Somehow I had missed the November @calyxos status update:
https://calyxos.org/news/2025/11/10/calyxos-progress/

Apparently, they are:

- finalizing the design of a Hardware Security Module (HSM) signing solution

- finalizing the detailed provisioning plan for the signing process

- trying to figure out how to sustainably access and publish OS security patches in the face of #Google's meddling and gradual closing of Android code.

Also, they are hiring:
https://job-boards.greenhouse.io/calyxinstitute

#FuckGoogle #InfoSec #CalyxOS

More on #Google and Fascism

I'll add something here to my previous note about Google and SMS/RCS message retention, etc. In an "ordinary" world, these changes could at least be reasonably analyzed in terms of conventional business practices, absent the total lack of trust that Google has now earned with CEO Sundar's embrace of Trump's fascism, even donating to his fascist causes.

All the excuses in the world won't change the fact that ANY feature capable of being abused by Google is now potentially subject to this abuse with one email or phone call from a Trump minion. This is (in my opinion) pretty much ALL on Sundar. It's a trap (an understandable one) to think these things through in terms of a normal world, not the U.S. with an authoritarian federal government and willing billionaire CEOs.

The world is different now.

L

Good morning to everyone who searches the web without feeding the monopoly ☺️

#BigTech #Google #SearchEngine #Tech

This is the script of my national radio report yesterday discussing the rumor that #Google was using #Gmail to train #AI, and other issues surrounding confusion about when and how AI is actually being used by Big Tech.

- - -

So yes some rather viral stories started making the rounds claiming that Google was already or soon would be training their AI on the content of users' personal and/or business Gmail messages. And as you might expect this triggered quite an outcry, and Google has now denied that any of this is taking place. And I don't see any reason to doubt that statement.

However, this does further open up the Pandora's Box of the ever-growing generative AI train wreck that keeps accelerating with little sense that the Big Tech AI firms are willing to take responsibility for the problems that their Large Language Model generative AI systems are causing.

And this is of particular importance now because there have been reports that the administration was considering an executive order to override state regulations on AI, even though Congress recently overwhelmingly voted to give states the ability to do AI regulation.

Irrespective of the specifics of this particular Gmail story, the reality is that it's becoming increasingly difficult to know or understand if, when, or how one's documents and other communications, whether business or personal may actually be ingested into AI, and whether that ingestion is to a local on-device model or if your data may find its way back into centralized models either purposely or accidentally. Because we know there have been cases of such data that individuals and businesses would consider private showing up in public AI interactions.

One trend now that you may have noticed, is that some firms don't even explicitly mention the term AI even though they are using AI-based systems, perhaps in some cases because they know the term now understandably triggers concerns and alarm from so many people. The firms will push new features and options to supposedly make your life better and sometimes the only place where you might see the term AI is deep in their Terms of Service that hardly anybody reads and where often even fewer people have the background to really understand them.

And it can be suspicious because it seems pretty obvious that those features couldn't really be implemented without AI, whether or not your data was actually being used for AI training today.

And these kinds of pushes for you to accept these services can come in various forms. Sometimes it's just a button that you can easily ignore. Sometimes it's what in Google-speak is called a "Butter Bar" -- a banner across the top of the current page. And then there's what many people consider to be the really nasty approach -- and many firms use this for all kinds of reasons. And it's called a "modal pop-up" -- that's M-O-D-A-L, and that's when you get a box or new page blocking some or all of your page that you're actually trying to use, and you're often forced to make some sort of decision right then -- sometimes with the option to just close the pop-up and sometimes not -- before you can continue work on your actual page.

Google used these fairly recently when they changed some available interactions between services and their AI, and it was pretty in your face -- it seemed that you had to decide right then what you were going to want, whether you fully understood their explanations or not. And frankly I didn't fully understand what they were saying until I researched it in some depth.

Whether or not some firms are purposely trying to trick you into using their AI even if they haven't defaulted you into it, it's clear that absent strong regulations to help avoid AI abuses, much of Big Tech intends to use AI to steamroll right over individual choices and sometimes privacy as well, in their desperate quest to profit from the staggering sums they're pouring into AI development, and how society at large feels about this seems -- unfortunately for us -- often not to be on Big Tech's list of concerns.

