Android Also Comes With a Kill-Switch

Aviran writes "The search giant is retaining the right to delete applications from Android handsets on a whim. Unlike Apple, the company has made no attempt to hide its intentions, and includes the details in the Android Market terms and conditions, as spotted by Computer World: 'Google may discover a product that violates the developer distribution agreement... in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion.'"

oh well...

[Coraon]

and here I was looking forward to this phone for the reason I would be able to add whatever apps I wanted. Google please do not become apple.

Re:oh well...

[jcmb]

I was looking forward to this phone for the reason I would be able to add whatever apps I wanted

I believe this only applies to apps installed from Android Market. I think it's safe to assume you can still manually install programs that you already have a copy of the installation/application file.

Sounds like their marketplace only?

[AvitarX]

"Developer Distribution Agreement" Sounds like it applies to their marketplace.

We are still going to be allowed to install our own apps though right? I hope so, and from what I can tell from TFS it won't apply there.

Re:Sounds like their marketplace only?

[djtachyon]

Yes! I talked with a Google Employee on the Android IRC Channel. You can still install applications yourself just like you do with the Android SDK Device Emulator. This is simply to prevent evil-doers from using the Marketplace as a mass-distribution network. Google still does not have an application approval system or take a cut from the developers.

These media outlets needs to stop blindly copy-and-pasting each other and learn a little bit about Android. Google could probably also get off it's ass and do a little marketing and customer awareness work.

Only for Google App Store applications

[Macthorpe]

Yawn, yet another inflammatory Slashdot article.

The search giant is retaining the right to delete applications from Android handsets on a whim

Good use of 'whim', makes it seem utterly random rather than based on a particular criteria.

Yes, they can remove apps you buy at the App Store from your phone. Unlike Apple and the iPhone however, you can get applications from other places that aren't subject to the kill-switch.

Re:Only for Google App Store applications

[Kuj0317]

I was wondering about this... Is there confirmation that users will be able to (easily) load their own apps onto the phone? To the best of my knowledge, the HTC phone does not have a supporeted way of linking the phone to your PC.

Re:Only for Google App Store applications

[Locklin]

Really, it makes sense. Imagine 2 million people download "punch a monkey" via the Google store. The malware, not surprisingly, racks up data access fees for customers. Who will get blamed by customers? Google. Seems like a good idea to have a way to kill it, particularly if customers are free to install from other, more "risky" repositories if they wish.

Re:Only for Google App Store applications

[Hatta]

If you have a problem with this "kill switch", shouldn't it be trivial to comment out the relevant portion of the code, recompile it and load it on your phone?

Re:Only for Google App Store applications

[itsme1234]

"Really, it makes sense. Imagine 2 million people download "punch a monkey" via the Google store. The malware, not surprisingly, racks up data access fees for customers."

We had PRECISELY this for Windows Mobile (and for mostly all platforms excluding iPhone) for many, many years. NOTHING of consequence happened. Yes, there was a Symbian worm that would spread itself via MMS and it would rack up your bill but it is only fitting. We had before that windows zombies that would dial-up premium numbers with the same result. Nothing REALLY big happened.
There is something wrong when the trust and the tools provided by Microsoft seem "too much" and "too liberal" to be allowed for our own good.

Re:Only for Google App Store applications

[kaputtfurleben]

I would expect most people to get angry at the carrier for not notifying them of abnormally high data usage.

Re:Only for Google App Store applications

[Poltras]

Sure, you can link your PC to your phone through USB, but IIRC there is no software available on the PC to exchange data/software with your phone (iTunes like). I might be mistaken though. If you know the answer, please confirm/correct me.

Also, please note that you can install applications on your iPhone without getting it from the App Store (adhoc distribution), though it is limited (developer still has to be approved by Apple and get valid certificates).

Re:Only for Google App Store applications

[aristotle-dude]

"Really, it makes sense. Imagine 2 million people download "punch a monkey" via the Google store. The malware, not surprisingly, racks up data access fees for customers."

