[HN Gopher] maps.google.com now redirects to google.com/maps
___________________________________________________________________
maps.google.com now redirects to google.com/maps
Author : garritfra
Score : 1226 points
Date : 2022-11-24 09:30 UTC (13 hours ago)
(HTM) web link (garrit.xyz)
(TXT) w3m dump (garrit.xyz)
| soheil wrote:
| I kinda like the new url. The other reason could be that browsers
| won't be able to autocomplete the url any more if you start
| typing map... and hit enter to go directly to the site. Now you
| probably have to do a google search for "maps" first and then
| click on the first link driving more traffic to Search.
| jialutu wrote:
| Google maps is pretty much one of the only Google products that I
| still actively use. It's funny that this article was written and
| published today, since I had noticed the exact same thing
| yesterday! Does anyone know when it first started?
| sam- wrote:
| I've been seeing this redirect to google.com/maps for at least
| a year now because my default has always been to type
| maps.google.com and I find it weird every time it redirects.
| garritfra wrote:
| A/B testing?
| midasz wrote:
| Living up to their name
| 2143 wrote:
| Definitely been a while. Like, perhaps a year or more.
|
| I'm in Asia btw.
| butz wrote:
| I wonder, why Google hasn't moved to .google domains, as they own
| TLD? maps.google, mail.google, search.google seems to be shortest
| versions possible.
| OrangeMusic wrote:
| Most people are confused with this, they expect websites to end
| with .com.
| blameitonme wrote:
| recently gmail.com became unreachable and was moved to
| mail.google.com dont know if its related
| Ptchd wrote:
| for me, gmail.com has been redirecting to mail.google.com/mail
| for a long time...
| mrjin wrote:
| It looks like the result of the arm race with DNS based
| ad/tracker blockers. This move will for sure force the users to
| make a hard decision of "all or nothing".
| ignoramous wrote:
| If this ever was a race, it was _always_ a losing one.
|
| DNS-based content-blocker are woefully inadequate. I'd know
| since I co-maintain one and the barrage of complaints I get
| make it plenty clear where unaddressable limitations lie.
| nathan_f77 wrote:
| I think they probably did this for SEO. Having /maps on the root
| domain will help it rank higher in search.
|
| This was a joke, but now I'm wondering if Google services are
| special cases that are hard-coded in the search results. Or are
| they just treated like normal websites and use the same pagerank
| algorithm as every other site? If I search for "maps", I see
| Google Maps at the top, and Apple Maps in second place, but they
| both look like regular website links.
| rmbyrro wrote:
| Potentially a black hat SEO trick?
|
| We might see Google services' rankings punished on Google from
| now on...
| hartator wrote:
| Note that Google before can just have an iframe to load
| maps.google.com to get your location info. Don't change much in
| term of privacy.
| bryanrasmussen wrote:
| I am having a hard time figuring out how this would be affected
| by GDPR.
| gtirloni wrote:
| Does the GDPR care about the concept of apps and URLs? If not,
| all it matters is the person/company relationship.
| quicklime wrote:
| The GDPR does care about different "purposes", it's not just
| about the person/company relationship.
|
| I'm not a lawyer but my interpretation of this is that
| consent for Google to use location data for maps doesn't
| allow them to use that same location data for email.
|
| > Consent should cover all processing activities carried out
| for the same purpose or purposes. When the processing has
| multiple purposes, consent should be given for all of them.
|
| https://gdpr-info.eu/recitals/no-32
| noneofyour wrote:
| Exactly. The consent was provided for the specific
| processing, not the TLD. The processing and all of those that
| are not incompatible with it, that it asked permission for
| that furthermore adhere to the requirements imposed regarding
| specific and informed consent in the GDPR (see Article 4, sub
| 11 GDPR and article 7 GDPR.
| bryanrasmussen wrote:
| the GDPR cares about the rights the company asks for, how
| long it keeps it, does it need the rights for the purpose,
| does it give you an easy way to opt out of the rights
| collection and so forth.
|
| If in order to not let all of Google have your location
| information you need to opt out of letting maps have your
| location information it might be a GDPR problem. Considering
| also that this was not a problem that people had before if
| indeed it is a problem now it might be taken as a wilful
| circumvention of GDPR.
| gernb wrote:
| Slightly different but I find it super confusing when search
| shows maps. For example
|
| https://www.google.com/search?tbs=lf:1,lf_ui:9&tbm=lcl&q=clo...
|
| This looks like maps but it's not, it's search, so the UI is
| different. Features I expect from "maps" are missing
| mkl wrote:
| This is not new. I'm pretty sure Google has done that kind of
| redirection for ages for me.
| aiddun wrote:
| Now how long until they put ads under google.com/*
| salsadip wrote:
| Recently safari (on macos 10.15) started auto completing ,,maps."
| to ,,maps.apple.com", although I only tried Apple maps once and
| always use gmaps. Maybe google noticed this and tries to
| circumvent safari's ,,preference" for Apple Maps
| mngnt wrote:
| Isn't maps.apple.com in your bookmarks? Most browsers suggest
| from bookmarks before anything else. Maybe it got added there
| in an update to. you know, improve your experience with the
| Apple ecosystem.
| salsadip wrote:
| Its definitely not in my bookmarks. when i start typing, its
| under the section titled "top hits". google maps is right
| beneath it, but never first place
| no_carrier wrote:
| I think this change probably has more to do with corporate
| firewalls than anything else. A lot of corporate internet access
| isn't set up to MITM the requests (a lot of places are setup for
| this, but a lot aren't). If they places all their services under
| google.com as suffixes, places that don't MITM won't have any way
| of stopping it as all they can see is the request to google.com.
| uniqueuid wrote:
| Given the history of Google's stance towards privacy and
| tracking, I think it's naive to assume technical reasons.
|
| It may have been ok to fall for that argument for 10 years, but
| after AMP, manifestv3, android's location log disaster, the
| recording of wifi names and countless lawsuits across the
| globe, it seems that the resource of good faith assumptions has
| been depleted. Some may even say that trusting google (the
| corporation) to act on technical or altruistic reasons is
| delusional.
| hdjjhhvvhga wrote:
| > after AMP, manifestv3, android's location log disaster, the
| recording of wifi names and countless lawsuits across the
| globe
|
| Tangentially, it's funny how the whole Google+ fiasco with
| forcing G+ account creation for YT etc. was quickly
| forgotten.
| piva00 wrote:
| I haven't forgotten because my YouTube account to this day
| has remnants of that move. The same with my Google
| Contacts, it is an absolute mess of G+ and Orkut stuff that
| got shoved in there at some point and Google never cared to
| clean their absolute mess.
| pydry wrote:
| I'm as skeptical as anyone about Google's privacy record but
| I'm not so convinced that this really helps google invade our
| privacy more than it already does.
| ilyt wrote:
| Google: push security theathe features like CORS to make it
| hard to run cross domain
|
| Also Google: decides to use single domain so any permission
| you ever give work for all of their apps
| dpryden wrote:
| I recall from my time in Google Geo years ago that the idea of
| integrating Search and Maps was a big part of the "New Maps"
| release that happened around 2014. The rumor I heard was that
| someone (possibly even Larry himself) wanted to be able to have
| interactive maps directly on the search results page, so that the
| navigation from a search query to a map wouldn't involve even a
| page reload. So the big Maps frontend rewrite actually ended up
| merging MFE into GWS, the web search frontend server. I recall
| seeing maps hosted at google.com/maps around that time, but I
| don't know if that was ever launched fully or if it was just an
| experiment.
|
| In any case, though, my understanding is that the technical
| capacity for this has existed for nearly 10 years now, just
| behind a configuration setting. So it's possible that this change
| is just a code cleanup. It's also possible that someone is trying
| to increase the percentage of searches that have location
| information, that doesn't seem terribly far-fetched either, and I
| can imagine lots of ways people could try to rationalize it as
| actually benefiting users. (Whether it actually does benefit
| users is of course debatable.)
| googlryas wrote:
| Funny, because there is a crummy form of Google maps present
| into he SERP, and it behaves completely differently from actual
| Google maps. It constantly annoys me, usually when searching
| for a business, that something that looks exactly like google
| maps, in Google, doesn't behave the same as google maps.
| cco wrote:
| 100%! I always ascribe it to some PM somewhere, but when I
| click on the "search maps" I would _love_ to be taken to the
| "real Google Maps".
|
| The search maps is just a terrible experience, half
| implemented, doesn't do what I want, even down to little
| things.
|
| My hack is to pick directions, which will get me to Google
| Maps, then cancel directions, this loses all state, but
| you're still in the location you want and can usually then
| just click the business you were looking for.
| delroth wrote:
| I have links to google.com/maps in my IRC logs dating back from
| June 2014, so this absolutely tracks.
|
| I actually remember google.com/maps being launched at IO in
| 2014 -- the presentation had a broken link in it for the new
| version of Maps, and a few of us DoS SRE watching the
| livestream were able to hack together a config change in a few
| minutes to fix it without waiting for a urlmap push :)
| CSSer wrote:
| > It's also possible that someone is trying to increase the
| percentage of searches that have location information, that
| doesn't seem terribly far-fetched either, and I can imagine
| lots of ways people could try to rationalize it as actually
| benefiting users.
|
| Could you speak more to how this kind of thing figuratively
| plays out? With privacy on most of our (tech-focused) minds,
| I'm mostly curious how openly an initiative like this is/would
| be carried out. Would you imagine it as a buried lede or as a
| very transparent, explicit OKR?
| googleburner wrote:
| With the document policy changes over the last 5 years, most
| decisions are now very opaque. Google TTLs everything except
| Docs and code history & reviews, at this point: emails,
| chats, bug reports, ...
|
| There's probably a tech debt focused OKR for this work, but
| some other teams probably has OKRs that indirectly benefit
| from the data, and they're probably providing staffing
| support, tied to the tech debt OKR. OKRs are for telling
| people why you're great, if you're at the bottom of the
| pyramid, and for giving the rank-and-file some direction, if
| you're at the top. The top level OKRs are usually very
| precise and very vague at the same time.
|
| So there's probably an OKR in search to improve the quality
| of the location signals. It can be vague on how. Plus, having
| more and better data filters into your downstream systems, so
| even without an OKR for the data you know it will make your
| models more powerful.
| hansvm wrote:
| It's easy to rationalize it as benefiting the users, so I'd
| imagine it's an explicit OKR, maybe even a few levels up in
| the org.
|
| Like, one thing I've wanted on occasion is the ability to
| search for brick and mortar stores in a given radius who have
| the thing I want -- either because I want to physically
| inspect it before committing to a purchase or because for
| whatever reason the time/cost of shipping wouldn't be
| practical.
|
| That sort of query is hard for Google to serve right now
| though for reasons including the lack of relevant location
| information in both the search results and the queries whose
| user behavior would help drive relevance rankings for those
| location-specific results.
|
| Location information is a bit of a double-edged sword too
| though, even ignoring privacy concerns. I have to spoof my
| location and change my search language to get some results
| because of aggressive filtering happening behind the scenes.
| If a given query doesn't match Google's current understanding
| of the user then the right results existing in the corpus
| often won't imply that the user is able to find them with
| _any_ search operators.
| pimlottc wrote:
| This reminds me of how Google integrated Maps into Calendar as
| a sidebar a while ago, a move that I absolutely hated. And
| instead of providing a preference setting to disable it, you
| have to "hide" the sidebar in a non-intuitive way [0]. I had to
| search to figure it out.
|
| 0: https://www.howtogeek.com/695504/how-to-stop-google-
| calendar...
| The5thElephant wrote:
| It is absolutely bizarre to me how half-assed Google is with
| integrating its products.
|
| I have a week of events coming up in Google Calendar each with
| a different event location. Why can't I see a map of all those
| event locations alongside the calendar with all the same event
| details listed? Why can't I associate a Google Calendar event
| with a specific album or set of photos in Google Photos and see
| those in the map and calendar as well?
|
| This is why I'm building https://visible.page with my brother.
