Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
I just don't go by ratings period... too misleading, since u never know how the rating system is done.... (eg two stars after so many 2 star comments) etc...

There is nothing better than just reading any comment, and if there are none, u know its not a good app.

If users are downloading, i don't believe no one can be bothered to comment...
 
I've never seen more huzzah over a smaller issue...

First off, who the hell searches for apps for their iOS device on a PC, rather than (wait for it...) I don't know, maybe their iOS device??!!
I mean, I'm sure some do... but it's gotta be something like 2%.

Secondly, to even insinuate that Google is generating these errors purposefully (that do FAR more to besmudge their own reputation than some small developers, and have simply zero negative effect on their competitors, no matter how much some of you are grasping) is the very height of delusional paranoia.
 
  • Like
Reactions: fermat-au
I am hoping Apple would do a search engine. It would blow away all the other search engines as Google search sucks so bad most of the time I can't find what I am looking for. Just spam links that lead no where or posts like these copy and pasted on spam sites word for word. I been using Bing now as my main search and although it is not perfect it is way better than Google search.
 
I've never seen more huzzah over a smaller issue...

First off, who the hell searches for apps for their iOS device on a PC, rather than (wait for it...) I don't know, maybe their iOS device??!!
I mean, I'm sure some do... but it's gotta be something like 2%.

Secondly, to even insinuate that Google is generating these errors purposefully (that do FAR more to besmudge their own reputation than some small developers, and have simply zero negative effect on their competitors, no matter how much some of you are grasping) is the very height of delusional paranoia.

You're own bias is as unsupported as the opposite; some please me you're smugness.

Google has had a strong impact on those small devs, that's a fact and they deserve to as much flack as possible for that; why this happened could be incompetency or "evilness", but the impact is real.
 
You're own bias is as unsupported as the opposite; some please me you're smugness.

Google has had a strong impact on those small devs, that's a fact and they deserve to as much flack as possible for that; why this happened could be incompetency or "evilness", but the impact is real.

You misunderstand me, sir!
Respectfully... I noticed that the developers are small & DO recognize the impact that a huge company like Google can have (even when only seen by like 5% of possible customers, who most likely are searching the App Store for apps, NOT Google). However, the one and only point I am making is that it is quite obvious that this is a technical issue, not some kind of a malicious issue.
As we both agree... the impacted party is small developers & they clearly are not Google's competitors.
Therefore, it is the height of absurdity that Google would drag their own name through the mud, purposefully malign a company in a way that is VERY easy to recognize is incorrect & not sneaky or clever at all, and gain literally nothing from it.
It is the ramblings of a crazy person to insinuate such.
I am arguing MUCH more as to the reason than the impact. I think that, while Google should be held to a high standard... just like Apple is; it invalidates your arguments if you spout conspiratory nonsense.
 
I'm glad that Google has been "working hard" to find the solution.

"Google" (as in the press release people) would likely have no idea that the developer(s) were not "working hard" on a solution. They just report what they've been told by the developer's manager.

It took me less than 5 minutes to view the page source and see how Google's page scraping algorithm was interpreting an empty value in the App Store page as a minimum value. A trivial range checking error that even the barest minimum of testing should have caught, if Google actually cared.

Depends on the test cases, of course. Hindsight is always 20-20.

Some developer chose the wrong field to scrape -- and then the wrong way to present an empty value -- and is no doubt now getting heat over it.

Every developer has made a similar mistake, or will do so, at some point.

It's not like choosing the wrong field is something that could remain unnoticed for long.
 
  • Like
Reactions: dec.
"Google" (as in the press release people) would likely have no idea that the developer(s) were not "working hard" on a solution. They just report what they've been told by the developer's manager.

Depends on the test cases, of course. Hindsight is always 20-20.

Some developer chose the wrong field to scrape -- and then the wrong way to present an empty value -- and is no doubt now getting heat over it.

Every developer has made a similar mistake, or will do so, at some point.

It's not like choosing the wrong field is something that could remain unnoticed for long.

Do you know anyone who's been through a coding interview at Google? Or works / worked there?

Anyone who works there as a developer would need to perform at a level far above the skill level to get that right. Also, the same apples to code review / QA /etc... - which also "failed" to find this "bug" before it went live.