- - -

L

I don't understand what the point is of all Google's 2FA if my son can somehow log into my Google account from his phone without any kind of verification. My best guess is that he somehow copied the account from an old tablet of mine, but even then, how can he log in without my password? Can anyone with access to an old tablet just log into an account linked to that tablet on whichever device they want?

This sounds like a ridiculous security hole on Google's part. They can't claim that their account is super important and justifies all sorts of security steps, while simultaneously demanding every device has full access to that account and allowing random people to copy that account to other devices without ever knowing the password.

#google #security

XScreenSaver for Android - Priacy Policy

https://www.jwz.org/xscreensaver/google.html

This truly falls under "malicious compliance." LOL.

#google #privacy #android

Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, The nebulous hacking group known as Scattered Lapsus$ Hunters claimed responsibility. Read more from @Techcrunch:

https://flip.it/zDONb5

#Tech #Google #Salesforce #Cybersecurity #Hackers

🚨 BREAKING #Google just activated #Gemini on #Gmail - without asking you.

Turn it off now; here's how!
https://tuta.com/blog/how-to-disable-gemini-on-android

✊️ Fight AI & fight Google

You have to manually turn off Smart Features in the Setting menu in TWO locations.

Share so everyone is aware. ❤️

Alt...

“We’ve activated Gemini on Android, Gmail, Chrome, Photos, and Google apps” With a reply, "No Thanks! Learn how to disable Gemini on Android, Gmail, Chrome, Photos, & Google apps on the Tuta blog. "

Alt...

Turn off smart features in Gmail, Chat & Meet: Screenshot of the google settings you need to navigate to turn off smart features. Next to Smart features click the box to turn off smart features in Gmail, Chat and Meet. Click on Manage Workspace smart feature settings and toggle these setting off.

Yet you keep pumping money into it and forcing it down everyone's throats!

Google’s Sundar Pichai warns of “irrationality” in trillion-dollar AI investment boom

https://arstechnica.com/ai/2025/11/googles-sundar-pichai-warns-of-irrationality-in-trillion-dollar-ai-investment-boom/

#Google #SundarPichai #AI #Tech

Google has one enormous advantage over all other AI players in the industry. It can offer "AI-modus" to the billions of people already using Google Search. And yes, AI-modus can be bad, full of faults, but it improves and gets better. For many questions it is "good enough" probably. Also it is just one-click away for most people on a site they already visit regularly. This way Google will create another unhealthy market dominance i am afraid. #AI #AImodus #search #Google #oligpoly #bigtech

Alt...

picture of AI modus in Google

"To be very clear, Gemini 3 isn’t perfect, and it still needs a manager who can guide and check it. But it suggests that “human in the loop” is evolving from “human who fixes AI mistakes” to “human who directs AI work.” And that may be the biggest change since the release of ChatGPT."
https://open.substack.com/pub/oneusefulthing/p/three-years-from-gpt-3-to-gemini?utm_campaign=post&utm_medium=email
#AI #Gemini3 #Google

Gemini 3 is here https://techcrunch.com/2025/11/18/google-launches-gemini-3-with-new-coding-app-and-record-benchmark-scores/?AIagent.at
#ai #google #gemini3

This is the script of my national radio report yesterday on the serious new Android "Pixnapping" exploit, and related discussion of sideloading and the risks of agentic #AI. As always, there may have been minor wording variations from this script as I presented this report live on air.

- - -

Yep, I really do wish that I could bring more good news but man when the tech world is sliding into darkness even faster you still gotta call them as they are and things do seem to be going in the wrong direction painfully fast.

So the latest bulletin item of interest is researchers have discovered a new exploit that could be used by malware in a particularly insidious way. They're calling it Pixnapping, and that is a very descriptive name. What this technique does is bypass Google's #Android and deep level hardware protections and reportedly could let malware basically read almost anything on the user's screen, including sensitive personal information, one-time codes from apps like #Google Authenticator and others. There are timing constraints involved and other details but overall it's pretty awful.