| We have all these capabilities of visualizing data on the web,
| yet no one has actually put them together in a convenient and
| consumer friendly way to visualize any type of information
| together in one place.
|
| All these big tech companies seem to just give up on any kind
| of significant innovation as soon as they reach a certain level
| of monopoly on their market. Twitter, Spotify, Facebook,
| Google, etc. I can think of a dozen significant feature
| experiments they could try that would make my daily life better
| using those tools yet they don't.
| Traubenfuchs wrote:
| Innovation and progress are dead. The mainstream google
| products are all legacy software, just like Microsoft Office.
| It's probably a mix of a lack of incentives, technical debt
| and metrical constraints that make significant changes almost
| impossible. Only god knows what all those THOUSANDS of
| overpaid developers and their product/business entourage now
| getting fired did all day.
|
| This is valid for all other FAGMAN companies as well.
| NameError wrote:
| An example of poor google integration that bugs me from time
| to time - when you search for a geographic feature, the info
| panel shows a great preview map with the outline of the
| feature. E.g. https://www.google.com/search?q=rhine+river
|
| If you click into google maps, the outline is gone. Searching
| "Rhine River" just puts a marker at one point along the
| river.
| majewsky wrote:
| FWIW, OpenStreetMap can do it. I went to https://osm.org,
| entered "Rhine" into the search and clicked on the first
| result. Deeplink:
| https://www.openstreetmap.org/relation/123924
| vxNsr wrote:
| oh wow, it's actually worse for me: there's no marker at
| all, just a map of western europe: https://www.google.com/m
| aps/place/Rhine+River/@49.34645,7.87...
| thwarted wrote:
| This is not the case for me. I just now searched in mobile
| Chrome for "Lakeview Chicago" and the mini-map static image
| has a purple outline around the neighborhood. Clicking on
| that took me to Google maps with the neighborhood outlined
| in a red dotted line (which is harder to see, but obscures
| less of the other features/labels on the map). This was on
| Android, in the maps app, just now, but I've seen the same
| thing in a desktop browser.
| NameError wrote:
| Ah, you're right. It looks like the issue I'm complaining
| about only happens for "line" features - e.g. a river, or
| a road (https://www.google.com/search?q=route+66).
| noswi wrote:
| Innovation, oh my, sometimes it feels like the fat ones (and,
| by proxy, everyone else) are living in some alternate fantasy
| world where the mantra "you're not gonna need it" is taken to
| the extreme, so they're not even trying.
|
| The pendulum should swing back to complex and more
| complicated interfaces sometime -- but right now these are
| the dark times where, for example, Netflix, this huge,
| popular movie and show library, doesn't even have a way to
| find out exactly what movies with some actor or director it
| has available. It's hard for me to wrap my head around that.
|
| Your project does look useful and on point though!
| unethical_ban wrote:
| The rumor/theory I have heard about Netflix is that
| increasing discoverability too much would allow people to
| see two negative traits of Netflix: How often things come
| and go from the platform (which other apps like Criterion
| Collection embrace), and just how limited their library
| actually is at a given time.
|
| Scroll through recommendations. It looks like they have
| hundreds of great movies for you to watch! And yes,
| technically they do. But look how many times they try
| suggesting the same movies in different categories,
| inflating the view in a way to make the library seem
| bigger. One movie might show up "Because you liked
| comedy..." then "Because you watched <comedy movie>" then
| "Light-hearted movies".
|
| TLDR money and masking their poor library quality.
| reuben364 wrote:
| I wonder if AppleTV's atrocious single-line onscreen
| keyboard fits into this picture of making things less
| discoverable, or if it's just an extreme of form over
| function.
| Swenrekcah wrote:
| Whatever the reason (and I can think of many) it just
| shows how Apple is past the point of caring for their
| users.
| khazhoux wrote:
| I'm about to enable the new Facetime Live Transcription
| feature in iOS 16 so my wife can have conversations with
| her father, who is rapidly losing his hearing. For this
| reason (and I can think of many) I strongly disagree.
| s3p wrote:
| Definitely not, because Apple gives users the ability to
| type search in on an iPhone or iPad instead of using the
| apple TV remote. They also let you do voice-to-text,
| which is nice.
| Swenrekcah wrote:
| It is entirely possible to both provide a useable
| onscreen interface and the iPhone connection option.
| thanhhaimai wrote:
| > It is absolutely bizarre to me how half-assed Google is
| with integrating its products
|
| The answer can be summed up in one word: "privacy".
|
| There are two forces at play here. One side wants privacy.
| When they give data to Google Calendar, they don't want
| Google Maps or Ads know about it. The other side (your
| opinion above) wants more integration between services.
|
| In this political climate, the privacy side has an edge. This
| means if Google Photos want to access data on Google Calendar
| to provide the integration you asked above, they will have to
| jump through multiple quarters of privacy reviews, with a
| very high odd of being shutdown.
|
| > All these big tech companies seem to just give up on any
| kind of significant innovation as soon as they reach a
| certain level of monopoly on their market
|
| After I see how the sausages are made, I think claims like
| these are naive. It's worth learning more about the factors
| at play before criticizing something. More often than not,
| the agents are acting pretty rationally based on the
| situation.
| makeitdouble wrote:
| IMO you're spot on. The catch being that between showing an
| ad and matching photo locations, the former has a near
| straight impact on the bottomline while the latter is
| murkier. When both are going through reviews, that's a lot
| of weight difference in the arguments and we'll see more of
| one that the other.
| the-rc wrote:
| I remember the spiffy demo where the thumbnail in search
| results morphed into the full Maps UI without reloading.
|
| But unification had started even earlier than that. Pretty much
| since Larry became CEO again, he pushed this mantra of "One
| Google", which brought the infamous Kennedy redesign across all
| services, as well as more of them available under the
| google.com host (e.g. maps as discussed here, but also flights
| and more). One of the ideas behind the latter was that you had
| to log into your Google account just once, which gradually made
| it all the way to YouTube(!). I vaguely recall other factors,
| such as compensating for the increased latency from going HTTPS
| everywhere, but also discussions about securing and hardening
| cookies.
|
| As far as I know, google.com/maps has been around the entire
| time, but perhaps now it might be simply the canonical URL in a
| larger number of cases.
| nolok wrote:
| This makes perfect sense product wise, if I'm searching
| "bakery" on my mobile phone I probably want the ones around me
| and not the generic location-agnostic google search of it, just
| like I would if I was searching on map. Matter of fact, this is
| actually something I do a couple times a month, search then
| clic the maps tab to see localized results then from them click
| the website result to find their webpage.
|
| As a techie I hate any direct change to the user-agnostic
| absolute search, but as a user I get it.
| amluto wrote:
| Somehow DuckDuckGo has taken this to absurd extremes. Almost
| any search that doesn't get many natural hits shows branches
| of my local government toward the bottom of the first page of
| results.
| foreverathome wrote:
| I have seen this too, also on bing. Not just government
| though, sometimes it manages to find a local house for sale
| instead.
| philsnow wrote:
| > if I'm searching "bakery" on my mobile phone I probably
| want the ones around me
|
| And yet for me, even in google maps on my iphone, when I
| search for bakery, the first one is almost always one that's
| ~40 miles away, and the closest one is almost always the
| second in the list. The rest of the list is definitely not
| sorted descending by distance. If I've searched for a
| _particular_ ABC bakery, I get other bakeries commingled in
| the list even if I know damn well there are other ABC
| bakeries closer than those.
| blowski wrote:
| I live in the UK. I recently searched for "pizza" and the
| top result was in Thailand.
| Joe_Cool wrote:
| The first one is the one that put the most coins into the
| AdWords slot, I'd guess.
| titzer wrote:
| This is achievable with geolocation based on IP address,
| which is how it works on, e.g. a desktop web browser.
| reacharavindh wrote:
| funny how that works. I never ever allow location access to
| anything Google or any website for that matter, and have a
| muscle memory to hit deny when the browser prompts me. The
| other day I was searching something and then clicking my
| bookmarked Google News and suddenly all news were UK
| specific, and my search results fro "heatpumps" were are UK
| companies and products.. I was confused until I noticed
| that my work VPN chose a UK endpoint because the NL one
| where I am had higher latencies. So, Google _heavily_
| tailors the results based on where it thinks you 're at.
| Also, I was delighted to know that inspire all the tracking
| Google probably does on me, it was easily fooled to think I
| was in the UK :-)
| sk0g wrote:
| "Achievable" is quite charitable from my experience. With
| the previous ISP I would get located in a city some 2000kms
| away, sometimes the scam ads would detect my location as
| null.
|
| Maybe it's more effective in places like the US.
| dopidopHN wrote:
| No, I'm randomly placed 2 states away. A solid day of
| driving.
| rrwo wrote:
| IP-based location is mostly usable for country. I've rarely
| found it gets the city right, often it doesn't even get the
| county right.
| pifm_guy wrote:
| Less than half the population has decent geolocation by IP.
| Most people the IP address will only identify the country
| or even nothing at all.
|
| Not much use if you want to search bakery's.
| froggit wrote:
| Google is my ISP. My geolocated IP is accurate within a
| 15 mile radius. It doesn't matter if I have location
| services turned off or I'm using my desktop, searching
| "bakeries near me" finds them without issue.
|
| I suspect that isn't all just one big coincidence.
| toast0 wrote:
| Google has what 3 or 4 cities where they operate as an
| ISP, each with a pretty small footprint. It's no surprise
| anyone knows where you are.
|
| A cable or telephone company has generalized coverage
| measured in states; some of them organize their network
| and customer IPs by small geographies, but sometimes all
| of southern california is in a single pool of IPs.
| michaelt wrote:
| Not in my country - unless your ISP is in the business of
| selling customer PII to advertisers ( _cough_ virgin
| _cough_ ) your IP geolocation will often be a completely
| different city.
|
| Of course, personally if I wanted to search for nearby
| bakeries on my phone I'd have just opened the google maps
| app....
| startupsfail wrote:
| What we see is likely the attempt to squeeze even more juice
| from advertising over which Google virtually have a monopoly.
| Google is trying to continue its exponential growth while
| relying on selling advertisements. The market had already
| been saturated and optimised to crazy levels. Smart thing
| would be to expand to other sources of revenue, but other
| projects inside Google fail. As they are failing to compete
| internally for resources against that crazily optimised
| source of revenue.
|
| It is doubtful that Google can overcome that internally.
| Perhaps regulators should break up the monopoly in
| advertisement and search.
| qwery wrote:
| > if I'm searching "bakery" on my mobile phone I probably
| want the ones around me
|
| Only when you're using a phone? Only if you're not at home?
| What if you want to find out what a bakery is?
|
| (Apologies for rapid fire, I'm not having a go at you, just
| curious)
| nolok wrote:
| > Only when you're using a phone?
|
| No, eg when I'm at the office, and we talk about where to
| go eat and I type restaurant, or I need a new stapler and I
| type office supply, etc ...
|
| > Only if you're not at home?
|
| Not really, eg "movie theater" or "flower shop" come to
| mind for things I would request while at home
|
| > What if you want to find out what a bakery is?
|
| I would type what is a bakery or define bakery ?
|
| I'm a long time tech user, I miss the days of keyword
| centric search as I felt I could more easily communicate to
| the search engine what I wanted, but let's be honest those
| days have passed, most people type sentence and thus the
| engine interpret sentences
| johannes1234321 wrote:
| There isn't a necessity for an "or"
|
| One could show a map preview of local results, which can be
| expanded as well as generic search results below/aside/...
| rrwo wrote:
| It makes sense to use geolocation for search. It's not just for
| searching for businesses, as the meaning of a word you are
| searching for will depend on where you are.
|
| IP-based geolocation isn't very reliable. And if people are using
| VPNs then it's useless.
| gatefun wrote:
| As others have noticed, this is not a new move. For the past
| several years I've been accessing Google Maps simply by typing in
| maps.google.com and it has always redirected me to
| google.com/maps.
| Tepix wrote:
| It's new for me as well. I hadn't seen google.com/maps before.
