Android Also Comes With a Kill-Switch

Aviran writes "The search giant is retaining the right to delete applications from Android handsets on a whim. Unlike Apple, the company has made no attempt to hide its intentions, and includes the details in the Android Market terms and conditions, as spotted by Computer World: 'Google may discover a product that violates the developer distribution agreement... in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion.'"

oh well...

[Coraon]

and here I was looking forward to this phone for the reason I would be able to add whatever apps I wanted. Google please do not become apple.

Re:oh well...

[jcmb]

I was looking forward to this phone for the reason I would be able to add whatever apps I wanted

I believe this only applies to apps installed from Android Market. I think it's safe to assume you can still manually install programs that you already have a copy of the installation/application file.

Sounds like their marketplace only?

[AvitarX]

"Developer Distribution Agreement" Sounds like it applies to their marketplace.

We are still going to be allowed to install our own apps though right? I hope so, and from what I can tell from TFS it won't apply there.

Android is not Open

[Microlith]

People go on and on about how Android is Linux based and Open Source, but it's not. The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so. Tivo, all over again.

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control. Sure the developer agreement is not quite as onerous as the one Apple uses, but it's certainly just as controlling when necessary.

And, sadly, so long as the cell carriers are seen as the customers of these phones, we'll only get more user-hostile phones that implement every security measure they can to keep you from doing what you want with your hardware.

Re:Android is not Open

[Lonewolf666]

People go on and on about how Android is Linux based and Open Source, but it's not. The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so. Tivo, all over again.

So the phones sold to the end user are Tivo-ized in this case.
But this still leaves room for another hardware vendor to make a non-tivoized Android phone. That would restore the "open".

Re:Android is not Open

[BrokenHalo]

The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices.

This is something I find very tiring about mobile phones. They all want to force you into using their proprietary, usually Windows-only, kludgy and buggy computer interfaces, and make it as hard as possible to replace branding on devices one has paid cash for.

Fortunately in my case (I use a Motorola Razr2 V9) I can just pull the micro-SD card to transfer material back and forth, having spent some time when I first got the machine getting rid of the Telstra branding. Since then, I have mostly left it alone.

Trouble is, all these shenanigans limit the usefulness of the device, which is why I still pretty much only use it to make phone calls and text messages, both of which could be done by a much more basic phone.

Re:Android is not Open

[not+already+in+use]

People go on and on about how Android is Linux based and Open Source, but it's not.

Well actually, it is. You can browse, download and make changes to the source. It is also clearly Linux based.

The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so

Ohhh, Ok. I see what you're getting at. The device itself isn't open. The Android license clearly permits this, and it allows the providers to have a branded OS for their phone. But who says you couldn't replace it with a vanilla version? I can do that on my blackberry.

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control. Sure the developer agreement is not quite as onerous as the one Apple uses, but it's certainly just as controlling when necessary.

Yes, it's a big conspiracy. It has nothing to do with the fact that creating apps using managed code is more reliable, secure and consistent. It has nothing to do with the fact that giving any old app direct kernel access would have huge security implications. They're just out to get you.

And, sadly, so long as the cell carriers are seen as the customers of these phones, we'll only get more user-hostile phones that implement every security measure they can to keep you from doing what you want with your hardware.

Android itself is open, it's the hardware in this particular case that is closed. It's not as if an open handset doesn't exist, either. There is nothing stopping the community from adapting Android to existing open hardware, or creating a new open hardware platform specifically for android.

What boggles my mind is when the tinfoil brigade rolls through and gets upset that a consumer phone doesn't have direct kernel access or some crap like that, as if 99.999% of the target demo even gives a shit.

Open source doesn't mean an open system.

[argent]

As I suggested in a previous thread, it sounds like the Android won't be an open smartphone like a Palm, Nokia, or Windows Mobile device. It's in the same almost-a-smartphone category as the iPhone.