And what makes it even worse is that this not only appears to apply to pretty much any relatively modern Android phone, tablet, or other Android device, but there isn't a fix for it yet, and getting one that actually works -- keeping in mind the hardware involvement -- looks like a nontrivial matter. And that assumes you have Android devices that are still getting updates, which LOTS of people with even relatively new devices don't receive.

Apparently Google developed what they hoped was a fix for this, but the original researchers turned around and quickly found a way to bypass the fix. So that's pretty depressing.

Now there is some relatively good news -- such as it is. Currently this exploit apparently hasn't been seen in the wild, only in the hands of the researchers who discovered it, and they reportedly say they won't release the code for the exploit until there is a fix. But of course, once they release the code it could show up pretty much anywhere and people with unpatched devices could be vulnerable.

Is there anything users can do right now or if they have devices that never get the fix? Well yeah, it's pretty much the standard advice, which is to try stay away from dodgy apps and suspicious websites, in particular don't install apps from unreliable sources that might ultimately carry this exploit or other exploits as a payload.

I'll mention in passing that Google has been talking about blocking (except in a restricted set of cases) users from "sideloading" apps, that is, installing apps directly without going through their Play Store or other official sites for example. Apparently they've backed off a little bit on this -- the details aren't clear yet -- because while sideloading can be a vector for malware it also is important for people to be able to use to install perfectly safe and legal apps that perhaps Google or some government somewhere doesn't approve of and so isn't in the Play Store, etc. Apple's iOS, e.g. iPhones has always been very restrictive in this context and that's been a real problem for many completely legit users over the years.

And there's something else important I want to add here. We need to be thinking about this new exploit, and malware, and bugs in general in a new way due to Google and other firms pushing very hard -- Google is really at it for this holiday season -- for people to use their so-called "agentic" AI systems to browse the web for you and make purchase decisions for you and take all sorts of other potentially risky actions on YOUR behalf.

Because it's not difficult to imagine how agentic AI and the like could actually "supercharge" malware and bugs that could manipulate the AI in perhaps a wide range of very problematic ways that could cause users potentially a lot of grief, with no real confidence that the AI firms are willing to take full responsibility for any damage caused.

So in terms of what can go wrong with this tech, it's quite possibly the reality that much worse is -- unfortunately -- still to come.

- - -

L

RE: https://mastodon.chrispelli.fun/@hnbot/115570637496066420

If this is true, quite impressive. #Gemini3 #Google

"I think of the strata of the city and how its new skyscrapers are built on the bones of the old docks."

Jessica Traynor for The Dial: https://www.thedial.world/articles/news/ireland-us-tech-meta-google-apple

#Longreads #Tech #Google #Meta #Apple #Ireland #Dublin #Infrastructure #Economy #Growth

This evening on my usual Monday national network radio tech segment, I'll be discussing the very serious new "Pixnapping" Android malware (that apparently affects all modern Android phones and for which there is currently no fix), and how malware of all sorts could become orders of magnitude more dangerous due to firms like #Google pushing the use of "agentic" AI to act on your behalf on other websites. A disaster in the making.

I dumped Google for my email & calendar a few months ago, but forgot to write a post about it!

If you are still using Google, consider leaving them. If Fastmail doesn't work for you there are other good alternatives.

https://rasterweb.net/raster/2025/11/14/hello-fastmail-goodbye-google-workspace/

#google #email #fastmail

CALLING ALL SUCKERS! #Google wants their awful AI to take over your holiday shopping. JUST SAY NO! I love the part where they claim that in the background their AI will calls stores to check on stock availability. Ever tried that yourself these days? GOOD FRIGGING LUCK getting off hold or an accurate answer. Oh yeah, let Gemini AI make purchases for you ... if you don't mind spending hours trying to get refunds when their AI runs amok with your payment method. AGAIN, JUST SAY NO! - https://blog.google/products/shopping/agentic-checkout-holiday-ai-shopping/

Alt...

JUST SAY NO!

Lauren's Blog: Coding with Gemini: Cheerful, cooperative, and usually, wrong.

https://lauren.vortex.com/2025/11/14/coding-with-gemini

Another experiment in #AI coding with #Google Gemini. I try to be fair. When I call generative AI mostly slop, I don't do so blindly; I attempt to conduct reasonable tests in various contexts.