| hbn wrote:
| Even more confusing and a regular cause of annoyance for me
| that's been ongoing for a while now is there's like a knockoff
| version of Google Maps built into Google search that it'll kick
| you into if you click a map from search results. e.g. you type
| "gyms near me" and it shows you a map in the search results,
| and you click it to expand. It's still at the google.com/search
| domain and while you can zoom and pan around, there doesn't
| seem to be a way to arbitrarily jump into street view wherever
| you want, which I frequently want to do.
|
| I'm constantly ending up in this view, fighting with it before
| remembering I need to go to real Google Maps and do my search
| again.
| AaronNewcomer wrote:
| Same. It's so annoying and I feel like they do not always
| include the relevant info like the URL in that mode. Though
| looking now I did not find examples of that.
| brazed_blotch wrote:
| Funny, for me it's the opposite. I always try to use the web
| view, and there's an annoying pop up that redirects me to
| download Google maps. When I switch back into the web browser
| to go back to the web view, it auto redirects me to the app
| download again. Super annoying.
| dark-star wrote:
| > Congratulations, you now have permission to geo-track me across
| all of your services.
|
| I don't think Google needed to do this move to track you across
| their services. Pretty sure they were able to do that before.
| dspillett wrote:
| This makes it problematical to block. Previously you could give
| location permission to map.google.com and not elsewhere. Now
| you can't be more selective: remove permission from
| search/other and maps stops working (or doesn't work as well).
|
| As others have pointed out, there are technical benefits too -
| but most (all?) of these technical benefits are essentially
| because it works around features designed to limit the scope of
| permissions.
| kaimalcolm wrote:
| Has this not been the case for a while? I think I've been getting
| /maps for at least the past year.
| [deleted]
| toastal wrote:
| Yep. Noticed when I didn't want to enable JS on the whole of
| Google's domain in mBlock Origin. I switch to another browser
| for this task alone--especially as some regions have incomplete
| data for OpenStreetMap
| rtsil wrote:
| the /maps URL worked for a while, but I never noticed the
| redirect from maps.google.com (but I wasn't paying attention to
| that).
| pifm_guy wrote:
| A bit reason for using separate subdomains originally is because
| there are security benefits.
|
| If there is an XSS attack that leaks cookies from Google Keep,
| you would prefer that not get your cookie for Google Maps.
|
| As browser security models have evolved, subdomains are no longer
| as isolated as top level domains, so I dunno...
| saltcured wrote:
| I think the main issue here is people conflate the security
| boundaries defined by the website operators with the security
| or privacy boundaries a user might want to enforce. The web
| origin chosen for the service operator's XSS sandbox is not
| necessarily what a privacy-focused user wants. It's only useful
| when a trustworthy operator is designing for the benefit of the
| user.
|
| There should really be a more granular way for the user's
| policy to adjust the origin definitions used for cross-origin
| logic as well as other types of content blocking and
| enforcement.
|
| Why shouldn't a user be able to isolate
| https://example.com/app1 as much as https://app1.example.com?
|
| Why shouldn't they be able to grant any permission to be used
| in a single page https://example.com/app1/usefulpage and not in
| other pages on the site?
|
| The multi-container approach to browser session isolation faces
| the same issues. Different users may have different preferences
| for when navigation shares the session and when navigation
| should kick you into a new session that lacks authentication,
| tracking, or app state.
| jimlikeslimes wrote:
| Genuine question. Is it reasonable as a user to expect data
| collected by Google via maps.google.com to not be shared with
| other Google applications e.g. mail.google.com?
|
| I'd have thought data collected on any of their domains would be
| meshed/merged behind the scenes where it suits them to do so?
| fcantournet wrote:
| I'm ok with sharing my location with maps (and therefore
| google) WHILE USING MAPS. Not when I'm reading my emails, or
| searching for something on the web.
| pjc50 wrote:
| Ask your local Information Commissioner whether this is GDPR-
| compliant.
| stubish wrote:
| I think it is reasonable to expect Google to share the data and
| get sued for it, because it isn't reasonable.
| jimlikeslimes wrote:
| Oh having though about it I agree, I just think we're
| probably a minority.
|
| As others have pointed out the line has been blurred between
| search and maps so far that maps has search embedded, and
| search has maps embedded. A lot users of Google search likely
| expect results to be location aware without realising what
| privacy has been eroded to enable that.
| rightbyte wrote:
| The different Google Apps surely rat you out to each other.
|
| But now google.com will know where he is when he browses it,
| not just when he uses Google Maps.
| raziel2p wrote:
| I think the concern is more about when Google is able to
| collect said data, not whether it's shared or not.
|
| I don't have location enabled for Google maps in the browser,
| but if I did, then presumably Google could collect that data
| also when I'm just searching for a website.
| dclowd9901 wrote:
| But isn't collected/shared inherently the same thing here?
| theptip wrote:
| No, what they are talking about is all Google properties
| (eg Google search) now being able to collect your location
| every time you use them, if you granted permission for maps
| to get your location.
|
| So it's now not possible to block location for search, and
| grant it to maps (at least using the standard browser
| domain permissions model).
|
| https://support.google.com/chrome/answer/114662?hl=en&co=GE
| N...
| luckylion wrote:
| But they could've been doing that all along because they
| control both sites, they would've just needed to use an
| iFrame. What changed beyond "it's a little easier now"?
| theptip wrote:
| Is that how browser permissions work? Naively I'd assume
| the browser grants only search.google.com permissions on
| that url, even if maps.google.com is opened as an iframe.
| luckylion wrote:
| It's been ages since I've played with iframes, but I'm
| pretty sure it does (or at least did?). You might have to
| specify an allow policy [0] but that's no problem if you
| control both sides. Since iframes are secure, data
| wouldn't leak unless the iframe explicitly posts it.
|
| I don't know if you can request permissions from the
| iframe (might confuse people), but if you already have
| them, it ought to be fine.
|
| [0] https://github.com/w3c/webappsec-permissions-
| policy/blob/mai...
| onlyrealcuzzo wrote:
| FWIW, there's an EU regulation coming that prevents companies
| from using data necessary for a product (like maps) to be used
| to improve a different product (like search).
| neodymiumphish wrote:
| I'd be interested to find out whether this works as intended.
| There's a good argument that maps is a subset of search. Most
| people don't open Google maps just to look at a map, they
| search the map for a place.
| onlyrealcuzzo wrote:
| IIUC, maps would send your location to search if-and-only-
| if you make a search from inside maps, since that is
| necessary to do the precise location-based search.
| iglio wrote:
| I think the concern is less about other Google businesses
| having access to maps data as you suggest.
|
| It's more about the fact that using non map Google services on
| google.com will not prompt asking for location service
| permissions, if they've been granted when prompted on
| google.com/maps already.
|
| Users may not want location to be collected for searches, but
| are okay with the privacy tradeoff for it being collected when
| using maps.
| JOnAgain wrote:
| They can already join your activity across everything. This is
| about access and collection. So if they move store.google.com
| to google.com/store, they will have access to all browser
| permissions you gave google.com/maps or google.com/flights.
| dsr_ wrote:
| Do you mean:
|
| - is it reasonable for a user to expect that Google will
| collect all bits of information about them, because Google
| isn't prevented from doing that?
|
| or
|
| - is it reasonable for a society to allow Google (and
| competitors) to do this?
|
| I think the answers are respectively yes and no.
| radu_floricica wrote:
| Applications are not juridical entities, so at the absolute
| best it is debatable.
|
| Most probable version is that they share as much data as their
| internal regulations say, or a bit more. They definitely have
| some form of internal regs on this, for basic security hygiene,
| but they write it.
| makeitdouble wrote:
| It could be tricky with permissions on different users: for
| instance you authorize google.com/maps to track your location
| while logged as user A.
|
| You logout and switch to user B to look at another Google
| service, but google.com is still allowed to get your location,
| and will stick it to user B, which is something you might not
| have wanted. This didn't happen with the previous domains, so
| could be a surprise.
| newaccount74 wrote:
| It's even worse with their iOS apps.
|
| I've tried to avoid logging into my Google account on Safari on
| my iPhone because I am scared of them tracking me, but I also
| wanted to use the Google Keep app for sharing a shopping list
| with my partner.
|
| But when you launch the Google Keep app, iOS asks you whether you
| want to allow the app to share data with "google.com". It turns
| out that there is no way to sign into the Google Keep app without
| also signing into Google in Safari! I don't know how this works,
| but it is horrible! If I want to use a Google app on my phone, I
| basically have to give them permission to track me everywhere!
| darren_ wrote:
| > It turns out that there is no way to sign into the Google
| Keep app without also signing into Google in Safari!
|
| If you're wondering why you're getting downvoted it's because
| this isn't true at all. I'm signed into (several) iOS google
| apps and my Safari browser is not signed into google.
| newaccount74 wrote:
| Please tell me how!
|
| All I know is that I was not able to sign into Google Keep
| without accepting the data sharing prompt, and I was signed
| into my Google account in Safari after logging into the
| Google Keep app. It was of course possible to sign out of
| Safari afterwards.
|
| I don't know how to reproduce the issue. I've tried
| uninstalling the Google Keep app, to trigger the alert again,
| but when I reinstall the app it remembers my Google account!
|
| I'm really surprised how hard it is to get these cookies or
| app preferences or whatever off my device after signing in
| once.
|
| EDIT: It seems the Google Keep app stores my account in the
| iOS keychain and there is no way to delete the item from the
| keychain without deleting all data on the phone, so I can't
| reproduce the "new device" situation easily.
|
| However, if I try to add a new account, I get the same
| dialog. It says something like (rough translation) "Google
| Keep wants to use google.com for logging in. If you allow
| this, the app and the website are allowed to share data about
| your person".
|
| If I tap "cancel" in this alert, I can't log in.
|
| So as far as I can tell, what I said is correct. Maybe it was
| different in the past, but this is what the situation on iOS
| 16 currently looks like.
| teekert wrote:
| Firefox containers to the rescue.
| hdjjhhvvhga wrote:
| Probably the best tech we have against tech giants today. I
| mean, heavier solutions exist (like QubesOS), FF containers are
| so easy to use, I hope more people learn they exist.
| Namari wrote:
| Does it also contain permissions you give to a website? Will it
| block it if run within a container?
| deng wrote:
| > Does it also contain permissions you give to a website?
| Will it block it if run within a container?
|
| No.
| deng wrote:
| How? Access to location will stick regardless if you use
| containers or not.
| teekert wrote:
| If you put all G-services in their own container,
| google.com/mail can't access google.com/maps cookies, so,
| will it also not track location. Not sure actually, they
| indeed probably store your "consent" on their server. Could
| you block location services per container perhaps?
|
| Hmm this is a smart move indeed, all of a sudden I'm logged
| into G-maps whereas I wasn't before... FireFox helpfully
| opened google.com/maps in my Google container...
| deng wrote:
| > google.com/mail can't access google.com/maps cookies, so,
| will it also not track location
|
| google.com has now direct access to your location, it
| doesn't need any cookies.
| _flux wrote:
| But it "doesn't" know who you are if you have not logged
| in. Or do you mean that the permission isn't container-
| specific?
|
| (Of course it can probably make a pretty good guess, just
| as well it could do before this change.)
| teekert wrote:
| Would be nice if you could spoof or block access to your
| location per FF container. I'll see if I can put in a
| feature request.
| m5r wrote:
| I've been using Mozilla's extension[0] that contains everything
| Facebook-related automatically with Firefox containers and it's
| been working great.
|
| This morning I looked for a similar extension for Google and
| I've found this fork[1] of Mozilla's extension. It's working as
| expected so far but I'd love for it to be officially maintained
| by Mozilla at some point. There is an open issue about it[2].
|
| [0] https://github.com/mozilla/contain-facebook
|
| [1] https://github.com/containers-everywhere/contain-google
|
| [2] https://github.com/mozilla/contain-facebook/issues/758
| russianGuy83829 wrote:
| Mozilla probably gets too much money from google to do this
| Eleison23 wrote:
| I don't use the maps.google.com URL anymore because, 99% of the
| time, I use the app. Whether it's the PWA desktop app on Windows,
| or the Android app on my phone, I just don't go to the website of
| Google properties anymore, I use them through an app and that
| doesn't expose a raw URL.