Accepting this as a normal "bug" is like accepting a raw/frozen hamburger patty in 50% of the happy meals you feed to your kids.

google is ****ting on iOS developers because nobody is writing apps for their mobile hemorrhoid platform.

But the mobile software industry is in a bit of a **** storm now anyway, and apple isn't helping by ******** on iOS developers in their own way either.
 
"Google" (as in the press release people) would likely have no idea that the developer(s) were not "working hard" on a solution. They just report what they've been told by the developer's manager.



Depends on the test cases, of course. Hindsight is always 20-20.

Some developer chose the wrong field to scrape -- and then the wrong way to present an empty value -- and is no doubt now getting heat over it.

Every developer has made a similar mistake, or will do so, at some point.

It's not like choosing the wrong field is something that could remain unnoticed for long.

Glad you came in there to the "rescue".
 
This will not benefit Google, googles business is still very much based in search results, if people loose faith in the accuracy of the results, they will use another search engine, with Google being the looser.

Just another bug.


Wow, you're sure trying hard aren't you. They will be sued for this. This is not excusable.

Ha ha ha ha !!!!! For a wannabe know it all, what a silly comment! Keep trying hard!
 
  • Like
Reactions: fermat-au
Some developer chose the wrong field to scrape -- and then the wrong way to present an empty value -- and is no doubt now getting heat over it.
Or, you know - the Store's way of presenting ratings has changed slightly - and Google simply haven't updated their scraper to reflect it.

Do you know anyone who's been through a coding interview at Google? Or works / worked there?

Anyone who works there as a developer would need to perform at a level far above the skill level to get that right. Also, the same apples to code review / QA /etc... - which also "failed" to find this "bug" before it went live.
Apple didn't find the GoToFail bug, despite its existence raising serious compiler warnings for years.

Stuff slips no matter your profession level - especially if its low-priority stuff.
 
Or, you know - the Store's way of presenting ratings has changed slightly - and Google simply haven't updated their scraper to reflect it.


Apple didn't find the GoToFail bug, despite its existence raising serious compiler warnings for years.

Stuff slips no matter your profession level - especially if its low-priority stuff.

Wasn't that bug in an open source library? Many people actually had it because of that.
This is in Google's own code.
 
Wasn't that bug in an open source library?
The code was/is open source and is part of the Darwin Kernel. The library in question is owned, and only used by Apple.

Many people actually had it because of that.
Don't confuse it for Heartbleed, a bug found shortly after in OpenSSL - a different library for the same purpose. That library is present mostly in Linux / Server software. However, Heartbleed's issue was an overrun, which isn't detected by compilers.

As for number, keep in mind that as GoToFail affected the OSX / iOS kernel, any app on those platforms that used native networking APIs were vulnerable to the GoToFail bug. That means Mail, Safari, Facebook, Bank Apps, IM apps, etc etc.
 
Last edited:
The code was/is open source and is part of the Darwin Kernel. The library in question is owned, and only used by Apple.


Don't confuse it for Heartbleed, a bug found shortly after in OpenSSL - a different library for the same purpose. That library is present mostly in Linux / Server software. However, Heartbleed's issue was an overrun, which isn't detected by compilers.

As for number, keep in mind that as GoToFail affected the OSX / iOS kernel, any app on those platforms that used native networking APIs were vulnerable to the GoToFail bug. That means Mail, Safari, Facebook, Bank Apps, IM apps, etc etc.

Checked when the bug was found out,; the IOS 7.0.6 release basically came out about same time the bug came to light.
OSX was vulnerable a bit longer, but you could avoid the issue by using an alternative browser (something you could not have done on IOS at the time, since I believe everybody was using Apple's engine).

Essentially a problem if on a WIFI net you don't own AND know (like someone setting an access point in a mcdonals and spoofing the look of McD's landing page) and did a secure connection on such net while someone was doing a man in the middle attack on this vulnerability.

Notice how few bugs have happened in the last 8 years and how few are still in most phones now.

Google has had a litany of massive security bugs, most have not been fixed btw; some exploits are on 1B phones right now! So, not even sure what's the point here. If anyone has lazy coders (or they don't care what they put out); it's Google and this is just one more drop on top of the massive pile of dung they put out.
 