Yesterday I needed a couple of routines -- one in Bash, the other in Python. I tried the Python one first. This required code to asynchronously access a remote site API, authenticate, send and receive various data and process what was returned, relying on a well documented Python library on GitHub written specifically to deal with that site's API.

After almost two hours, I gave up. Gemini was consistently cheerful and cooperative -- almost to a creepy extent. It generated code that looked reasonable, was very well commented, and even provided helpful examples of how to configure, install, and run the code.

Unfortunately, none of it actually worked.

When I noted the problems, Gemini got oddly enthusiastic, with comments like "Wow, that's a great explanation of the problems, and a very useful error message! Let's figure out what's wrong! Here is another version with more diagnostics that accesses the library more directly!"

Sort of made me feel like I was dealing with an earnest but incompetent TA at an undergraduate CS course at UCLA long ago. Which was not something I enjoyed back then!

After a bunch of iterations, I gave up. Even starting over didn't help. Gemini never seemed to produce the same code twice, no matter how I worded the prompts. The code would use completely different models each time, sometimes embedded configuration values, sometimes external files, sometimes command line args. And the way it tried to use the Python library in question also varied enormously. It almost seemed random. Or at least pseudorandom.

I spent half an hour and wrote plus tested the code I needed from scratch. It worked on the second try, and was about half the number of lines of any of the code Gemini generated, and much simpler, for whatever that's worth. By comparison, Gemini's code was bloated and definitely unnecessarily complex (as well as wrong).

I did give Gemini another chance. I also needed a simple Bash script to do some date conversions. I offered that task to Gemini since I didn't want to bother digging through the various date format parameters required. Gemini came up with something reasonable for this in about four tries. Whether it's completely bug free I dunno for sure, I haven't dug into the code deeply since its not a critical application. But it seems to be working for now.

So really, I haven't seen a significant improvement in this area. There are probably some reasonable sets of problems where AI-coding can reduce some of the grunt work, but once you get into anything more complex the opportunities for errors, especially in larger chunks of code where detecting those errors might not be straightforward, seem to rise dramatically.

--Lauren--

🚨 It's official: Google wants to scan your Gmail

Here are the plans: https://tuta.com/blog/how-to-turn-off-ai-mode-google-search

Disable Gemini now! We explain

👉️ How to disable Gemini
👉️ How to deinstall Gemini

And why @GrapheneOS @LineageOS and others are better in the first place.

Stop #Google now: 👉️ https://tuta.com/blog/how-to-disable-gemini-on-android

Alt...

Google 2010: ”We Know Where You Are. We Know Where You’ve Been. We Can More Or Less Know What You’re Thinking About.” ERIC SCHMIDT G 2025: "Search AI Mode will know everything about you." ROBBY STEIN

[The devil is in the details] #Google apparently backing off a bit on
#Android sideloading restrictions

https://arstechnica.com/gadgets/2025/11/google-will-let-android-power-users-bypass-upcoming-sideloading-restrictions/

Alt...

We'll see.

#Google is rolling out paid upgrades to Google Voice consumer version

As far as I can tell so far, there are no changes to the normal basic consumer grade Google Voice that most (non-Google Workplace) users have.

https://support.google.com/voice/answer/16515632?sjid=4193795446763823131-NC

[DEEPLY EVIL: Fascist #Google says ICE officials are a "vulnerable" group] Google hosts ICE Gestapo App to hunt immigrants with facial recognition, while removing apps to help people locate attacks by ICE

If you still work for Google, don't be surprised when people call you a fascist when they find out. -L

https://www.404media.co/google-has-chosen-a-side-in-trumps-mass-deportation-effort/?ref=daily-stories-newslette

Alt...

Evil is evil. No way around it.

Hey #Google AI super brain, is 9 more than 8?

@randahl @saarmuller

This is sad, and likely the first domino of many.

So much for "Don't be Evil" and "Do the right thing," now it's just "Feed the machine at any cost "

#google #ai

New Google Maps logo is blurring the lines - a symbol how it infiltrates your #privacy?

But who would think evil of #Google?

#GoogleMaps

Alt...

Google Maps old logo next to the new Google Maps logo.