| coffeeblack wrote:
| This is actually something that browsers can mitigate. Allow
| users to give tracking permissions not only for subdomains, but
| also for paths. Deny: google.com/*
| Allow: google.com/flights
|
| Something like that.
| Cthulhu_ wrote:
| Yeah but, the biggest browser is Chrome, by Google; they have
| an incentive to allow tracking and access across their
| services.
| vanilla_nut wrote:
| Indeed. If you use Chrome, you should just assume that your
| location is shared with Google at all times, since they
| likely collect it via telemetry anyway.
|
| If you use Firefox, assume your location is always shared
| with Mozilla via telemetry... and likely indirectly to Google
| as well, since they use Google Analytics for so much of their
| infra.
|
| Likewise for Apple/Google/Microsoft collecting data from
| iOS/macOS/Android/Windows. And of course your cellular
| provider.
|
| As far as I know the only way to ensure your personal data
| isn't shared with your browser publisher is to use a
| verifiable, open source browser that has telemetry disabled,
| like Iceweasel or Librewolf. And an open source, verifiable
| OS with telemetry disabled, like... Fedora, maybe? Manjaro?
| But you're being spied on by your ISP or cellular provider
| anyway, and the US government indirectly through your ISP and
| cell provider. And let's be honest, foreign governments
| through some combination of ISP/cellular provider/govt
| backdoors.
|
| Oh, and if you've read "Trusting Trust" you'll know that even
| OSS isn't necessarily verifiable unless you wrote the
| compiler yourself from scratch.
|
| So I'm not sure there's much benefit to any of it?
| LoganDark wrote:
| > Oh, and if you've read "Trusting Trust" you'll know that
| even OSS isn't necessarily verifiable unless you wrote the
| compiler yourself from scratch.
|
| And even a compiler you wrote yourself from scratch isn't
| necessarily verifiable unless you designed from scratch the
| hardware that you used to write it. Almost nobody knows
| what those Management Engines are doing!
| coffeeblack wrote:
| Chrome users are probably okay with tracking anyway, but
| Firefox, Brave, Vivaldi, etc could implement more fine
| grained controls. Not only for geolocation.
| asadotzler wrote:
| I don't think DOM permissions are going to stop Google if they
| want to share the data between services.
| Tozen wrote:
| Most people don't check their accounting settings, to see the
| massive amounts of data that Google is collecting on them or the
| amount of tracking they are doing. Even if a person adjusts the
| settings, its not really known to what extent the continual
| collection is actually mitigated or privacy is being ensured. To
| include users data being sent to 3rd parties or governments at
| Google's prerogative or their employees, or to the extent results
| and services are manipulated for Google's own internal purposes
| and benefit.
| syliconadder wrote:
| I already assumed this was the case to begin with, so I sold my
| soul even before it was up for auction.
| notorandit wrote:
| Now?
|
| On my PC this is happening since years!
| ghusto wrote:
| I got this a couple of years ago, and noticed immediately. Just
| as quickly denied the request, because I have fingers and can
| type my current address. It's a minor inconvenience.
| tasuki wrote:
| > because I have fingers and can type my current address
|
| How would you always know your current address? I often use
| maps with gps to find out where I am. Many places _have no
| address_.
| ghusto wrote:
| Not trying to be snarky, but it might be that I don't get
| what you mean: I just look at the street name, which is
| posted on every street? I've never been anywhere that has no
| address at all, but I guess in those situations it wouldn't
| make any difference if I only knew roughly (like when I'm
| camping?).
| bmacho wrote:
| I use maps only for route planning. If I don't know where I
| am, I use an offline GPS.
| bmacho wrote:
| I never type my current address but a location nearby. (I am
| sure that google know exactly where am I, still..)
| Sebguer wrote:
| Now if someone could just update movies.google.com to point to
| literally anything else.
| [deleted]
| iambateman wrote:
| Maybe they think the subfolder approach will help their SEO.
| pharmakom wrote:
| Yuck!
|
| Any suggestions for an good open street maps app on iOS?
|
| Offline capability would be a huge plus.
| aembleton wrote:
| https://apps.apple.com/us/app/mapy-cz-navigation-maps/id4114...
| mnd999 wrote:
| Isn't Apple Maps that? They use openstreetmap in a lot of
| places.
| lapcat wrote:
| I've been seeing this redirect for literally years. It's not new.
| nigamanth wrote:
| The chances are, geotracking or not google knows a lot about you
| and this just adds on to the data.
| bambax wrote:
| HN title "moderation" (ie, arbitrary ex post facto editing) is
| frankly infuriating. It doesn't add meaning, it removes it.
| Andrew_nenakhov wrote:
| This made me think how much would I lose if I'll just block all
| *.google.com domains in the browser? I was using DDG for search
| and Firefox for browsing for many years without problems, but I
| also still use Gmail and Google docs (or whatever they are called
| these days, Google for Work?). Maybe, a blanket ban plus a few
| exceptions like mail.google.com, docs.google.com,
| tables.google.com and drive.google.com would not cripple my
| workflow too much.
| whym wrote:
| > (or whatever they are called these days, Google for Work?)
|
| Gmail is currently branded as part of Google Workspace, and
| shows the Workspace logo upon sign in. It probably has been
| that way architecturarly for a long time, but I think they have
| made it more explicit relatively recently, at least for non-
| corporate users.
|
| It looks like "Google for Work" is an old name of Google
| Workspace.
| Andrew_nenakhov wrote:
| Like their chat apps, they change names so often that I just
| call them Google Docs most of the time.
| chrismorgan wrote:
| Some years back (my memory suggests somewhere between early
| 2017 and early 2019), Google moved reCAPTCHA to www.google.com,
| so now anything that uses reCAPTCHA (and that's a _lot_ , far
| more than is reasonable when I contemplate the absurdly high
| efficacy of a simple hidden-by-CSS honeypot when it's just junk
| you're filtering rather than targeted abuse) depends upon
| www.google.com frame, script and xhr, and www.gstatic.com
| script.
|
| There may have been other reasons as well, but I have been
| strongly inclined to consider this a hostile and even malicious
| action (organisationally, if not individually) from the start,
| more than the maps.google.com - www.google.com/maps shift
| (though I think it's still at least hostile).
|
| Thus you probably can't quite block even www.google.com even if
| you never use any Google services yourself.
| Izkata wrote:
| ...this redirect has been in place for years. Honestly maybe even
| a decade at this point, it's been a _long_ time.
| Jowsey wrote:
| I've also been using earth.google.com etc for many years, can
| confirm not new at all
| pmontra wrote:
| Google has been prompting me with an Accept / Reject dialog on
| Maps and YouTube for years. It used to be split in several
| sections but luckily it became only two buttons a few months ago.
| I click reject and start mapping / watching.
| api wrote:
| I've noticed that Google searches often request location. I never
| say yes but most people will to maps. So yeah this makes sense...
| as a way to make sure I don't use Google.
| lakomen wrote:
| This title is as clickbaity as it gets
| durnygbur wrote:
| You guys are still using google and dreaming about working for
| them?!
| maxfurman wrote:
| It just started doing this now? I've been using google.com/maps
| for years, and that isn't the canonical address?
| avar wrote:
| It asked my for the permission earlier. I thought I'd granted it
| already and I didn't notice the sneaky domain switch, I've now
| revoked it.
|
| I wish browsers had a more granular way to grant this and other
| permissions. E.g. Firefox just has allow/deny, and then
| "remember".
|
| Granting it only if the user clicks the "show my location" UI
| element on the web page would be a closer match to user
| expectations, and would preclude pages from getting the
| permission in the background.
|
| Of course that would introduce extra complexity, e.g. worrying
| about web pages sneakily making normal looking links the "get
| location" UX element.
|
| There's probably no secure way to do it except for the webpage to
| communicate that it's a page that might want your location, and
| for the browser to show the "send my location" UX element itself
| (e.g. in the toolbar).
| fragmede wrote:
| This changed yesterday? What the hell? Don't you people know
| there's a freeze going on?
| [deleted]
| xvector wrote:
| I wonder if this is why the mega-app model is so common for
| Chinese companies. It's far easier to justify collecting a
| million permissions when your app does a million things.
| dspillett wrote:
| I think that is more a resurrection of the department store and
| mega-corp models: if you do a bit of everything then the bottom
| falling out of one market won't affect you badly as the other
| areas can soak up the temporary loss. Also, if you have
| positive name recognition in some areas this can benefit the
| others, and there is a passive advertising pressure of people
| using you for one thing seeing something else you have in store
| or linked to your name (where a more organic search to fulfil a
| need might be as likely to lead to a competitor as to you).
|
| The difference that might break this analogy being that with a
| mega-app there isn't really a diversity of revenue streams
| despite the diversity of products/features: it all comes down
| to stalking to be able to better sell advertising.
| gjadi wrote:
| Funny thing is, it depends on your threat model.
|
| Using google.com/XXX for all its services protect the user from
| being spied by external actors such as ISP because everything is
| hidden behind HTTPS.
|
| Whereas, with XXX.google.com, external actors knows that you are
| using service XXX.
| Havoc wrote:
| The whole "threat model" thinking is useful for security, but I
| don't think it translates well to privacy and data sharing
| consent matters.
| gjadi wrote:
| I disagree on the former, but I agree on the later,
| technology is not a good substitute for consent.
|
| Regarding the privacy:
|
| If you are using a VPN to protect your privacy, then you are
| effectively transferring your trust from your ISP to your VPN
| provider. The VPN provider is your new ISP. So you have to
| make sure you trust the VPN provider more than your ISP.
| nvr219 wrote:
| I don't use VPN when I'm on my home ISP but I do when I'm
| someplace where I don't control the gateway. My VPN is on a
| vultr VPS I control (in as much as I can control a VPS),
| and I do trust vultr (or digitalocean or any of the major
| VPS providers) more than I trust, let's say, the person who
| set up the wifi at the holiday inn.
| tempera wrote:
| It is a matter of trust, but by choosing a VPN you are not
| limited in your options by your geographical location as is
| the case with an ISP.
|
| In my town there are 2 ISP I can choose to trust, whereas
| with VPN I can choose to trust from a much greater
| selection.
| Lockal wrote:
| Google could enable ESNI, if they wanted.
| Crosseye_Jack wrote:
| I presume they are talking about the DNS "leak".
|
| google.com/maps would result in a DNS request for google.com
| so anyone monitoring DNS would know they are connecting to a
| google service but wouldn't know which one.
|
| maps.google.com would result in a DNS request that show they
| are connecting to maps.google.com and could presume they want
| some maps.
|
| DoH (and ESNI on the server side) would fix it, but iirc
| Chrome (the most used browser) doesn't use DoH by default.
| vetinari wrote:
| Chrome uses DoT, if you have configured one of the well-
| known resolvers that do support DoT. Otherwise, it respects
| your local settings.
| Crosseye_Jack wrote:
| My point about Chrome is not that it can't do DoH but by
| default it doesn't so relies on the system settings which
| for the vast majority of users (not us geeks who
| explicitly opt in) never change and use ISP supplied
| values so DNS snooping is still a thing for the majority.
|
| Should a browser override system settings? That's another
| question, because doing so can impact other things for
| the avg Joe. For example my mobile providers self serve
| website plays up when I use custom DNS, free hotspots
| with captive portals also can be an issue when you
| override the DNS provided by the access point.
| vetinari wrote:
| I understand your point, but anyway, no app, no browser
| should ever think that "it knows better" and attempt to
| fix what it considers incorrect. It may think that it
| protects the user, but in reality, it will break what the
| user configured. Private DNS zones are common, and if the
| browser ignores user configured DNS, they will break. And
| as I wrote elsewhere, just because the machine is
| configured to use 53/udp for a resolver, it doesn't mean
| that the resolver is forwarding over 53/udp too.
