considering how much they are spending in R&D, and that the are building and using real prototypes, they deserve patents. this isn't someone patenting shapes and colors.

they want in cars for the same reason they want in phones, on your wrist, on your desktop, on your thermostat, and so on. they want you using google services, and thereby looking at google ads.

cars will be web / internet enabled. they want to control that experience. even if they aren't showing you ads in the car, they want to you using google maps (or whatever) in the car so you'll be more likely to use google maps, and other google services everywhere else. e.g., they make some money from licensing google apps for android, but it's really about getting / keeping people using google search.

sure, there are of course individual ad campaigns that fails, but this isn't how you come to that understanding.

while i'm not a professional "pollist", this seems tremendously flawed. first, advertising's effects are largely on the subconscious. it's not like you see an add for mcdonald's and think out loud to your self "i'm going to get some mcdonalds". it's more like you see 500 ads for mcdonalds where multicultural hipsters are hanging out and having fun eating mcdonalds on youtube and the next time you are driving through a pack of fast food restaurants, your familiarity with mcdonalds makes you lean one way. it's why restaurants like mcdonalds, burger king, taco bell, applebees, dennys, and so on make so much $. it's not because they are good, it's because people are familiar with them (usually combined with them not being terrible).

second, people like to think they are individuals with free will. if you ask them if they are driven to purchase goods and services by ads, of course they are going to say no.

advertising WORKS. you can see this by the fact that companies continue to up their spending, hundreds of billions year after year. if there's one thing i do know, it's that corporations like money. they wouldn't continue to shell out greater and greater sums every year if they weren't measuring positive results.

no flagship phone released in the last year has 1280x700-ish resolution.

regardless. you can't be a newcomer and expect people to pay the price that they're paying for established, loved brands. it's the same mistake made early on by android tablet makers. they released tablets that cost as much as an iPad. however, when people want an iPad, they're going to by an iPad if everything else is about equal (price, etc). the newcomer has to lure you in with lower prices or massively better specs (which is almost impossible).

sideloading an APK is not incorporating Google Play.

your software should never even have the data at all. it should be coming off a card read encrypted and going straight to the payment processor in that fashion. if you ever keep unencrypted card data around, even if it's only in the memory of your device, it's trouble (that's how target got hit ... something was scanning their memory for things that looked like credit card data).

and there's a lot more to it than that, not the least of which is ensuring that the hardware itself cannot be tampered with / hacked to access the CC data prior to it being encrypted.

taking payments is a dangerous business. if you are small time it's safer to accept paypal for some other payment method that doesn't involve you handling customers' data.

if you didn't know the answer to that, you really should not be writing such software.

it's looking like chip & signature, not PIN. CC companies are worried that people will not remember their PIN and therefore spend less.

it's a matter of attack vectors. using SuperSU adds one more.

also, i'm willing to bet that the linux kernel gets a little more scrutiny and testing than your SU app. then again, it's much more code.

well, i guess they cannot exist then. i stand corrected.

UH, sandbox is only one of many possible attack vectors to compromise an app. what if it simply had a back door? have you inspected the source?

the issue is that you are opening a hole where there was none. it's the same reason that IT depts lock down all sorts of ports on a firewall. sure, leaving port 21 open isn't a problem, as long as you trust ssh. the problem however is that ssh is software that is subject to having bugs and being hacked. the answer is that you don't even open port 21 in the first place.

no. it's the difference between a brick wall and a brick wall with a locked door in it. if you really don't want anyone to get in, you don't put a door in the first place, because a door has a locked that can be picked.

your "su" app is just software and is subject to bugs like any other. i love it how people don't trust google, but they trust the guy who wrote an "su" app in his mom's basement.

if you don't trust google enough to at least try and protect your data, what the heck are you doing running an android device in the first place? do you really think your little "su" app is going to keep your device from sending your data back to google? now that's foolish.

it comes down to motivations. google makes money when users trust them. leaking your personal data is counter productive to that end. on the other hand, the guy you wrote your "su" app has very little motivation (or resources for that matter) to protect your personal security. your "su" app is just software and it's as fallible as any other software.

the way google decided to execute permissions is flawed, but rooting your device just makes it worse.

it's not installing XPrivacy that's the problem, it's rooting it in the first place.

please take a non-rooted phone and try to obtain root permissions. you can't. so no, apps absolutely cannot obtain root permissions on a non-rooted device.

the thing that gatekeeps root is just software like anything else. it can have bugs. putting the security of your entire device into the hands of software that some guy wrote on nights and weekends doesn't seem like a great idea.

with a sandbox, malicious apps can phish and phone home, but they can't read other app's data. once you have root, you can do anything. inspect memory. sniff the network. whatever. the stakes are much higher.

yes, and of course android's OS can have bugs as well, but it's a large company with massive resources and a lot to lose if they fail. their financial success relies upon them not f'ing up security. that's a strong motivator.