Anyone who works there as a developer would need to perform at a level far above the skill level to get that right. Also, the same applies to code review / QA /etc... - which also "failed" to find this "bug" before it went live.

Don't even get me started on the difference between experienced people, and cheaper younger programmers who look good on paper.

I can't count the number of times I've seen a smart new programmer fail to correctly compensate for a null value. Or my favorite: treating a zip code as a number instead of a string.

Accepting this as a normal "bug" is like accepting a raw/frozen hamburger patty in 50% of the happy meals you feed to your kids.

Considering that only about a dozen developers complained on the Google forum, it's more like one out of every 100,000 apps or 0.001%.

What's weird is that some of the comments in the same developer threads were about trying to get Apple to help out:

Nov 3 - Senior Apple Advisor responds, "We’ve actually seen a few cases like this as well from other developers. It appears that if your application for its current version does not have enough ratings to display an average, Google’s search results displays the “null” item as a one star rating." and then, "We’ll have to wait to hear back from Google to see if they have any additional input as well."

Nov 18 - developer contacts Apple again, who says, "Right now we do have internal teams working on this issue and we are awaiting a response as soon as they are able to provide a resolution. I will be happy to follow up with you at that time."

Heh. Apple has "Teams working on" it. That's just PR like Google's "working hard on a solution."

Nov 19 - developer urges Apple to contact Google again. Apple rep says he did so, commenting, "Hopefully this information will get to the appropriate team and Apple and Google can get this oddity ironed out."

Another developer comments that that this is "Not exactly reassuring. I feel like Apple should be more concerned about this, considering it could be discouraging people from purchasing our apps and cutting into their revenue as well."

Dec 3 - another developer expresses concern that nothing seems to be happening: "Why is no one talking about this? Google is damaging our brand and Apple is too busy selling jewelry to help us."

Dec 4 - Google Help Forums Manager posts that a fix is on the way and all should be good by mid next week.

Ultimately I think it shows that Google needs to pay more attention to user feedback, and respond quicker. (Pretty much the same complaint that Apple users have on Apple support forums.)

google is ****ting on iOS developers because nobody is writing apps for their mobile hemorrhoid platform.

That idea doesn't make sense at all, as the one star rating is based off the relatively rare event of someone's app having less than five reviews, not whether that app is available on both Android and iOS.

As I also pointed out, it's not a subtle bug either. It's something that would be noticed right away by those affected. Hardly the hallmark of a secret conspiracy.

-- REALITY CHECK:

The basic bug is that for whatever reason, Apple does not provide an average rating value until an app has at least five (5) reviews. So, rather than put zero stars, they put a null value. Someone at Google coded things so that null values got at least one star, when what they should've done is print "Not enough reviews available"... assuming that is, that the developer was aware of this review anomaly. If it was only tested on popular apps or ones that had not been very recently updated, the bug would not have shown up.

In the end, it took about a week for people to figure out the bug was real, another two weeks to contact the right people, and two weeks to create, test and deploy a fix. That's about normal time for such a bug. (There's rarely such a thing as a larger corporation testing and putting out a single fix... an update usually means that more than one fix has to be tested at the same time.)

Anyway, these things happen, no matter what the company. It's like when someone at Apple mistakenly (lazily) coded the iOS location cache to keep growing. Remember the anti-Apple conspiracy fest that followed? I said people should take off their tin foil hats then, too.
 
Last edited:
Noticed this with all the Osmo apps which are highly rated but show as one in google. I can see how this would have those apps lose potential customers.
 
Checked when the bug was found out,; the IOS 7.0.6 release basically came out about same time the bug came to light.
Issue wasn't how long it took to fix; but the sheer number of failures that had to happen for this bug to be possible in the first place. The bug was total amateur hour, and demonstrated the complete absence of basic security auditing, proper use of their toolset, and proper coding practice. And its especially worrying that this occurred in critical code. In many environments, unreachable code warnings are elevated to errors - causing the compile to outright fail.
Essentially a problem if on a WIFI net you don't own AND know (like someone setting an access point in a mcdonals and spoofing the look of McD's landing page) and did a secure connection on such net while someone was doing a man in the middle attack on this vulnerability.
No, its also a problem in that it allows any website to spoof another. You can MITM locally, but you could also do it on the ISP level. This is exactly the type of bug/exploit NSA could've used for eavesdropping (if you're concerned about that).
 