|
| If you want to solve unsafe defaults, this is not the
| way. Pushing for configuring safe defaults is.
| asadotzler wrote:
| If a general purpose browser can empower hundreds of
| millions or even billions of regular users with better
| privacy (and ultimately, security) by making a change
| that might disrupt a small handful of power users who
| manually configure this stuff, I say the browser should
| go for it. The power users are the very people who can,
| without much effort at all, reconfigure their stuff, or
| easily find a special purposed browser, so they'll be
| just fine.
|
| Spock was right, logic clearly dictates that the needs of
| the many outweigh the needs of the few.
| Crosseye_Jack wrote:
| The problem I fear is the needs of the few who are not
| technology minded, don't want their browser (or in their
| eyes their internet connection) to stop working because
| their ISP issued router uses a DNS based captive portal
| to onboard people (I've seen this used by atleast one
| major ISP in the UK to on-board devices onto their per-
| device content filtering system - BT, however I think
| they rolled back on that after it was caused issues with
| IOT devices).
|
| However I believe (not read the docs in a while) FireFox
| works around this by falling back to DNS if an issue with
| DoH is detected.
|
| EDIT: However I'm still on the fence if it should be a
| browser decision. Yes browsers move more quickly then OS
| & ISP changes and can make things better for the masses
| quickly, but i'm also wary of those changes screwing up
| the avg person, the people like my mother who can just
| about order things online via her ipad but thats about
| it, if she accidentally lowers the screen brightness of
| her ipad I soon get a call about it. Its for those kind
| of people I don't like the idea of a browser messing
| around with a connection in unknown network conditions.
| iggldiggl wrote:
| ..., I get the "wrong" IP for anything hosted by Akamai
| (i.e. an IP address that corresponds to a part of their
| CDN which has abysmal peering with my ISP and is
| completely unusable in the evening)
| CydeWeys wrote:
| Even if you are using DoT, the DNS provider will still
| know you're using Maps if it resolved the subdomain, and
| the DNS provider itself might well be the biggest privacy
| threat here.
| imajoredinecon wrote:
| > iirc Chrome (the most used browser) doesn't use DoH by
| default.
|
| Last I checked, Linux was behind other platforms because
| there's a lot of complex custom dns configuration that
| chrome (understandably) didn't want to be accused of
| overriding/ignoring, but which isn't all easily visible to
| the browser
| vetinari wrote:
| Which is the correct behavior; if the user wants to
| configure his computer to DoT/DoH, system resolver is the
| correct place and Chrome has to respect it.
|
| Even if the computer is using 53/udp to the configured
| local resolver in the local network, it doesn't mean that
| the resolver itself is using 53/udp. Many of them can
| forward queries using DoT/DoH/IPoAC and the app on the
| users computer will be none the wiser.
| luckylion wrote:
| > DoH (and ESNI on the server side) would fix it, but iirc
| Chrome (the most used browser) doesn't use DoH by default.
|
| It would fix it for some specific circumstances. Since
| maps.google.com resolves differently than www.google.com,
| you can ignore DNS and just look at TCP connections to tell
| what service is being talked to.
| Crosseye_Jack wrote:
| Granted that Google is basically the exception here. But
| when I query the IP's for maps.google.com I get
| 142.250.179.238 and when I query google.com I get
| 142.250.200.14
|
| If make a http get request to 142.250.179.238/ (the maps
| IP) but with the host header set to "www.google.com" I
| get the search page returned to me. If I make a http get
| request to 142.250.200.14/maps I get google maps.
|
| OK. /maps might be a bad example because well
| google.com/maps is already a thing :-p
|
| So if I make a request to 142.250.179.238 with the host
| youtube.com I get youtube. This is because most of
| googles public facing servers can act as the front door
| for many other google services not just the service that
| its dns is set to.
|
| Not really sure it it comes under "domain fronting"
| because isn't that tactic many used to bypass censorship,
| pretend your connecting to one CloudFront customer when
| really wish to connect to another. Where google explictly
| configured their services to do this so they can easily
| load balance as demand and network conditions allow.
| Anyways I'm rambling now.
|
| My point is, with google you can't rely on the ip address
| alone to determine the service (however it still wouldn't
| stop you peeking into connection and pulling out the host
| header unless ESNI was used) but as I said at the start,
| Google is more the exception here.
| mrjin wrote:
| Google poses a larger threat to most people I guess.
| [deleted]
| pygy_ wrote:
| I'm pretty sure you can still identify specific services from
| trafic patterns. It is more expensive, but within reach for
| well funded actors.
| nottorp wrote:
| The threat here is google.
| gjadi wrote:
| If your threat is google, it would be wise not to use google
| in the first place.
|
| As other mentioned, OSM is an alternative (not equivalent) of
| Google Maps.
| godzillabrennus wrote:
| If only there was a drop in replacement for Google
| Workspace... even if you use Fastmail for email you don't
| have Google docs anymore and that's a huge piece...
| nottorp wrote:
| The worse problem is you give Maps location permissions
| and that can translate now to the 3 billion sites that
| use Analytics isn't it?
| luckylion wrote:
| No, google-analytics.com is where analytics is being
| served from and sends tracking-requests to.
| easrng wrote:
| It also connects to
| https://stats.g.doubleclick.net/j/collect
| luckylion wrote:
| I believe that's only if the GA account is connected to
| an Ads account (or set up to collect demographics, I
| think). By itself, GA will only use https://www.google-
| analytics.com/j/collect (or /g/collect for GA4).
| sgammon wrote:
| drop in replacement for Google Workspace?
|
| has everybody forgotten it was replacing Microsoft?
| WhyNotHugo wrote:
| You might want to check out:
|
| https://framapad.org/abc/ (this organisation has a lot of
| FLOSS cloud alternatives to Google products)
|
| https://cryptpad.fr/
| samwestdev wrote:
| DNS over HTTPS is the solution here.
| netheril96 wrote:
| SNI is still in the plaintext.
| vetinari wrote:
| It it still an improvement; you need to DPI the traffic
| then, which is more demanding than just logging 53/udp
| queries.
| SkyPuncher wrote:
| Anyone who is trying to invade your privacy is going to
| do DPI.
|
| My prosumer grade harder does DPI without any issue.
| ddalex wrote:
| Doesn't change the fact that the SNI is sent in clear text.
| NavinF wrote:
| https://en.wikipedia.org/wiki/Server_Name_Indication#Encryp
| t...
| [deleted]
| [deleted]
| AtNightWeCode wrote:
| It is for SEO. Maps product will ride on the widely used
| google.com domain. ;)
| calibas wrote:
| According to my browser's history, March 31st, 2022 was the last
| time maps.google.com didn't perform a redirect.
| bluepnume wrote:
| Also a great way to share cookies, avoid CORS, and probably a
| zillion other complexities that result from running on multiple
| subdomains.
| lima wrote:
| And to increase XSS blast radius!
| deepstack wrote:
| thought they have moved mail.google.com to google.com/mail a
| while ago. Tracking would still be possible over 2 domain, but
| then google would have to do a bit of ETL operations. Guess
| this will save some more engineering.
| ilyt wrote:
| It's funny for browser vendor to push those "security"
| features, only to work around them in their own products
| mananaysiempre wrote:
| I actually find that somewhat reassuring, similarly to a
| Google employee criticising the security practices of a
| Google-operated certificate authority in public[1]: it
| demonstrates that the team responsible for instituting
| security policies in the interest of users still has some
| autonomy.
|
| [1] e.g.
| https://bugzilla.mozilla.org/show_bug.cgi?id=1709223#c19
| oblio wrote:
| Yeah, but do you want to bet that during the management call
| and the subsequent engineering call that made this decision,
| the main topic of discussion was the direct financial benefit
| from improved tracking?
|
| We'll never know, but if we could find out, say 1 year from
| now, I'd bet 100:1 that was the main driver.
| rickdangerous1 wrote:
| Wow...i didn't for even a second think it was anything other
| than a way to get a financial benefit. Kudos to you for not
| be as cynical as me.
| functionstooge wrote:
| The 2 things aren't mutually exclusive. Because it reduces
| complexity you will likely see a financial benefit from the
| cost of the engineering team alone. Having managed an
| infrastructure with a ton of subdomains I can say that it's
| almost certainly in their best interest to standardize the
| domain across all tools at least for engineering. Your data
| is just an added bonus :)
| [deleted]
| RobertRoberts wrote:
| They did this with Gmail years ago. Same scheme, I warned
| everyone that gmail.com would change over to a google related
| domain, and it didn't take long. And I tried to explain how it
| meant every email could be directly related to your internet
| traffic.
|
| "What do I have to hide?" was always the response...
| jsnell wrote:
| I don't believe your alleged change happened. Gmail was hosted
| under google.com literally from the day it launched [0].
|
| [0] http://googlepress.blogspot.com/2004/04/google-gets-
| message-...
| RobertRoberts wrote:
| It did, I watched it explicitly for this reason, but I guess
| unless it's documented somewhere, oh well. It was even
| googlemail.com for awhile.
|
| Edit: It's possible my concern was the subdomain and my
| memory is off. It moved from a subdomain to a /gmail at one
| point (or something similar). That is when I swore off it.
|
| What clearly recall is that there was something wrong, either
| it was how it did a redirect to google.com first and then
| back or shared cookies in a very sneaky way that alerted me.
| (I was building sites at the time and I was privacy
| conscience early on in my career)
| jsnell wrote:
| Sure, this is what that Wikipedia page says:
|
| > As of 22 June 2005, Gmail's canonical URI changed from
| http://gmail.google.com/gmail/ to
| http://mail.google.com/mail/.
|
| As you can see from your own source, the canonical URL has
| always been under google.com, not under gmail.com.
|
| Edit: the parent post was originally linking to
| https://en.wikipedia.org/wiki/History_of_Gmail, before
| being edited
| codeflo wrote:
| I noticed that Google Search itself has very recently become much
| more aggressive about asking for location permission.
| Coincidence, or is collecting more location data someone high
| up's KPI for the year?
| r0m4n0 wrote:
| On another note, I feel like EVERY day my iPhone asks me if I
| want to share my location with google. I'll be searching
| something in Safari on google that's obviously location based and
| I get a dialog that pops up. I have allowed it 100s of times.
|
| https://imgur.com/gallery/LleCkEo
|
| I hate this and don't want to see it ever again. Allow always,
| allow never, I don't care. This reminds me of the GDPR popups...
| I feel like once you have popups everywhere, they lose their
| value and become an annoyance
| r0m4n0 wrote:
| Just FYI. After this rant, looked it up and apparently you can
| set in OS settings to allow for all websites, or deny for all
| websites. No granular control though
| dislikedtom2 wrote:
| I have never shared my location via browser, including google
| maps. Still, google very well knows where I live and focuses on
| my home as default, when I open google maps. I'm curious what do
| you seek by sharing your location with google (maps)?
| nroets wrote:
| Perhaps your home router has a public IP. Google gets the
| location of the home router from just one Android phone
| connecting to it. I'm guessing.
|
| But some home routers are behind CGNAT infrastructure: Then
| it's possible that TCP connections from the same browser can go
| through different public IP addresses.
|
| Sharing the location helps Google to help users. And Google to
| target ads better.
| [deleted]
| deafpolygon wrote:
| This is also so they can invade your privacy, and correlate all
| of your searches to your geolocation.
| mkagenius wrote:
| Its reverse for translate. https://google.com/translate redirects
| to translate.google.com
| nroets wrote:
| I can understand why: Translate is the only service that works
| in China. Countries with censorship laws can easily choose what
| they allow.
| ellm wrote:
| I suspect this may more be to do with large organisations
| (and equally foreign governments) wanting to block Google
| translate, since it can be used as a proxy in some cases.
| netheril96 wrote:
| They don't work in China anymore.
|
| And when they worked, the domain was translate.google.cn
| instead.