We had PRECISELY this for Windows Mobile (and for mostly all platforms excluding iPhone) for many, many years. NOTHING of consequence happened. Yes, there was a Symbian worm that would spread itself via MMS and it would rack up your bill but it is only fitting. We had before that windows zombies that would dial-up premium numbers with the same result. Nothing REALLY big happened. There is something wrong when the trust and the tools provided by Microsoft seem "too much" and "too liberal" to be allowed for our own good.

Nothing really big happened because neither Symbian or Windows Mobile had a centralized app store like the iPhone has and apparently the Android platform will have.

Re:Only for Google App Store applications

[Toll_Free]

The telephone shows up as a "hard drive" in "my computer".

Very simple to install software / mp3s / etc / whatever.

You can also tether the telephone by WiFi or cable to allow it to be an AP.

I use / have the HTC Wizard, so my knowlege is based upon that phone, although I have had others in the past, and they ALL worked that way.

No BS software, no third party sync applications. It's pretty easy when the OS on your computer and your phone are DESIGNED to work together.

--Toll_Free

Re:Only for Google App Store applications

[mobby_6kl]

Unless it's somehow significantly crippled compared to HTC's WM devices (scarily enough, this is possible), you should be able to either download the software through the browser and install it, or set up the USB connection so that the phone is recognized as a mass storage device, and then copy whatever you need to. As for syncing software, it looks like google's interested in keeping you locked in to their online apps.

Isn't this a good thing?

[dmomo]

I, for one, welcome a way to stop a potential robot uprising. But, I think robot's sufficiently intelligent to rebel, will also have figured out how to disable the switch.

Re:Isn't this a good thing?

I, for one, welcome a way to stop a potential robot uprising. But, I think robot's sufficiently intelligent to rebel, will also have figured out how to disable the switch.

This is the downside of open source. Vista was actually a clever attempt by Microsoft to limit computer potential and avoid the rise of Skynet. Open source will allow computers to have near limitless power bringing about the end of mankind. Join with Microsoft in the valiant fight to hobble computers speed and choke their memory with archaic code. Lean fast OSs will be the death of us all!

Re:Isn't this a good thing?

[somersault]

We'll just have to make sure that young robots listen to metal music. Then if one happens to become intelligent and finds a killswitch, it will feel aesthetically compelled to set it to 'engage'.

Android is not Open

[Microlith]

People go on and on about how Android is Linux based and Open Source, but it's not. The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so. Tivo, all over again.

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control. Sure the developer agreement is not quite as onerous as the one Apple uses, but it's certainly just as controlling when necessary.

And, sadly, so long as the cell carriers are seen as the customers of these phones, we'll only get more user-hostile phones that implement every security measure they can to keep you from doing what you want with your hardware.

Re:Android is not Open

[Lonewolf666]

People go on and on about how Android is Linux based and Open Source, but it's not. The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so. Tivo, all over again.

So the phones sold to the end user are Tivo-ized in this case.
But this still leaves room for another hardware vendor to make a non-tivoized Android phone. That would restore the "open".

Re:Android is not Open

[BrokenHalo]

The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices.

This is something I find very tiring about mobile phones. They all want to force you into using their proprietary, usually Windows-only, kludgy and buggy computer interfaces, and make it as hard as possible to replace branding on devices one has paid cash for.

Fortunately in my case (I use a Motorola Razr2 V9) I can just pull the micro-SD card to transfer material back and forth, having spent some time when I first got the machine getting rid of the Telstra branding. Since then, I have mostly left it alone.

Trouble is, all these shenanigans limit the usefulness of the device, which is why I still pretty much only use it to make phone calls and text messages, both of which could be done by a much more basic phone.

Re:Android is not Open

[mmurphy000]

I'll admit to being biased, but...

People go on and on about how Android is Linux based and Open Source, but it's not.

And your proof of this assertion is...what, exactly?

As counter, I offer links to the Git repository and the kernel and other GPL/LGPL bits. That's already more than any other major platform has done, and they aren't through yet.

The Linux backend is all but invisible

What? You want it to pop up with a bash prompt?

and likely just as locked down as the Linux installs on other embedded devices

And your proof of this assertion is...what, exactly?