Issue wasn't how long it took to fix; but the sheer number of failures that had to happen for this bug to be possible in the first place. The bug was total amateur hour, and demonstrated the complete absence of basic security auditing, proper use of their toolset, and proper coding practice. And its especially worrying that this occurred in critical code. In many environments, unreachable code warnings are elevated to errors - causing the compile to outright fail.

No, its also a problem in that it allows any website to spoof another. You can MITM locally, but you could also do it on the ISP level. This is exactly the type of bug/exploit NSA could've used for eavesdropping (if you're concerned about that).

You probably think I dropped off the boat; been in the industry for 30 years.
And like I said Google has done crap like that 1000 times over provably.
This is a thread ABOUT GOOGLE ISN'T IT.
So, the deflection is not mine, but from people in this thread like you.
As for, ISP level... Good grief!
First time I've read that one as plausible and I've just read briefs on that bug just now.

That's all I'll say about that because we're already off topic.
If you want to blab about Apple's deficiencies, do it in the proper thread...
 
Don't even get me started on the difference between experienced people, and cheaper younger programmers who look good on paper.

I can't count the number of times I've seen a smart new programmer fail to correctly compensate for a null value. Or my favorite: treating a zip code as a number instead of a string.



Considering that only about a dozen developers complained on the Google forum, it's more like one out of every 100,000 apps or 0.001%.

What's weird is that some of the comments in the same developer threads were about trying to get Apple to help out:

Nov 3 - Senior Apple Advisor responds, "We’ve actually seen a few cases like this as well from other developers. It appears that if your application for its current version does not have enough ratings to display an average, Google’s search results displays the “null” item as a one star rating." and then, "We’ll have to wait to hear back from Google to see if they have any additional input as well."

Nov 18 - developer contacts Apple again, who says, "Right now we do have internal teams working on this issue and we are awaiting a response as soon as they are able to provide a resolution. I will be happy to follow up with you at that time."

Heh. Apple has "Teams working on" it. That's just PR like Google's "working hard on a solution."

Nov 19 - developer urges Apple to contact Google again. Apple rep says he did so, commenting, "Hopefully this information will get to the appropriate team and Apple and Google can get this oddity ironed out."

Another developer comments that that this is "Not exactly reassuring. I feel like Apple should be more concerned about this, considering it could be discouraging people from purchasing our apps and cutting into their revenue as well."

Dec 3 - another developer expresses concern that nothing seems to be happening: "Why is no one talking about this? Google is damaging our brand and Apple is too busy selling jewelry to help us."

Dec 4 - Google Help Forums Manager posts that a fix is on the way and all should be good by mid next week.

Ultimately I think it shows that Google needs to pay more attention to user feedback, and respond quicker. (Pretty much the same complaint that Apple users have on Apple support forums.)



That idea doesn't make sense at all, as the one star rating is based off the relatively rare event of someone's app having less than five reviews, not whether that app is available on both Android and iOS.

As I also pointed out, it's not a subtle bug either. It's something that would be noticed right away by those affected. Hardly the hallmark of a secret conspiracy.

-- REALITY CHECK:

The basic bug is that for whatever reason, Apple does not provide an average rating value until an app has at least five (5) reviews. So, rather than put zero stars, they put a null value. Someone at Google coded things so that null values got at least one star, when what they should've done is print "Not enough reviews available"... assuming that is, that the developer was aware of this review anomaly. If it was only tested on popular apps or ones that had not been very recently updated, the bug would not have shown up.

In the end, it took about a week for people to figure out the bug was real, another two weeks to contact the right people, and two weeks to create, test and deploy a fix. That's about normal time for such a bug. (There's rarely such a thing as a larger corporation testing and putting out a single fix... an update usually means that more than one fix has to be tested at the same time.)

Anyway, these things happen, no matter what the company. It's like when someone at Apple mistakenly (lazily) coded the iOS location cache to keep growing. Remember the anti-Apple conspiracy fest that followed? I said people should take off their tin foil hats then, too.