Re:Only for Google App Store applications

[Locklin]

Really, it makes sense. Imagine 2 million people download "punch a monkey" via the Google store. The malware, not surprisingly, racks up data access fees for customers. Who will get blamed by customers? Google. Seems like a good idea to have a way to kill it, particularly if customers are free to install from other, more "risky" repositories if they wish.

Hands up if you don't like this...

[myxiplx]

... now, hands down if you're a malware writer.

Come on folks, how exactly this is news? One of the major advantages of a central repository for software is that you do have that central control, so you can require programs to be of a reasonable standard and can also disable malware or abusive software that makes it on there. It's a big advantage distributions like Ubuntu have over Windows.

*If* Google were to abuse this like Apple have done then yeah, it'll be bad. Until then it's just common sense.

Re:Hands up if you don't like this...

[TubeSteak]

One of the major advantages of a central repository for software is that you do have that central control, so you can require programs to be of a reasonable standard and can also disable malware or abusive software that makes it on there.

If Google is fully in control of their central repository, why don't they screen everything before it gets to the end user?

Re:Hands up if you don't like this...

[uberlinuxguy]

One of the 'control' mechanisms that central repositories like Ubuntu and other Linux OS'es have is that the software that is added to the repository is vetted. The repository admins and the community behind the repository 'audit' the programs before they are added to the repository. Once they are deemed safe, they are signed and added. This removes the need for remote deletion privileges. A simple QA process for incoming software would help instead of saying that they could delete software from your phone.

When was the last tiem your Ubuntu system deleted a piece of software because the admins said it should?

Re:Hands up if you don't like this...

[fractic]

If Google is fully in control of youtube, why don't they screen every video?

Re:Hands up if you don't like this...

they didnt. he's just a troll trying to convince himself it's different now that google are doing THE EXACT SAME THING Apple copped a beating over

"On a whim"

[qoncept]

"violates the developer distribution agreement ... in such an instance, ..." != "on a whim"

Cell phone network is not Open

[itsdapead]

If someone really wants to produce a fully open, Four Freedoms-safe, Stallman-friendly cellphone, they'll have to set up a fully open, Four Freedoms-safe, Stallman-friendly network to run it on. Which probably means someone kindly donating a few squillion for the infrastructure.

The internet got close to that by starting off below the radar. The comms companies will not let that happen again.

Re:Only for Google App Store applications

[Hatta]

If you have a problem with this "kill switch", shouldn't it be trivial to comment out the relevant portion of the code, recompile it and load it on your phone?

Obligatory TNG reference...

[Etcetera]

Data: If you had an off switch, Doctor, would you not keep it a secret?

Re:Only for Google App Store applications

[itsme1234]

"Really, it makes sense. Imagine 2 million people download "punch a monkey" via the Google store. The malware, not surprisingly, racks up data access fees for customers."

We had PRECISELY this for Windows Mobile (and for mostly all platforms excluding iPhone) for many, many years. NOTHING of consequence happened. Yes, there was a Symbian worm that would spread itself via MMS and it would rack up your bill but it is only fitting. We had before that windows zombies that would dial-up premium numbers with the same result. Nothing REALLY big happened.
There is something wrong when the trust and the tools provided by Microsoft seem "too much" and "too liberal" to be allowed for our own good.

First phone

[AndrewNeo]

Everyone's complaining, but this is only the first phone ever released with Android. Any lockdown with the G1 is by T-Mobile. Nothing's stopping another carrier from getting a model built that doesn't have these problems, or HTC selling unlocked versions.

Re:Only for Google App Store applications

[Poltras]

Sure, you can link your PC to your phone through USB, but IIRC there is no software available on the PC to exchange data/software with your phone (iTunes like). I might be mistaken though. If you know the answer, please confirm/correct me.

Also, please note that you can install applications on your iPhone without getting it from the App Store (adhoc distribution), though it is limited (developer still has to be approved by Apple and get valid certificates).

soforkit

[Gewalt]

So take the OS source, fork it, and update your phone. There, kill switch is gone.