| __michaelg wrote:
| This is a fantastic example of motivated reasoning. This "change"
| (which apparently isn't even new) can have so many different
| reasons, some of which are less harmful and some of which are
| probably worse (privacy-wise) than the one mentioned here. There
| is no indication that re/mis-using permissions is specifically
| what they wanted to do here, there is also no example of them
| doing it right now. Don't get me wrong, there is also no evidence
| that this isn't the real reason and that they wouldn't do that in
| the future. But the blog post basically list a single symptom and
| jumps right to the one conclusion that fits what the author
| expects.
| akudha wrote:
| My default mode is to trust everyone until they break my trust.
| Now that I am old, I have realized that trusting everyone by
| default is not a good idea, especially big tech.
|
| In cases like this, I think it is better to assume malice, even
| if we are proved wrong later. This is not our fault, this is
| big tech screwing with us repeatedly for years, with no shame
| or conscience
| matkoniecz wrote:
| Also, by most reasonable metrics, Google broke that trust
| long time ago anyway.
| account42 wrote:
| The way I see it, people deserve the benefit of the doubt
| when it comes to their motivations but corporations don't.
| kevincox wrote:
| Exactly. If you trust people you will often be rewarded by
| friendship and future help. If you trust cooportations they
| just exploit that to maximize shareholder profit with no
| value to me.
| randomdata wrote:
| Perhaps you mean _persons_ deserve the benefit of the
| doubt? People seems to be the root problem.
|
| I expect there is no difference between an individual and a
| corporation operated by a sole individual. If one is
| trustworthy, they will remain equally trustworthy if they
| happen to have a stock certificate in hand. The corporation
| isn't able to act autonomously. It acts with equivalency to
| the person it is represented by.
|
| Large corporations, involving people, is where
| communication breaks down, which leads to unintended
| consequences that wouldn't necessarily be realized if an
| individual was acting alone. When you have people there are
| bound to be competing interests created in the confusion
| and it is not always a straightforward answer who is best
| to honour. Even where intentions are pure humans are bound
| to make mistakes in their choosing.
| johannes1234321 wrote:
| I think the question is whether a effective feedback loop
| exists.
|
| If a local dealer does something bad they quickly receive
| corresponding response.
|
| A big corp is detached and anonymous. As long as there is
| no broad boycott there are rare cases where response
| really reaches them.
|
| If a big corp has a sales force the sales force is
| responsive to feedback, however the corp then quickly
| turns anonymous to them and whatever they put in the
| system doesn't reach the right places ...
| kristianheljas wrote:
| The only conclusion this article made is that google now has
| the permission to-do so, and this is 100% correct - motivated
| or not. Although, given you overly defensive response makes me
| suspect you have more insight than we do..
| zython wrote:
| I will accept motivated reasoning when in a friendly setting
| but big tech is not my friend. Their only and only purpose is
| to extract as much value (data or money) from me as possible.
|
| Looking at Heartbleed and other famous security we should know
| that minor mistakes "disguised" as "typos" can have devastating
| effects.
|
| They know what theyre doing alright.
| johnchristopher wrote:
| > But the blog post basically list a single symptom and jumps
| right to the one conclusion that fits what the author expects.
|
| That conclusion isn't wrong though. Your comment basically
| claims author is twisting facts but the conclusion remains that
| giving google.com/maps permission to geotrack does give
| google.com permission to geotrack.
|
| "Pinky swear I won't enforce that clause" is not reassurance
| enough.
| forgetfulness wrote:
| They've promised nothing, to boot. Google does not deserve
| the benefit of the doubt here.
| stingraycharles wrote:
| It may not be the only reason, but you're being too generous if
| you don't think this was at least one of the reasons they did
| it.
|
| Other than some abstract "branding" campaign, I cannot really
| see many other reasons why they would be doing this.
|
| And as someone who worked in adtech in the past, it was very
| well known that Google used their domain as their tracking
| cookie domain as it's nearly impossible for adblockers to just
| block without crippling other functionality. So they even have
| a history of using precisely these types of techniques.
| jstummbillig wrote:
| > but you're being too generous if you don't think this was
| at least one of the reasons they did it
|
| If you consider it absolutely unthinkable that it was not one
| of the reasons, it's you who is being too generous.
| Unconsidered side effects occur plentiful and all the time.
| mrd999 wrote:
| This is cute, but 100% no. In this case, those involved in
| the decision were aware of the privacy implications.
| Whether this was discussed openly, or whether the change
| was made 'pass-the-buck' style, it doesn't really matter.
| The association of privacy settings with domains is a well-
| established basic function in the browser.
| Ensorceled wrote:
| > If you consider it absolutely unthinkable that it was not
| one of the reasons, it's you who is being too generous.
|
| The person you are replying to didn't use the word
| "unthinkable" or even imply it.
|
| I think you are being either incredibly naive or
| disingenuous if you believe an adtech giant like google
| doesn't factor changes to data gathering into every single
| decision they make.
| hooby wrote:
| 1. The change does exist (although it apparently has been live
| for quite some time in some regions at least)
|
| 2. The change does have the effect of Google gaining more
| permissions (and subsequently more data) than previously
|
| 3. The author assumes that (2) is the (main) reason why (1) was
| done in the first place
|
| Regardless of whether (3) is correct or completely wrong - and
| regardless of whether the author truly believes (3), or only
| uses it as a rhetorical trick to increase the controversy (and
| therefore the reach) of their post - both (1) and (2) remain
| fact.
|
| And (2) is the actual problem here - regardless of whether it
| was done intentionally by Google or not.
| delroth wrote:
| > The change does have the effect of Google gaining more
| permissions (and subsequently more data)
|
| There's a huge logic gap here. Obtaining more permissions
| doesn't at all imply obtaining more data when it's caused by
| an incidental change. Maybe the permissions aren't being used
| outside of the Maps context, or maybe it doesn't matter
| because the data was already be known.
| bogwog wrote:
| It's true that we can't really know whether Google is
| exploiting these expanded permissions to collect more data
| unless we have some insider information.
|
| However, it's generally very easy to predict what a company
| is going to do by observing their business model and
| incentive structure. In Google's case, collecting as much
| data as possible is a major part of their business, so
| without more information, there's no good reason to assume
| they won't do it.
| luckylion wrote:
| > It's true that we can't really know whether Google is
| exploiting these expanded permissions to collect more
| data unless we have some insider information.
|
| You could track usage and see what pages on google.com
| are accessing these APIs.
|
| I doubt that it's a lot. Google already has fairly good
| geo-localization based on IP, GPS-level accuracy isn't
| necessary for ads. They could've already connected your
| data from maps.google.com to www.google.com, because both
| are using consent.google.com and you're getting a
| .google.com unique cookie.
|
| This is mostly just outrage because people don't
| understand how things work.
| creatonez wrote:
| Google search asks for geolocation. So the permission
| absolutely is being used.
| ryantgtg wrote:
| > 1. The change does exist (although it apparently has been
| live for quite some time in some regions at least)
|
| Pretty sure I've been experiencing this change for many years
| at this point.
| __michaelg wrote:
| Upvoted, this looks more correct than what I wrote.
| hooby wrote:
| As for (3) - there's no proof either way, as you already
| said.
|
| But collecting more of that data which their marketing
| business makes it's profits from, is likely to have a
| positive effect on their bottom line.
|
| And since the change already has been live for a while in
| some regions, it seems likely that Google is well aware of
| how much impact this change has on their revenue.
|
| You decide for yourself if money is or isn't the reason why
| a big corporation like Google would do something like that.
| s3p wrote:
| I think your original comment was spot on. The reply above
| didn't really add anything imo.
| Bud wrote:
| __michaelg wrote:
| Meta: my answer here is probably also a good example of
| motivated reasoning because I likely read a bit more into what
| the author wrote than is factually in the blog post. Oh boy.
| garritfra wrote:
| > Oh boy.
|
| Do you mind pointing out where you think this applies?
| __michaelg wrote:
| I think my critique is somewhat correct in that you seem to
| suggest that this change was made to allow for expanding
| the permissions from one product to all products, which I
| don't think one can derive from the things we know.
|
| I think I was somewhat wrong in that I may have suggested
| that you said this was the only reason (which you didn't
| explicitly) and also in that I dismissed that they
| factually can use these permissions from other products
| now, i.e., no matter whether it was intended or not, the
| permissions set for other products is broader now.
| eternalban wrote:
| > This is a fantastic example of motivated reasoning.
|
| Did we read the same short article? [not parody]
|
| It's so short, we can copy paste it here and then you can point
| out where he reasoned that Google did this with intent to
| track.
|
| > But the blog post basically list a single symptom and jumps
| right to the one conclusion that fits what the author expects.
|
| OP is simply stating a consequence of this change!
|
| " _Congratulations, you now have permission to geo-track me
| across all of your services._ "
| D13Fd wrote:
| I think it's the part where he says "Smart move, Google."
| __michaelg wrote:
| > [...] though I'm sure they're just beginning to transfer
| their services to the main google.com domain.
|
| This and the wording across the article imply more than the
| factual changes. But granted, hooby's comment above is
| probably more correct than what I wrote.
| trudler wrote:
| bro, data is money and those corporates extract as much as they
| can. don't try to reason that google would not be interested in
| exactly that. one does not have to find a specific evidence for
| exactly this scenario in my opinion. this evidence likely might
| never emerge, while the spying definitely will happen.
| otherwise you would need to come up with a huge scenario where
| they actually farm a ton of benefits by doing this change,
| because a move like that you don't "just do for a better
| experience".
| mrjin wrote:
| Cannot agree more. Money is the most important if not the
| sole driver of decision making in those large organizations.
| dethos wrote:
| The real reason or intention isn't that important, compared to
| the outcomes of the change. The author correctly evaluated one
| of those outcomes and the respective implications.
|
| Given Google's track record, I think it is a sensible
| evaluation of the situation.
| dclowd9901 wrote:
| Are people really surprised when they hand their location off
| to a domain that any other part of the domain might have access
| to it? Like, taking away the technical specifics of how
| location allows actually works, you've given the data to the
| _company_. At the very least, they throw it on an internal
| service and allow other parts of the company's infra to grab
| it.
| rkagerer wrote:
| Even if it's entirely innocuous at present, that's still little
| better. It would signal modern-day Google engineers lack the
| nuanced understanding and user-first deliberation of their
| predecessors.
|
| Given the breadth of services the company provides, a user
| ought to be able to restrict the permission to the scope of the
| maps tool.
| croes wrote:
| I think the grand master of user tracking and the developer of
| the web's most used browser knows exactly what they are doing.
| underdeserver wrote:
| Google is huge. You'd be surprised how something that's
| common knowledge in one team is completely unknown to other
| teams.
| arminiusreturns wrote:
| Hanlons Razor is a fallacy on it's face and I'm so tired of
| the incompetence excuse for actors who are repeatedly bad.
| croes wrote:
| I doubt that a URL change is the solely decision of the
| maps team.
| WhyNotHugo wrote:
| The change may have happened for any of many reasons.
| Regardless of which reason was the motivator, it's clear impact
| is reducing user privacy. When talking about a
| tracking/advertising company, so it's kinda natural to assume
| that this was kept in mind.
| darthrupert wrote:
| When companies like Google are involved, I believe the Hanlon's
| Razor works in reverse. I.e. never attribute to stupidity that
| which is adequately explained by malice.
| agumonkey wrote:
| Didn't know this has a name. It feels that it's the main mode
| of reasoning in society.
| powerapple wrote:
| Recently I have been trying to recover my gmail account.
| Besides sending verification code to my phone number, it also
| sent a code to YouTube app, high on the list. I have lost
| access to my google account, so I cannot open my YouTube. So it
| sent a verification code to the exact gmail address I am trying
| to recover. The whole process is unreal. This YouTube
| verification thing is definitely new, I don't know the
| motivation behind it, it couldn't even detect if my YouTube App
| was activate or not (or maybe it knows I wasn't using YouTube,
| maybe it is encouraging me to log in YouTube or open YouTube.
| Either way, I am not impressed.
| bheadmaster wrote:
| Privacy and intimacy, As we know it, Will be a
| memory, Among many to be passed down To those who
| never knew. Living in the pupil of one thousand eyes.