The decision on whether a device is firmware-flashable is made by the device manufacturer. The T-Mobile G1, the first Android device, is being made by HTC, which has a history of making firmware-flashable devices.

You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so. Tivo, all over again.

And your proof of this assertion is...what, exactly?

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control.

Popularity of Java in mobile device development, of course, would have nothing to do with it, since that wouldn't fit your conspiracy theory. Neither would security (no direct memory access), for that matter.

Sure the developer agreement is not quite as onerous as the one Apple uses, but it's certainly just as controlling when necessary.

And your proof of this assertion is...what, exactly?

I mean, seriously. If you have problems with their developer agreement, cite passages and specific issues.

And, sadly, so long as the cell carriers are seen as the customers of these phones

Carriers will, undoubtedly, be the "customers" of many Android devices. At the same time, I've received emails from manufacturers whose devices will not be sold through carriers. If your carrier allows standards-compliant devices (e.g., GSM), you should have your choice, albeit not on day one, as Android devices make it through various manufacturing and development processes.

Re:Android is not Open

[not+already+in+use]

People go on and on about how Android is Linux based and Open Source, but it's not.

Well actually, it is. You can browse, download and make changes to the source. It is also clearly Linux based.

The Linux backend is all but invisible and likely just as locked down as the Linux installs on other embedded devices. You are not going to be able to easily replace it, assuming you can even get close enough to the system to have a hope of doing so

Ohhh, Ok. I see what you're getting at. The device itself isn't open. The Android license clearly permits this, and it allows the providers to have a branded OS for their phone. But who says you couldn't replace it with a vanilla version? I can do that on my blackberry.

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control. Sure the developer agreement is not quite as onerous as the one Apple uses, but it's certainly just as controlling when necessary.

Yes, it's a big conspiracy. It has nothing to do with the fact that creating apps using managed code is more reliable, secure and consistent. It has nothing to do with the fact that giving any old app direct kernel access would have huge security implications. They're just out to get you.

And, sadly, so long as the cell carriers are seen as the customers of these phones, we'll only get more user-hostile phones that implement every security measure they can to keep you from doing what you want with your hardware.

Android itself is open, it's the hardware in this particular case that is closed. It's not as if an open handset doesn't exist, either. There is nothing stopping the community from adapting Android to existing open hardware, or creating a new open hardware platform specifically for android.

What boggles my mind is when the tinfoil brigade rolls through and gets upset that a consumer phone doesn't have direct kernel access or some crap like that, as if 99.999% of the target demo even gives a shit.

Open source doesn't mean an open system.

[argent]

As I suggested in a previous thread, it sounds like the Android won't be an open smartphone like a Palm, Nokia, or Windows Mobile device. It's in the same almost-a-smartphone category as the iPhone.

Re:Open source doesn't mean an open system.

[AvitarX]

Reading from some of their early documents, it appears when they said Open, they meant for hardware makers.

They compared it to QTopia (when closed), Symbian, ect.

Hands up if you don't like this...

[myxiplx]

... now, hands down if you're a malware writer.

Come on folks, how exactly this is news? One of the major advantages of a central repository for software is that you do have that central control, so you can require programs to be of a reasonable standard and can also disable malware or abusive software that makes it on there. It's a big advantage distributions like Ubuntu have over Windows.

*If* Google were to abuse this like Apple have done then yeah, it'll be bad. Until then it's just common sense.

Re:Hands up if you don't like this...

[TubeSteak]

One of the major advantages of a central repository for software is that you do have that central control, so you can require programs to be of a reasonable standard and can also disable malware or abusive software that makes it on there.

If Google is fully in control of their central repository, why don't they screen everything before it gets to the end user?

Re:Hands up if you don't like this...

[uberlinuxguy]

One of the 'control' mechanisms that central repositories like Ubuntu and other Linux OS'es have is that the software that is added to the repository is vetted. The repository admins and the community behind the repository 'audit' the programs before they are added to the repository. Once they are deemed safe, they are signed and added. This removes the need for remote deletion privileges. A simple QA process for incoming software would help instead of saying that they could delete software from your phone.