Really? You sound like the typical non-software tech person who only thinks they how software development happens, without actually understanding anything about it. This is because you are "rationalizing away" the larger issues behind google's bug.

I've been working as a professional software engineer for over 28 years, with over 10 years in an ISO 9000 certified organization so I know about how software bugs happen.

When you state "Someone at Google..", you clearly communicate that you have no knowledge about software development. Google is a large software organization, there is no ONE person that has total responsibility for ANY piece of production code. If that wasn't the case, it wouldn't take 2+ weeks to get a software fix to production because that same "Someone" could have just typed in the fix.

Given google's position in the industry, this bug is appalling. It never should have happened. Assuming a value for a condition that clearly states no value (null), is clearly a concept from a CS101 level class. This was never Apple's bug.

But with the hope you can understand all this, I'll return to my raw meat Happy Meal analogy, taken a bit farther: You decided to feed it to you kid anyway, because as you said "these things happen". So now you kid has been in the ER for the last 12 hours - the nurse reported several hours ago that after vomiting for a few hours, your kid was finally sleeping. But the doctor just walked into the room with bad news: turns out that someone hooked up a heart monitor incorrectly (you know, one of those cheaper younger people), but the monitor displayed a normal heart rate when indeed no signal (null) was received. Your kid's heart probably stopped hours ago but the corner will establish an approximate of death time based on the body temp when they ship it to the morgue. It's already quite cold now, so the doctor gives you a rough estimate that your kid flatlined at lest 4 hours ago, so they didn't bother to attempt any resuscitation. So the corner should be finished in about an hour, so please arrange for a funeral director to pickup the body. You shrug your should thinking "these things happen" as you thumb through the phone book looking for a funeral home.
 
I've been working as a professional software engineer for over 28 years, with over 10 years in an ISO 9000 certified organization so I know about how software bugs happen.

Look under my avatar. I'm more experienced. Heck, I homebrewed my first analog computer in 1965, and took my first university programming courses at UNC in 1971. Likewise about fifteen years ago, I was the ISO9000 implementer for an R&D lab at one of the country's largest telecoms. I know what it means and does not mean.

I also know (as any programmer does) that yes, a single person can make a mistake that ends up being released.

Given google's position in the industry, this bug is appalling. It never should have happened. Assuming a value for a condition that clearly states no value (null), is clearly a concept from a CS101 level class. This was never Apple's bug.

Of course it SHOULD have never happened. However, the REALITY is that such idiotic bugs DO happen more than they should.

Unless you also want to claim that companies like Apple have never constantly let out ridiculously easy to-test-for bugs (*cough* daylight savings time glitches *cough*). Not to mention even far stricter places like NASA and their infamous imperial vs metric goof that cost an entire Mars probe.

Moreover, ISO 9000 certification doesn't change that reality. The sheer fact that you tried to bring up that as some magical fixer, makes me wonder if you're a manager instead of a coder. Because a coder knows better than that.

Look, we understand that you're angry that your iOS apps showed up with single stars for a few weeks, but you're grasping at straws to turn a coding screwup into a conspiracy -- without providing the faintest realistic reason why such a conspiracy would even be attempted, especially since it could only work for a short while at most.
 
You probably think I dropped off the boat; been in the industry for 30 years.
You've been in the industry for 30 years and you're unfamiliar with the 2014 SSL incidents? Heartbleed and GoToFail should both be known to anyone in the industry since they put serious doubt in the popular assumption that because its open source, someone has reviewed it. GoToFail especially did this because of how trivial the bug was to detect, and how widely used the affected library was. The question raised: If something that easy and popular went undetected for so long, what else are we missing?

Heartbleed was the nail that within just a month confirmed it. Those reviews weren't taking place.
As for, ISP level... Good grief!
Not ideally worded, true - but you should still understand the threat. Any machine could present a certificate claiming to be someone else. The user could be attacked through bad links "BankOfAamerica.com", DNS poisoning, or questionable routing. The first requires some user error, true, but the latter are invisible to the user. And questionable routing incidents occur more often than you think.

If you understand how certificates work, you should understand the attack vectors.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.