| codeulike wrote:
| Are you missing a Not operator in that last line?
| bheadmaster wrote:
| It's lyrics from a song - the last line sounds like a new
| sentence, so it's punctuation that I'm probably missing.
|
| I've added it for clarity.
| zshrdlu wrote:
| What a pleasant surprise! I hadn't listened to _Symbolic_ in a
| while.
| npteljes wrote:
| I was curious where this is from, and found it's from "1,000
| Eyes" from Death.
|
| https://genius.com/Death-1000-eyes-lyrics
| Cockbrand wrote:
| From 1995 - prophetic, almost.
| torstenvl wrote:
| Maybe they'll fix the ~5yo regression where a search for
| from:City, ST to:Town, ST
|
| no longer results in the obvious (and previous) behavior.
| canbus wrote:
| https://www.openstreetmap.org
| mcv wrote:
| But is the app as good as Google's? I always struggle with OSM
| maps.
|
| I think at the moment there's a massive discount on OsmAnd+.
| Worth it?
| therealmarv wrote:
| Really depends, it can be much better than Google depending
| on country/region. Google Maps is not in every country good.
| Definitely better for any kind of outdoor activity like
| hiking, bicycle, ski etc. and offline usage.
| dbrgn wrote:
| If you need OSM on Android, I can recommend:
|
| - "Organic Maps" (a fork of the old MapsMe codebase) if you
| want a clean, simple user experience
|
| - "OSMAnd" if you want a very powerful, highly customizable map
| application, which comes at the cost of a steeper learning
| curve
|
| Both apps are open source and support navigation, offline maps
| and POI search.
|
| The things I miss most compared to Google Maps is live traffic
| information and the powerful search. However, this has a
| privacy cost, so I generally try to use OSM first, and only
| fall back to Google Maps (in the browser) if I really need to.
| raybb wrote:
| Lets not forget StreetComplete is a dead easy app to use to
| help contribute to OSM. It just asks you a few questions like
| "is this bench still here" or "is there a bike lane on this
| road" etc
|
| https://streetcomplete.app/
| probably_wrong wrote:
| Can I use this app to suggest issues? In one of my projects
| I found a bunch of buildings that have either the wrong
| direction or the wrong coordinates. Think "Random street 1,
| 2 and 4 are next to each other, but Random street 3 is 500m
| away". But since it's a city I don't live in I can't go
| there in person and confirm.
| marssaxman wrote:
| I love this app and use it frequently. Great excuse to take
| little walks around town.
| vanderZwan wrote:
| Organic Maps is also significantly more optimized in my
| experience (or maybe a more fair thing to say would be: is
| faster because it does less). So it pays to have both because
| OM is basically the "fast path" for its use case in more ways
| than just the interface.
| mngnt wrote:
| I'm a OSMand user and OSM contributor. However, sometimes I
| hate the routing OSMand provides, taking me through narrow
| streets with awkward turns. Wish they used GraphHopper... A
| nice feature in OSMand is that even if you get the free
| version off the Play store, if you log in with OSM and are
| active, you get free map updates and all the "plus"
| functions. And on top of that, the full plus version is
| available off F-Droid.
|
| By the way, OSMand has some support for reporting traffic
| issues (police, crashes), but it's very very limited due to
| low adoption way below a critical mass. Also, reporting
| traffic status would probably require OSMand to run a pretty
| beefy server and get the current speed/traffic info from all
| the users - many chose it exactly because they don't want
| that.
| dotancohen wrote:
| Maybe you know. I've been told twice that OSMand can show
| the altitude above sea level of a location, but I cannot
| for the life of me figure out how. Have you any idea?
|
| Thanks!
| ce4 wrote:
| It's these steps:
|
| - go to pugins section and activate the contour lines
| plugin
|
| - then go to download maps and load the contour lines
| data for your region
|
| - go to configure map and check the show contour lines
| option
|
| I think you need the f-droid Version or the paid pro
| Playstore version or the subscription. Please note that
| this will only show marked contour lines and not
| interpolate/estimate the elevation for any point. So you
| need to search for the next line and get your own idea
| what that means for the specific location. Not ideal for
| very flat areas with sparse contour lines.
|
| For the current position you can show GPS elevation
| (settings, configure screen, widgets)
| vanilla_nut wrote:
| On iOS, I have mine configured to show the altitude in
| the top right corner of the map view. The settings are
| admittedly confusing but if you just poke around in the
| map display settings you should find it!
| somat wrote:
| I hope the author of OSMAnd makes enough money from the play
| store to finance continued development, because the
| application is amazing, it has an interface that is not
| dumbed down, it does not phone home to the mother ship, it
| gives you great tracks, in short it is a great tool that
| respects the end user.
|
| I wish more applications were like it, first thing I install
| on my phone.
| frxx wrote:
| Both Organic Maps and OsmAnd are available on iOS as well.
| ajuc wrote:
| I use OSMand for walking and biking and it's great, much
| better than Google Maps in my region. Just remember to choose
| the right kind of traffic in the settings when starting
| navigation.
|
| It's not as good for driving.
| LoveMortuus wrote:
| I have Organic Maps, because I thought it would be nice to
| have in case of an emergency where I don't have internet, but
| sadly just a few weeks ago, I had such a case and Organic
| Maps couldn't find the address and the map itself didn't have
| all the roads on it (nor satelite or topology map), so I
| couldn't even use it as a normal map... In the end I had to
| resort to one archaic ways and ask local humans for
| directions...
|
| Google maps does offer being able to download for offline
| use, but if you don't have internet it quite often doesn't
| want to do navigation, unless you trick it with saved
| directions.
|
| How does Garmin do it (I'm guessing map licencing issue)?
|
| And how come this isn't already a solved issue?
| KronisLV wrote:
| I also had some success with HERE maps: https://wego.here.com
|
| Their Android app: https://play.google.com/store/apps/details
| ?id=com.here.app.m...
|
| Their Apple app: https://apps.apple.com/app/id955837609
|
| The performance is good (especially on a budget Android
| device, better than the recent versions of Google Maps,
| even), they're reasonably accurate (I'm in Eastern Europe)
| and include navigation, traffic information, public
| transportation, as well as the ability to save regions for
| offline browsing.
|
| I can't comment on the company behind it, though, but it's a
| nice alternative nonetheless (and there are simple prompts
| for choosing whether you want to send them any data, e.g. to
| enrich traffic information).
|
| Edit: as a criticism, some Android reviews suggest that
| recent updates have made the app less performant than
| previous versions, though I didn't notice anything in
| particular on my current device (2020 budget phone). Some
| also suggest that navigation needs more work.
| dotancohen wrote:
| From where do they get traffic information? The only viable
| app that I've ever seen for traffic data is Waze, because
| of the huge install base. I do remember HERE from when they
| were a Nokia brand, but even with that history I think that
| they'd be too small to have good traffic information.
| vetinari wrote:
| HERE is currently owned by a consortium of Mercedes-Benz,
| BMW and Audi. So I guess that's where their traffic info
| is from.
| SanjayMehta wrote:
| One of the best features of HERE maps is the ability to
| download entire countries' maps and turn off data.
|
| This was a life saver when roaming when data charges were
| really exorbitant.
| tomschwiha wrote:
| Google Maps Android also supports offline maps
| downloading of selected regions. However the download is
| only valid for a year.
| ruph123 wrote:
| Is panning and zooming in OSMAnd not a huge pain for anyone
| else? The map rendering (of downloaded maps) is extremely
| sluggish and absolutely useless for me to use. (Even worse
| than the tile-based rendering of early Maps on iPhone.)
|
| Organic and MagicEarth work fine for me. I really wonder if
| it is just my setup or if everyone else suffers from this. I
| am on a Pixel 5 with CalyxOS using the OSMAnd+ from Fdroid
| (but same with normal OSMAnd from Aurora)
| bboygravity wrote:
| I have the exact opposite experience with OSMAnd on
| Android.
|
| The map rendering of OSMAnd is faster than Google Maps
| (using a 3+ year old smart phone with a low-end Realtek
| SoC). Like really way way faster/snappier.
|
| My setup is a Chinese brand Android 10 with default OS
| (rooted)and OSMAnd+ from Fdroid.
|
| The only possible cause I could think of is that CalyxOS is
| somehow missing proper video drivers for your Pixel?
| ruph123 wrote:
| Hmm interesting, thanks for letting me know. I always
| wondered why people recommend OSMAnd when it performs so
| poorly. Will look into this.
| ce4 wrote:
| It may be a bug of Android: Newer Android versions have
| further locker down sd card access. The implementation is
| apparently super slow for stuff like what Osmand uses. Dont
| put the map data onto the sd card or use one of the
| predefined locations
|
| https://github.com/osmandapp/OsmAnd/issues/12046
| https://github.com/osmandapp/OsmAnd/issues/13254
|
| Edit: If that is not the culprit then check if OpenGL
| rendering is activated.
|
| You can also deactivate unneeded features from being
| rendered (buildings, areas, etc). And lastly there are
| smaller road-only maps (no POI data and no adresses though)
| ruph123 wrote:
| Thanks for letting me know. I don't have a sd card,
| activated the dev plugin and enabled opengl but did not
| see any real improvement. I will open an issue with a
| screen recording on their repo now that I know it is not
| supposed to be this bad.
| therealmarv wrote:
| The problem is you loose a certain percentage of businesses and
| also user recommendations (no real alternative there). There is
| no real incentive for businesses to make yourself visible on
| OSM (probably many don't even know it exists).
| dclowd9901 wrote:
| Or, you know, use the Google maps app (like the company is
| always haranguing us to do) and turn on "only allow while
| using" for geo location.
| college_physics wrote:
| osm and wikipedia are proof that an alternative, more
| desirable, digital universe is not utopically distant but
| begging to be born. imagine if the world would somehow muster
| to dedicate something more than token support to such projects
| / designs
|
| prediction: osm will eventually surpass wikipedia as the most
| successful crowdsourced effort because the more objective and
| simple nature of its data allows dramatic scaling. if even 1%
| of the billions of the world's roaming mobile devices get into
| the habbit of augmenting the osm database (e.g. using
| streamlined UI's like streetcomplete or yet to be build apps)
| the disruption will be on its way
| NavinF wrote:
| Would you bet money on that? Google Maps is pretty
| entrenched. A competing 2.4 trillion dollar company that
| preinstalled their app on the most popular phone in the US
| couldn't dethrone Google Maps.
| college_physics wrote:
| my prediction was careful to pitch osm against wikipedia
| (both of which I love) not against the well known elephant
| in the room :-)
|
| but on your real point, yes its going to be a long slog...
| ruph123 wrote:
| Unfortunately this is really not an option for (some) areas in
| the US. After having moved to a populous LA area from Germany I
| was baffled at the lack of detail in the maps. Basic things
| like building numbers are entirely missing. Even after adding
| more and more details I would never fully rely on OSM here
| sadly. And if it only works sometimes why even bother using it
| in the first place? At least this was my progression. From
| fully using OSM, I am back to Google.
|
| The only good in-between solution is MagicEarth which
| supplements OSM maps with data from lord knows where. However
| although they claim to be privacy cautious they are quite
| opaque.
| cornedor wrote:
| Also, do not fully rely on Google Maps knowing house numbers.
| Looks like in some areas (in UK for example) Google used some
| sort of OCR to find house numbers. There are houses and Wales
| with random house numbers that only have a house name;
| Numbering ends a few houses into dead-end alley where the
| Street View car didn't come; Or totally wrong numbers where
| house number sings are hard to read.
| oniony wrote:
| House names, rather than numbers, are very common in rural
| UK.
| gumby wrote:
| Australia went to mandatory house numbers in, I think,
| the 60s but my grandmother refused and gave out only her
| house name until she passed away in the 21st century.
| aganumb wrote:
| Searching for my address just straight up doesn't work.
|
| Named house rather than a number, and the postcode isn't
| a particular street but covers a number of little tracks
| up to various farms.
|
| I also don't have a road name.