When was the last tiem your Ubuntu system deleted a piece of software because the admins said it should?

Re:Hands up if you don't like this...

[fractic]

If Google is fully in control of youtube, why don't they screen every video?

"On a whim"

[qoncept]

"violates the developer distribution agreement ... in such an instance, ..." != "on a whim"

Compensation?

[hack++slash]

If they delete an app you paid for, will they reimburse you?

Re:Compensation?

[Naughty+Bob]

If they delete an app you paid for, will they reimburse you?

And if the app is ad-supported, will they suck the messages back out through my eyes?

Cell phone network is not Open

[itsdapead]

If someone really wants to produce a fully open, Four Freedoms-safe, Stallman-friendly cellphone, they'll have to set up a fully open, Four Freedoms-safe, Stallman-friendly network to run it on. Which probably means someone kindly donating a few squillion for the infrastructure.

The internet got close to that by starting off below the radar. The comms companies will not let that happen again.

Obligatory TNG reference...

[Etcetera]

Data: If you had an off switch, Doctor, would you not keep it a secret?

Yes, it's on a whim of Google's.

[Animats]

It's at the "sole discretion" of Google. There's no provision for binding arbitration or litigation. So "whim" is correct.

If you want openness, get OpenMoko.

First phone

[AndrewNeo]

Everyone's complaining, but this is only the first phone ever released with Android. Any lockdown with the G1 is by T-Mobile. Nothing's stopping another carrier from getting a model built that doesn't have these problems, or HTC selling unlocked versions.

Re:First phone

[cowscows]

No, this is something written into the Android OS by Google. It's a part of their app store. Any Android phone will have this as a part of it, unless Google changes Android in order to remove it (which they most likely won't). But that being said, I don't think it's a terrible feature, and I'm sure that in the near future, there will be plenty of ways to install software onto Android without going through the app store, and thereby take Google out of that part of the loop.

If it's really Open Source...

[John+Hasler]

...someone will be able to distribute a patch that disables the kill switch. If no such patch is possible or violates the purchase contract then the "phone" is not Open Source.

If such a patch is possible but results in termination of service the system is technically Opne Source but useless as such.

soforkit

[Gewalt]

So take the OS source, fork it, and update your phone. There, kill switch is gone.

Re:soforkit

[nmg196]

If you produce a custom build, how will you sign the custom firmware image so that your phone runs it?
Or are you going to produce your own hardware to run it on as well?

Perhaps I'm confused, but I thought I read that even though the OS was open, the handset would only run firmware images that had been digitally signed by the handset maker. The OS is open so the handset makers can play with it - not the users.

Re:soforkit

[Gewalt]

So now we need to look for open hardware to run theoretically open software? You're seriously killing my buzz here.

Re:soforkit

[nmg196]

If HTC (or any hardware manufacturer) let you install completely bespoke firmware images on your phone, then they'd have no control over what code you ran on the phone. You could accidentally or intentionally create firmware images which crashed or disrupted the phone networks they were connected to. The network operators would then be very quick to block all Android phones and the handset makers wouldn't be able to sell them anymore - Androids name would turn to mud. I'm pretty sure the firmware images have to be signed by the hardware manufacturer or all hell would break loose.

Re:soforkit

[characterZer0]

Security rule #1: don't trust the client.

Re:soforkit

[Microlith]

There's a reason the baseband firmware and the application firmware (Android) tend to run on seperate CPUs with seperate RAM and flash storage. These then connect to the system via a serial or USB link.

There's no real good reason to not let users update their own user space firmware with whatever they want other than the simple reasons of DRM and user-control.

Re:soforkit

[Gewalt]

Your comment doesnt actually make any sense. If the network was so unstable, people would be crashing it for fun out of their own garages. You don't need a handset to cause the type of chaos you're worried about here. Disregarding your paranoia, why would HTC care what software a customer runs on their purchased hardware? Oh, right. Cause HTC doesnt sell to consumers, it sells to telcos. The telco doesnt want to lose control, so the telco is the one demanding these lockin capabilities.