Re:soforkit

[nmg196]

If HTC (or any hardware manufacturer) let you install completely bespoke firmware images on your phone, then they'd have no control over what code you ran on the phone. You could accidentally or intentionally create firmware images which crashed or disrupted the phone networks they were connected to. The network operators would then be very quick to block all Android phones and the handset makers wouldn't be able to sell them anymore - Androids name would turn to mud. I'm pretty sure the firmware images have to be signed by the hardware manufacturer or all hell would break loose.

Re:soforkit

[characterZer0]

Security rule #1: don't trust the client.

Re:soforkit

[Microlith]

There's a reason the baseband firmware and the application firmware (Android) tend to run on seperate CPUs with seperate RAM and flash storage. These then connect to the system via a serial or USB link.

There's no real good reason to not let users update their own user space firmware with whatever they want other than the simple reasons of DRM and user-control.

Re:soforkit

[Gewalt]

Your comment doesnt actually make any sense. If the network was so unstable, people would be crashing it for fun out of their own garages. You don't need a handset to cause the type of chaos you're worried about here. Disregarding your paranoia, why would HTC care what software a customer runs on their purchased hardware? Oh, right. Cause HTC doesnt sell to consumers, it sells to telcos. The telco doesnt want to lose control, so the telco is the one demanding these lockin capabilities.

Re:soforkit

[cjb658]

If HTC (or any hardware manufacturer) let you install completely bespoke firmware images on your phone, then they'd have no control over what code you ran on the phone. You could accidentally or intentionally create firmware images which crashed or disrupted the phone networks they were connected to. The network operators would then be very quick to block all Android phones and the handset makers wouldn't be able to sell them anymore - Androids name would turn to mud. I'm pretty sure the firmware images have to be signed by the hardware manufacturer or all hell would break loose.

The same is true of any PC.

Re:soforkit

[HansF]

They won't let you. This is the reason GPLv3 is important.

Re:soforkit

[Stewie241]

out of curiosity... and to raise the point... what would happen if the phone OS contracts a virus and starts sending rampant text messages all over the network? or sends spews and spews of data?

That could potentially be very costly to the subscriber - whose responsibility is that?

Re:soforkit

[Gewalt]

Is your telco signing your paycheck, or the other way around?

Re:soforkit

[fedcb22]

And you think that such a virus wouldn't be able to disable the kill switch?

Re:soforkit

[Chandon+Seldon]

How? With what tools?

Hobbyists generally have access to basically the same tools that professionals do. If my goal was to replicate a cellphone signal today, I'd probably set up some sort of software radio (like http://www.gnu.org/software/gnuradio/) - which happens to be exactly how some of the cellphone base stations work now.

In some areas, like nuclear power, hobbyists *have* been effectively excluded by denying them access to supplies. Note how nuclear power has improved only slightly and not gotten any cheaper at all over the last 50 years. Compare that to digital computers, where the [ hobbyist to small business founder to industry changer ] path has been alive and well for the same time period.

Not only do hobbyists *have* the right to tinker, you don't want that right messed with even if you don't tinker yourself... in the long term, it's everyone who suffers from the suppressed innovation.

Re:soforkit

I believe "Don't trust anyone" is a better way to think.

Or maybe that's paranoia...

Shove it up then

[unity100]

i was waiting for android to come out, holding on purchasing another phone. for some godforsaken reason, i dont know why, i was thinking that since google was doing it, android would be better, since they have been sufficiently reliable on the web.

now i find out that an external company is going to control what i do on MY phone if i buy android, regardless of it is google or not.

the most polite thing i can say to google on it, after making me wait like this and popping that crap - shove it up your butt, where it belongs. also pay my respects to the brainless moron who thought that this kind of policy was a good idea.

*sigh*

[Vegeta99]

I guess I'll have to stay with the open (as in playground) solution, Windows Mobile...

I almost have an aneurysm saying that, but hey, it works. M$ can't delete MY software and neither can AT&T =)