Again:

Don't believe them: LLM text generators creating lots of slop web sites *does not damage the Web*. It just makes search engines useless. #Google is simply pivoting from a) providing Web search to b) letting you query a pre-trained LLM. This means that we’ll be back to hand-curated links and trusted sites, like in the 90s. I’m fine with that. You'll find my writing at my blog URL, as always.

#ai #llm #www

RE: https://mastodon.social/@randahl/115513890753953838

I know I say this a lot, but I am glad I stuck with WordPerfect. Usual evil stuff from #Google.

Randahl Fink » 🌐 2025-11-08 / 2025-11-08
@randahl@mastodon.social

This thread is worth reading if you are a Google docs user.

Short version: When you export a document from Google Docs, Google replaces all your hyperlinks with links that allows Google to monitor the interactions of everyone you share your document with.

This hidden link replacement can potentially be used to build a model of your professional relations, where people who interact more with your content are considered a stronger relation.

Think about the implications.
https://fosstodon.org/@Joe_0237/111145684757912952

Just noticed that CBP/ICE have posted an app publicly to the google play store that they say is meant to be used by partner policing organizations.

https://play.google.com/store/apps/details?id=gov.dhs.cbp.mobile.identify.global

#Android #Google #ICE #DHS #CBP #ACAB #privacy #surveillance

Damn, y’all, I’d have expected better from a trillion-dollar People Farmer that’s helping Israel commit genocide in Palestine…

Maybe we should talk to their Chief Ethics Officer or something?

#google #gmail #genocide #israel #Gaza #Palestine #fascism #technofascism #BigTech https://daveverse.org/2025/11/07/gmail-ai-gets-even-more-intrusive/

This week in #FDroid (TWIF) has a WiP title:

* you can't jam #Jami
* easier Latin script for #MakeACopy
* 3rd #ProtonPrivacy app, still not #ProtonMail (may we wait 10 more years for it to be #FLOSS)
* #Google has no issue with apps spying on you, as long as they pay
+ 21 new apps
& 182 updates
- 1 archived
~ 1 downgraded

Get your post Halloween scare: https://f-droid.org/2025/11/06/twif.html

So AI Datacenters are going to space...
https://research.google/blog/exploring-a-space-based-scalable-ai-infrastructure-system-design/?utm_source=www.theaivalley.com&utm_medium=newsletter&utm_campaign=google-just-announced-ai-data-centers-in-space&_bhlid=5e2e61362143e6c78c89f532f9f14026c4f9f983
#AI #datacenters #space #google

The great enshittification continues. Google is about to force its AI onto mobile users of Google Maps.

While it may improve Google's AI usage stats, it's hard to see this not going horribly wrong.

https://www.stuff.co.nz/travel/360877016/gemini-ai-transform-google-maps-more-conversational-experience

#GoogleMaps #Google #Enshittification

🎉 BIG WIN for small tech! 🎉

While #Apple continues to protect its #monopoly, #Google wants to settle the case with #EpicGames, allowing developers to:

✅ Link to outside payments
✅ Share direct downloads
✅ Skip Google’s 30% cut

Are we seeing a revival of "Don't be evil" after all?

More on Apple vs Epic Games: https://tuta.com/blog/apple-eu-dma-malicious-compliance

Alt...

News screenshot: Google and Epic Games reach settlement for antitrust lawsuit They're now asking the court to approve the proposal that would finally end their court battle.

More #spam from #Google Groups, because anyone can set up a group and upload their spam list to it. Wish there was a way to block Google Groups. People need to stop using Google and Gmail. I’m seriously considering telling the few work contacts I have who use Gmail to leave as I want to block all google.com and gmail.com addresses. The majority of anything from these two domains is spam.

Alt...

Another spam that has come through Google Groups, on a group I have never signed up to or heard of.

Google pulled the plug on Nest Thermostats, but you can now bring them back to life thanks to a community-led project that offers custom firmware to restore remote control and online functionality for these devices. #Google #Nest #OpenSource

No Longer Evil Thermostat
Breathe fresh life into your bricked Nest Gen 1 & 2, now with 100% less evil!
https://github.com/codykociemba/NoLongerEvil-Thermostat