First a note, it seems as if I never blogged about the 10.1 update, information on those changes can be found in the release notes on the Vespucci website.
The beta release of 10.2 that is now available in the beta channel on the google play store, or from the releases on github does not change an awful lot that is end user visible outside of a new upload UI, however there are two core changes that I want to touch on quickly.
Historically Vespucci has only supported using the on-device GPS location provider, or nothing at all. That meant that you were unable to get a rough location approximation on devices that didn’t have onboard GPS, or that had GPS disabled for example to reduce power requirements. The main reason for this is that on the one hand we wanted to avoid location information potentially tainted by your devices Android provider and avoid our users position being tracked by them.
We now support using so-called “network” location providers, that is location sources that derive your position from the mobile network, WLAN and other signals your device is receiving. If you’ve enabled such providers on your phone, more on that later, Vespucci will use all available providers for centering the map display on your position and for auto-downloads, tracks will still exclusively be generated from GPS data.
The change in opinion is mainly due to less and less people caring about such matters and at least google tracking in any case (see for example https://www.theverge.com/2017/11/21/16684818/google-location-tracking-cell-tower-data-android-os-firebase-privacy), further allowing such providers enables better indoor positioning which is a clear advantage.
If Vespucci detects that network positions can at least potentially be used, it will display this icon
instead of the classic GPS icon on the screen and will alert you to which provider it is currently using via toasts (the short on-screen messages).
Modern devices running a google variant of Android have three location mode setting (besides turning location services completely off):
Vespucci does not use the Google play servers “fused” location service and remains usable independent of if you are running it in a Google sanctioned environment or not.
Given the push for more and more services on the Internet to be accessible only via encrypted transport (https) Android apps are faced with two challenges:
In the end I decided to address these issues by migrating all the networking code to OkHttp that we’ve already been using for some things, for example for map tile retrieval since 10.1. As OkHttp exposes a different programming model and it didn’t require massive changes, it wasn’t a drop in replacement and we appreciate all feedback on the changes as some aspects of the networking code are difficult to test automatically.
Comment from Glassman on 18 March 2018 at 16:22
And in today’s news “North Carolina Police Issued Sweeping Warrants to Search Data On All Google Devices Near Murder Scene”
Comment from SimonPoole on 18 March 2018 at 17:28
@Glassman I particularly like “..an anonymized string of numbers unique to each device…”, now obviously the police could obtain similar, likely not quite as good information from the mobile network operators, and in the case of actual crimes it is likely that nobody would seriously object to that being possible.
The real problem is a private company, operating multiple monopolies in different areas of business, has unfettered access to such information.
Comment from Glassman on 19 March 2018 at 01:52
I should have added a disclaimer. I enable high accuracy, gps, wifi, cell and bluetooth, on my android.
The real problem is a private company, operating multiple monopolies in different areas of business, has unfettered access to such information. We have been reading about Cambridge Analytica this weekend. I’m not surprised, just saddened.
Comment from n76 on 30 March 2018 at 17:33
FWIW, the microG provides an open source replacement for part of the Google services found on Android phones. The network location provider portion of that uses a plug-in architecture and there are a number of “backends” that you can use including some that use on-phone databases with no communication to any provider.
Comment from SOSM on 30 March 2018 at 19:00
@n76 but the sad fact is that irl it only works on phones with non-google non-amazon versions of Android or rooted devices (originally there was a plan to provide a direct interface to the microg backends, but given that there are a fixed number of hours per day and nobody volunteered to take it on as a project, I’ve dropped it). Naturally if you can actually get it to work on your device there are no issues with using it now.
Comment from SimonPoole on 30 March 2018 at 19:01
@n76 upps sorry wrong account.