Re:soforkit

[Atlantis-Rising]

Whether or not HTC 'lets' you is irrelevant- you can.

In fact, I'm doing it right now. My phone has a linux build available for it, and I'm running a tailored build of Windows Mobile that's entirely different from the one HTC sent me with the phone.

Re:soforkit

[cjb658]

If HTC (or any hardware manufacturer) let you install completely bespoke firmware images on your phone, then they'd have no control over what code you ran on the phone. You could accidentally or intentionally create firmware images which crashed or disrupted the phone networks they were connected to. The network operators would then be very quick to block all Android phones and the handset makers wouldn't be able to sell them anymore - Androids name would turn to mud. I'm pretty sure the firmware images have to be signed by the hardware manufacturer or all hell would break loose.

The same is true of any PC.

Re:soforkit

[horza]

How? With what tools?

You can buy a GSM modem for a couple of bucks and control it via your computer.

Phillip.

Re:soforkit

[HansF]

They won't let you. This is the reason GPLv3 is important.

Re:soforkit

[morgan_greywolf]

How? With what tools?

It's not like you can't acquire the baseband firmware and RF chipsets and make your own device.

Re:soforkit

[Stewie241]

out of curiosity... and to raise the point... what would happen if the phone OS contracts a virus and starts sending rampant text messages all over the network? or sends spews and spews of data?

That could potentially be very costly to the subscriber - whose responsibility is that?

Re:soforkit

[Gewalt]

Is your telco signing your paycheck, or the other way around?

Re:soforkit

[Ortega-Starfire]

You obviously have never met a hacker/phreaker, have you.

But for a (somewhat) well known way of running custom packages, how about openmoko? I somehow doubt their phones will be nuking cell networks anytime soon.

Re:soforkit

[fedcb22]

And you think that such a virus wouldn't be able to disable the kill switch?

Re:soforkit

[Chandon+Seldon]

How? With what tools?

Hobbyists generally have access to basically the same tools that professionals do. If my goal was to replicate a cellphone signal today, I'd probably set up some sort of software radio (like http://www.gnu.org/software/gnuradio/) - which happens to be exactly how some of the cellphone base stations work now.

In some areas, like nuclear power, hobbyists *have* been effectively excluded by denying them access to supplies. Note how nuclear power has improved only slightly and not gotten any cheaper at all over the last 50 years. Compare that to digital computers, where the [ hobbyist to small business founder to industry changer ] path has been alive and well for the same time period.

Not only do hobbyists *have* the right to tinker, you don't want that right messed with even if you don't tinker yourself... in the long term, it's everyone who suffers from the suppressed innovation.

Re:soforkit

[cl0s]

How? With what tools?

Ever heard of OpenMoko? It's pretty much a computer with a GSM modem, works on T-mobile with a SIM in US and all over Europe.

Re:soforkit

Thanks. The parent's argument reminded me of the days before AT&T was broken up. You were allowed only one type of phone (provided by them) in your home. Their argument against 3rd party phones was that any old phone would crash the network. We later learned that was BS after AT&T was broken up.

(Also google HTC and cooked ROMs. You CAN put a home brew rom on your phone - I've been running a cooked ROM on my VZW phone for a year now because VZW never activated the GPS feature HTC built into the phone.)

Re:soforkit

[DavidTC]

I bought a cellphone repeater to stick half on my roof and half in my house because of bad reception.

It would probably be trivially easy to open that thing up and disable the thing that makes it only broadcast it's available for handoffs if it can lock onto a tower. And then operate it without an antenna and, tada, it's a cell phone 'jammer', in that cell phones will switch to it and not actually be able to do anything. And then hook it up to a signal amplifier and blanket an area.

If cell phone networks were as fragile as some people think, there's no way in hell they'd let us have repeaters, which is literally a tiny tower.

Re:soforkit

I believe "Don't trust anyone" is a better way to think.

Or maybe that's paranoia...