|
| The address syntax is:
|
| Building name
|
| Town
|
| County
|
| Post code
|
| The combination of no road and no number means Google
| absolutely fails. It just gives suggestions of businesses
| nearby... Ish.
| Eleison23 wrote:
| Does your location have a Place ID? Google originated
| Place IDs for exactly this type of use case, so that
| people could find places like yours without an address.
| edf13 wrote:
| Not heard of MagicEarth before - looks interesting but what's
| missing is a "Why/how is it free" statement. They don't cover
| how they monetise this, what's their business model.
| mcv wrote:
| Interesting. In my experience, OSM's level of detail in
| Amsterdam is much higher than Google's. Especially in bike
| routes, an area that Google often sucks at.
| timeon wrote:
| OSM is usually better in Europe. Even some rural paths were
| mapped as streets in Google maps. But in USA it is probably
| other way around.
| moffkalast wrote:
| Makes more sense to switch to bing maps, since they have ever
| so slightly better satelite imagery and there's no way in
| hell anyone would use bing for anything else anyway.
| db48x wrote:
| A lot of the US road map was imported from TIGER (<https://en
| .wikipedia.org/wiki/Topologically_Integrated_Geogr...>). This
| is an electronic mapping system set up in the 90s by the US
| Government to aid in conducting the census. The TIGER data
| doesn't have any address information at all, just road
| shapes. No information about the type of road, the number of
| lanes, the quality of the surface, presence of sidewalks,
| signals at intersections, anything. Just the paths the roads
| follow, and those paths are often of extremely poor quality.
| The resulting OSM maps are barely usable; sometimes they are
| not even recognizable by locals.
|
| So OSM has decent geographical coverage of the US, but relies
| very heavily on individual contributors to correct the
| deficiencies and add useful information to the maps. The only
| way it will be usable for you is if others have improved it.
| The only way it will be usable for others is if you jump back
| in and do the same.
| mtmail wrote:
| > TIGER data doesn't have any address information at all
|
| In the EDGE tables it does have ZIP codes and house number
| ranges, split into left and right side of the road. ZIP
| codes were imported into OpenStreetMap data. House number
| ranges are imported into the OpenStreetMap search into a
| separate database table, so searching works in a lot of
| areas but it's far from complete, all the issues you
| mentioned with roads that don't even exist etc
| db48x wrote:
| I stand corrected. Maybe the TIGER data or the import
| process was improved at some point in the last decade?
| avtolik wrote:
| While I like OSM for some use cases, and have contributed, it
| can not work as a replacement for google maps for every day
| use. My biggest problem is the search - absolutely unusable.
| kqr wrote:
| Technical nit: OSM as such does not have "a search".
| Geocoding (as it's known) is a separate component and if you
| dislike the one used by the openstreetmap.org there are other
| services that render OpenStreetMap data for you - perhaps
| with a better search!
| NGRhodes wrote:
| Obviously YMMV.
|
| I live about 1 mile from suburbs in a town called Bingley in
| Yorkshire, England.
|
| I can't trust Google maps locally (though its good for local
| business searches), as the mapping quality is terrible. My
| village and local town have roads missing, numerous public
| rights of way missing (over both public and private land).
| Major areas of trees missing. OSM is much, much better.
|
| See the difference:
|
| https://ibb.co/fk74k3s https://ibb.co/GTKMTzn
|
| I am noticing more and more how poor Google maps is for non-
| drivers (such as myself recently having to stop driving), such
| as not being able to do walking routes over local foot bridges,
| OSM with OSRM or Grasshopper is fine:
|
| https://ibb.co/NtTf6kr https://ibb.co/sq60YQy
| dotancohen wrote:
| > OSM with OSRM or Grasshopper
|
| Is this usable on mobile? Can you tell a bit more?
| NGRhodes wrote:
| Sorry, I don't know. I used the OSM website for the purpose
| of this comparison. I use the Magic Earth app on my phone,
| which has proprietary route planning (using open street
| maps).
| verytrivial wrote:
| Here's a question for someone who understands cross-site
| cookies (which isn't me): Why does www.google.com/maps 's site
| permissions show https://www.openstreetmap.org/ as one of the
| sites 'that can use cross-site cookies and site data'?
| cft wrote:
| I found OsmAnd absolutely essential in my extensive off-road
| travels in Central America and Spain, paid to support it via
| Google Play, but i could not for the hell of it figure out how
| to submit photos and places. It forced me to create a separate
| account and then always gave me errors when i tried to submit
| ce4 wrote:
| The separate account is needed for openstreetmap
| uploads/notes/corrections. You can add places on osm.org also
| or retry with the osm account using Osmand.
| cft wrote:
| I have what i think is a separate account. Could you link a
| GitHub where i can create an issue and upload error
| screenshots? Even if it's not a bug but a feature, it
| should still be useful, because this flow is very
| confusing.
| rhamzeh wrote:
| https://github.com/osmandapp/OsmAnd/issues
| ce4 wrote:
| There are two ways to login
|
| Oauth and user/password, you can try both under
| plugins/openstreetmap editing/settings/Login to
| Openstreetmap
|
| The official Telegram support group is also good for
| getting help:
|
| https://t.me/OsmAndMaps
| vaakash wrote:
| This article is not about one specific service and how an
| alternative can solve the problem.
|
| It is an example of how companies are dying to permission to
| track is.
| keyle wrote:
| It's a very strange move indeed. maps.google.com implies an
| application lives there, far better than being on the root
| domain.
|
| It also means that when you start typing maps.google, you'd get
| all your history searchable related to maps, although arguably
| that's useless.
|
| I can't think of a reason why this would be a good technical move
| for Google (ignoring the don't do evil thingie), other than
| simplifying... certificates? Less lines in the firewall config...
| I'm stretching here, help me understand.
| luckylion wrote:
| Other things: slightly simpler external DNS surface, probably
| tiny speed improvements because users only need to have the IP
| of www.google.com, not one for maps, one for www, one for
| whateverelse.
|
| More possibility for connection re-use, as you'd only need to
| have a connection open for www.google.com, not one for each
| service.
|
| And security wise: ISPs can now only see that you're accessing
| _something_ at google, but not which service exactly. If they
| also bring in accounts.google.com into the fold, that would
| make it harder to see whether you have an account or not.
| fnordpiglet wrote:
| True. I'm sure being a beyondcorp company they can't figure
| out how to add dns entries. Those google guys really should
| learn more about the internet and it's technologies.
|
| I don't buy the simplicity argument for a second. The
| infrastructure exists, has existed for many years, and is not
| particularly exotic in the world.
|
| The only thing that matters to a surveillance and advertising
| company is surveillance and advertising. You don't need to
| overthink this one.
| justusthane wrote:
| That's a rather simplistic take; a company that makes money
| by surveilling you as you use their products also must care
| about the quality of their products. If their products
| suck, fewer people will use them = fewer people to surveil
| = less money! So not all changes are necessarily directly
| in the service of surveillance.
|
| Also, I don't think your reply to the above comment was
| entirely fair; they didn't say anything about adding DNS
| records, and also mentioned several other potential
| benefits of not using subdomains.
| fnordpiglet wrote:
| All changes are in the service of surveillance. If making
| the honey pot sweeter works then they'll do it. If making
| it more pervasive and intrusive while not offending
| anyone away they will do it. They will do nothing that
| hurts the mission to mine and sell advertisements, and
| all actions will lead to that.
|
| I know you mentioned other things but they're all sort of
| in the same bucket of "not that hard once done" and
| "google can surely do that without blinking an eye". I
| would posit the move away from a subdomain to a root
| domain is _hard_ and _complex_ and benefits end users not
| one bit. Perhaps the end state is easier on the margins,
| but again, I doubt given it's been that way for so long
| it's effectively any easier for engineers or operators at
| google in any way what so ever.
|
| Well, other than those responsible for surveilling all
| the things.
| phillipseamore wrote:
| As you mention there are plenty of performance reasons to run
| everything under a single hostname. There's also one
| especially vital for Maps, it loads a tonne of resources and
| maps are used in various other services at Google. Now that
| caches are being siloed down to the host level, having all
| the resources accessible in a same-origin cache will save
| bandwidth and increase performance for users.
| csmpltn wrote:
| > "It's a very strange move indeed. maps.google.com implies an
| application lives there, far better than being on the root
| domain."
|
| How does "maps.google.com" imply an application "lives there"
| any more than "google.com/maps"?
|
| Technically speaking, "google.com/maps" is far superior to
| "maps.google.com" (check out the rest of the comments in this
| thread for examples: simpler DNS configuration, simpler
| certificate management, CORS, cookies, etc).
| ilyt wrote:
| Technically speaking it goes around any security CORS and
| friends provide
| csmpltn wrote:
| > "Technically speaking it goes around any security CORS
| and friends provide"
|
| CORS wasn't designed to "offer any security" in this
| specific scenario anyway.
|
| By using "google.com/maps" they can simplify their systems
| (by not worrying caring about CORS).
| fnordpiglet wrote:
| Security is hard, money is easy. Simple choice!
| ojr wrote:
| google.com/maps is simpler to type on a mobile phone and more
| consumer friendly, I've always used google.com/ pattern, way
| easier to leverage autocomplete, type a g to autocomplete
| google.com then if you are looking for flights type f and in
| 2-3 clicks you are on google.com/flights
| somat wrote:
| Yeah, but flights.google.com or translate.google gets you
| there even faster.
|
| dns segments are shown backwards for a reason. it was done so
| that the most specific part shows up first when searching for
| something.
|
| I have to admit as a data structure snob. I vaguely wish it
| were the other way around, sigh, as much as I hate to admit
| it java classes got it right. I also have to admit it does
| not really matter that much.
| bdcp wrote:
| huh? You were always able to share sub-domain cookies with top-
| level domain cookies no?
|
| Set-Cookie: name=value; domain=google.com
| zuhsetaqi wrote:
| Setting cookies doesn't allow using Browser APIs lie GEO-
| Location
| lloeki wrote:
| What about other apis such as web notifications or webcam and
| mic access?
|
| With separate domains we could allow notifications for one
| (e.g calendar) and disallow for another (e.g mail) at the
| browser level.
|
| Seems like it would now be a blanket allow for all of
| google.com (with a toggle for each product setting, maybe?)
| which sounds like a very user hostile move.
|
| I guess it depends if one considers Google products to be
| separate apps or Google as a whole to be a "Web OS".
|
| (Also on the technical side there's not just google.com but
| also google.<2 letter country TLD>, which is even worse in
| terms of CORS, certs, or whatever. Would they get rid of
| that?)
| aembleton wrote:
| Google Maps could have set your location in a cookie that is
| shared with google.com. Then search would have your location
| anyway when you next visit it.
| eknkc wrote:
| Can you load, let's say maps.google.com/somepage in a hidden
| iframe and use postmessage to send location data if it
| already has access? Or do browsers force top level navigation
| for such permissions?
| amenghra wrote:
| There were probably covert ways to obtain the same
| information but it's now easier for Google to grab the
| information using regular APIs.
|
| It also means if app X and app Y on their own subdomains
| were previously using location APIs without any tricks, you
| are now effectively opting into both apps.
|
| Bottom line: technically it doesn't matter but it probably
| makes a difference in practice.
| eknkc wrote:
| Yeah it makes a lot of sense to do it this way, however
| it does not feel that nefarious when there were plausable
| workarounds anyway.
| amenghra wrote:
| Browser could implement finer grain permissions (i.e.
| only permit the API use for a given top level path
| regexp) but I bet most users won't bother fine tuning
| their grants.
| kqr wrote:
| Hey now, it used to be local.google.com! I sometimes use that
| just to see if it still works.
| fbn79 wrote:
| I'm wondering how much time browsers will take to implement URL
| match permission granting.
| wruza wrote:
| If that was the goal, google could simply &tbm=maps it further.
| SCLeo wrote:
| Nah, Google will never do it because url parameters have
| terrible SEO... Um wait
___________________________________________________________________
(page generated 2022-11-24 23:00 UTC)