the very first pictures of a planet outside our solar system. Google corrected the error before airing the ad, highlighting the ongoing challenges of ensuring accuracy in AI chatbots, even in highly publicized marketing campaigns.
Hacker News commenters generally expressed skepticism about Google's Bard AI and the implications of the ad's factual errors. Several pointed out the irony of needing to edit an ad showcasing AI's capabilities because the AI itself got the facts wrong. Some questioned the ethics of heavily promoting a technology that's clearly still flawed, especially given Google's vast influence. Others debated the significance of the errors, with some suggesting they were minor while others argued they highlighted deeper issues with the technology's reliability. A few commenters also discussed the pressure Google is under from competitors like Bing and the potential for AI chatbots to confidently hallucinate incorrect information. A recurring theme was the difficulty of balancing the hype around AI with the reality of its current limitations.
Pixel 4a owners who haven't updated their phones are now stuck with a buggy December 2022 battery update as Google has removed older firmware versions from its servers. This means users can no longer downgrade to escape the battery drain and random shutdown issues introduced by the update. While Google has acknowledged the problem and promised a fix, there's no ETA, leaving affected users with no immediate solution. Essentially, Pixel 4a owners are forced to endure the battery problems until Google releases the corrected update.
HN commenters generally express frustration and disappointment with Google's handling of the Pixel 4a battery issue. Several users report experiencing the battery drain problem after the update, with some claiming significantly reduced battery life. Some criticize Google's lack of communication and the removal of older firmware, making it impossible to revert to a working version. Others discuss potential workarounds, including custom ROMs like LineageOS, but acknowledge the risks and technical knowledge required. A few commenters mention the declining quality control of Pixel phones and question Google's commitment to supporting older devices. The overall sentiment is negative, with many expressing regret over purchasing a Pixel phone and a loss of trust in Google's hardware division.
Google has open-sourced the Pebble OS, including firmware, apps, developer tools, and watchfaces. This release, dubbed "Pebble.js," allows developers and enthusiasts to explore and tinker with the code that powered these iconic smartwatches. The repository provides access to the entire Pebble software ecosystem, enabling potential revival or adaptation of the platform for other devices and purposes. While official support from Google is limited, the open-source nature of the project invites community contributions and future development.
The Hacker News comments express excitement about Google open-sourcing the Pebble OS, with many reminiscing about their fondness for the now-defunct smartwatches. Several commenters anticipate tinkering with the newly released code and exploring potential uses, like repurposing it for other wearables or integrating it with existing projects. Some discuss the technical aspects of the OS and speculate about the motivations behind Google's decision, suggesting it could be a move to preserve Pebble's legacy, foster community development, or potentially even lay the groundwork for future wearable projects. A few commenters express a degree of disappointment that the release doesn't include all aspects of the Pebble ecosystem, such as the mobile apps or cloud services. There's also a recurring theme of gratitude towards Google for making the source code available, acknowledging the significance of this move for the Pebble community and wearable technology enthusiasts.
A phishing attack leveraged Google's URL shortener, g.co, to mask malicious links. The attacker sent emails appearing to be from a legitimate source, containing a g.co shortened link. This short link redirected to a fake Google login page designed to steal user credentials. Because the initial link displayed g.co, it bypassed suspicion and instilled a false sense of security, making the phishing attempt more effective. The post highlights the danger of trusting shortened URLs, even those from seemingly reputable services, and emphasizes the importance of carefully inspecting links before clicking.
HN users discuss a sophisticated phishing attack using g.co shortened URLs. Several express concern about Google's seeming inaction on the issue, despite reports. Some suggest solutions like automatically blocking known malicious short URLs or requiring explicit user confirmation before redirecting. Others question the practicality of such solutions given the vast scale of Google's services. The vulnerability of URL shorteners in general is highlighted, with some suggesting they should be avoided entirely due to the inherent security risks. The discussion also touches upon the user's role in security, advocating for caution and skepticism when encountering shortened URLs. Some users mention being successfully targeted by this attack, and the frustration of banks accepting screenshots of g.co links as proof of payment. The conversation emphasizes the ongoing tension between user convenience and security, and the difficulty of completely mitigating phishing risks.
Google Fiber is expanding its ultra-fast internet service to Las Vegas. While specific neighborhoods and timing aren't yet available, Google Fiber confirms it's actively planning and designing the network infrastructure for the city, promising more details as the project progresses. This expansion marks a continuation of Google Fiber's recent growth into new metropolitan areas.
Hacker News commenters express skepticism about Google Fiber's expansion to Las Vegas. Several recall Google Fiber's previous entries into markets with much fanfare, followed by quiet retreats and scaled-back plans. Some doubt Google's ability to compete with existing entrenched providers, while others question the long-term viability of Fiber given Google's history. A few commenters welcome the increased competition and hope it will lead to better pricing and service, though this is tempered by the prevailing cynicism. Some discussion also revolved around the technological aspects, including the possibility of using existing fiber infrastructure and the challenges of deployment in a densely populated area. Overall, the sentiment is cautious, with many commenters adopting a "wait-and-see" attitude.
Summary of Comments ( 582 )
https://news.ycombinator.com/item?id=43398518
Hacker News users discuss the high acquisition price of Wiz, especially considering its relatively short existence and the current market downturn. Some speculate about the strategic value Google sees in Wiz, suggesting it might be related to cloud security competition with Microsoft, or a desire to bolster Google Cloud Platform's security offerings. Others question the due diligence process, wondering if Google overpaid. A few commenters note the significant payout for Wiz's founders and investors, and contemplate the broader implications for the cybersecurity market and startup valuations. There's also skepticism about the reported valuation, with some suggesting it might be inflated.
The Hacker News post "Google to buy Wiz for $32B" has generated several comments discussing the acquisition. A recurring theme is the sheer size of the deal, with many commenters expressing surprise at the $32 billion price tag, especially given Wiz's relatively young age and the recent downturn in the cybersecurity market. Some speculate about the motivations behind such a massive acquisition, suggesting Google might be playing catch-up in the cloud security space or aiming to integrate Wiz's technology deeply into Google Cloud Platform (GCP).
Several comments highlight the competitive landscape, comparing Wiz to other cloud security companies like Orca Security, Palo Alto Networks, and CrowdStrike. Some suggest that Google might have overpaid, while others argue that the acquisition price reflects the increasing importance of cloud security and Wiz's potential for growth.
Some commenters question the long-term implications of the acquisition, raising concerns about potential conflicts of interest given Google's dominant position in the cloud market. They discuss the possibility of Wiz's technology becoming exclusive to GCP, which could limit its reach and potentially stifle innovation. Others express skepticism about Google's ability to successfully integrate such a large acquisition, citing past examples of acquisitions that haven't panned out as expected.
A few comments delve into the technical aspects of Wiz's technology, praising its agentless approach and its ability to provide comprehensive cloud security posture management. They compare Wiz's capabilities to other solutions and discuss the potential benefits of integrating it with existing Google Cloud services.
Overall, the comments reflect a mixture of surprise, skepticism, and cautious optimism about the Google-Wiz deal. Many acknowledge the strategic importance of cloud security but question the price tag and the long-term implications for the market. There's also a healthy dose of speculation about Google's motivations and the potential impact on the competitive landscape.