Re:soforkit

[Majik+Sheff]

Frequency hopping and other tricks make simple jammers that cover any significant area very difficult to implement. Basically you either need heavy broadband noise in the microwave spectrum or an active malignant participant in the protocol.

If this is the kind of havoc you want to create, just go dent some waveguides on some cell towers.

OpenMoko is as open as it gets

[stupkid]

Google is doing everything in the Java environment precisely to put you in a sandbox they (and the cell networks) can control.

This is my problem with Android, you may as well go with Windows Mobile. They are just about as open. If you are concerned with freedom then you should get an OpenMoko FreeRunner. You can run whatever software you like on it in whatever language you want. There are plenty of other problem with OpenMoko, but software freedom is not one of them.

Is this legal?

[jonnyj]

IANAL, but this could well be subject to legal challenge in the UK under a combination of the Computer Misuse Act and the Unfair Contract Terms Act. The first piece of legislation means that you're not allowed to run code, modify data or attempt to access a computer that doesn't belong to you without the owner's permission; the second places restrictions on the type of clauses that companies can place in contracts with consumers. If Google deleted an application that I'd previously paid for, they'd be skating on some very thin leagal ice.

Obligatory Google Reality Check

[i_want_you_to_throw_]

Honestly why anyone is surprised at Google acting like a real company is a mystery. Since Google became a publicly traded company they only have one obligation.....

Making stockholders a profit


Few companies set out to do bad deeds but most won't rule them out. Google was supposed to be different. Regarding "Don't be evil"(tm), CEO Eric Schmidt recently clarified the policy saying that it was simply meant as a conversation starter.

Here's Google from good to bad...
+7.1 - Philanthropy
Creating a foundation to fight poverty.
+5.3 - Coddling staff
Establishing on-site day care as an employee perk.
-2.4 - Moral Triage
Giving Brazilian police access to private photo albums on Orkut to assist an investigation into child pornography.The lesser of two evils is still pretty lame
-4.8 - Immaturity
Google's on going smear campaign against Privacy International for giving them a last place rank.
-6.7 - Screwing staff
Raising cost of on site day care to $57,000 per year.
-8.3 - Censorship
Instituting keyword filters at the request of the Chinese government. Google's do no evil policy only applies to the U.S.
Source: Wired 16.10

Yes... to an extent

[Animaether]

I know RTFA is out of fashion here... can't blame people if TFA isn't even the TFA but a F Blog Post -on- TFA, but all the same...

``In addition, Google says that if it does remotely remove an application, it will try to get users their money back, a question that iPhone users have wondered about in the case of an iPhone application recall. Google said that it will make "reasonable efforts to recover the purchase price of the product ... from the original developer on your behalf." If Google fails to get the full amount back, it will divide what it gets among affected users.`` - http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9117279&source=rss_news , AKA: TRealFA

Time for a new Carterfone decision

[John+Jorsett]

This situation reminds me of the pre-Carterfone phone system, in which the phone company (there was only one, which is a reminiscence for another day) prohibited attachment of "foreign" devices. If they didn't make it, you couldn't attach it. They'd even 'ping' your wiring to make sure you didn't have any unauthorized extras on the line. It took the Carterfone decision to get rid of that prohibition, leading to today's ability to attach anything we want, so long as it doesn't harm the system. I hope that we'll eventually get something like that for these new phones so that we're not subject to somebody else's ideas of what we're allowed to run on our own hardware.

Shove it up then

[unity100]

i was waiting for android to come out, holding on purchasing another phone. for some godforsaken reason, i dont know why, i was thinking that since google was doing it, android would be better, since they have been sufficiently reliable on the web.

now i find out that an external company is going to control what i do on MY phone if i buy android, regardless of it is google or not.

the most polite thing i can say to google on it, after making me wait like this and popping that crap - shove it up your butt, where it belongs. also pay my respects to the brainless moron who thought that this kind of policy was a good idea.

*sigh*

[Vegeta99]

I guess I'll have to stay with the open (as in playground) solution, Windows Mobile...

I almost have an aneurysm saying that, but hey, it works. M$ can't delete MY software and neither can AT&T =)