Slashdot Mirror
Google Remotely Nukes Apps From Android Phones
itwbennett writes "Google disclosed in a blog post on Thursday that it remotely removed two applications from Android phones that ran contrary to the terms of the Android Market. From the post: 'Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them. After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.' The blog post comes a day after security vendor SMobile Systems published a report saying that 20% of Android apps provide access to sensitive information."
Update: 06/25 16:44 GMT by S : Clarified last sentence, which incorrectly suggested that 20% of Android apps were malicious. According to the report (PDF, which we discussed recently), "a majority of these applications were developed with the best of intentions and the user data will likely not be compromised.
They removed an app that violated the terms of service.
Seriously, stop with the fear mongering. Although I trust google as far as I can throw their data centers, citing false reports and spreading misinformation is just stupid.
Also, as pointed out in the previous article, those 'exposing' apps can only take what information you expressly give them. Thus it is not news.
"Our goal each year should be to increase the number of goals we set for ourselves!"
security vendor SMobile Systems published a report saying that 20% of Android apps are malicious.
No, the report said that 20% of apps require access to sensitive data (ie your address book) or functionality to perform their job. You'd think people would have noticed by now if 1 in 5 Android apps were "malicious".
which is totally what she said
This raises again the question wherever we need to call murder and fire about privacy and "it's my phone don't touch it" kindof thing.
OTOH, the marketplace is a "trusted content provider" in control and under the responsability of google. In that regard, I think they have the right and obligation to "keep the market clean", for me it would become unacceptable if they start to remove applications who are "breaching vague copyright claims", and take a weak stance or remove applications on nonsene like that.
If the application would've advertized or mentioned it was "for research purposes", I don't think google should've removed it.
But it's my phone, and if I want to run malicious software on it, I feel I should be able to do so. But I cannot expect the "marketplace" to hold malicious software because I want that possibility.
I think we can keep recursing like this until someone returns 1
Why do they have to have or at least exercise this feature of the ToS?
Why couldn't they just get a list of those who have it installed (surely they know that?) and then email them? Beats this draconian/big brother approach in my opinion...
ilovegeorgebush
I dunno, wasn't the hype that Android is all open and based on Linux, and _totally_ unlike the iron grip that Steve Jobs has on the iPhone?
And weren't most of us ranting about how even DRM and "Trusted Computing" are bad because someone else gets to decide what you can or can't run on your computer? When did _that_ become good if it's Google doing it?
A polar bear is a cartesian bear after a coordinate transform.
Yes, and you'd think that "itwbennett," the submitter would know that, since he is affiliated with itworld (check his home page), the publisher of the linked articles.
Odd, that although he references a slashdot article from a few days ago, instead of linking to that article, or the article that links to (on CNET), or to the source of the report, or even to the report itself, he links to a rehash on itworld.
Tagged as a slashvertisement for self-promotion.
"National Security is the chief cause of national insecurity." - Celine's First Law
If it wasn't, bad. Simple enough. Apart from who decides that... I would hope in the future to see an option to disable this "feature" on android phones, but I doubt it will happen.
Just an FYI, even though Apple has some of the most draconian app policies ever--they have never remotely nuked an application from someone's phone. They have taken apps off of the market, but they have never actually removed it from your device. I ran GVMobile for a long time until it stopped properly authenticating, for example.
Google just needs to allow the user to revoke specific permissions to an application all together.
When you install apps from the market or elsewhere, Android prompts you in advance letting you know of all of the permissions this app requires.
There is with this at all. It is no different from random app X requiring my root password and prompting for it. If I trust the app and give it up, this is not a security issue.
This is how you allow apps to have access to these low level permissions, without disallowing them totally, liek Apple in it's walled garden.
It is why there are so many more in-depth Android apps than there are iPhone ones. You can replace the dialer, replace the address book, etc.
This company is fear-mongering about nothing to such a degreee that I wonder if they are on Apple's payroll.
20% of Android apps are not malicious. 20% of Android apps have the potential to be malicious.
If you do not want an application to have the possibility of stealing your private data, then do not install that application! When you install an app on an Android phone, you are presented with a list over which data this application wants to access. If you don't like that the FTP app you are about to install have access to your SMS/MMS messages, then click on cancel and find another FTP client.
You do not have to use the Market to install apps.
If Google removes an app you like from the market, or even does a remote-uninstall, you can just re-install it yourself, and it is then un-nukeable.
The market can only remote-uninstall apps installed via it.
Just to clarify; Google nuked two applications that had been distributed via Android Market, which they explicitly reserve the right to do via their Terms Of Service (see section 2.4).
However, if you don't like these terms there is nothing that stops you from downloading applications from alternative sources and installing them on your Android device - there are a number of alternate Android application stores like SlideMe and AndAppStore for example, not to mention downloading .apk files directly to your phone and installing that way bypassing Android Market altogether.
Besides, what are they supposed to do if there are malicious applications on Android Market? Pull them and leave affected users with crap on their devices?
Oh well, I'm perfectly happy with my HTC Magic running Cyanogenmod 5.0.8 downloaded and installed via Clockworkmod ROM Manager, which itself was downloaded from Android Market.
Life is like a sewer; what you get out of it depends on what you put into it...
...in its tracks as it tries to delete the targeted applications. Here's how I would like to accomplish my feat, Android being Open Source Software: -
As Google tries to remove the application from my phone, the phone would be configured to ring n a particular way, send me an email telling me what is going on, then block Google's action.
Sad thing is that I an no coder/hacker so I have no idea where to start!
So "when it's in service of a good cause," violating user privacy and the ability to own your phone is okay? Or is any measure acceptable if it's claimed to be to eliminate a risk? Or is it Google good, Apple bad, still? I'm very confused.
I don't want this. Not on Android. I specifically bought an Android phone to get away from the Apple control freakery. That was the only reason I wanted Android -- no big brother overseeing. Now I find that Google can throw a remote kill switch?
Do NOT want.
Yes I can see the argument that the app killing on this occasion was a Good Thing. But no, really it's a Bad Thing, because it represents the top of a slippery slope.
Hands off my phone please people who are not me!
For those of you complaining about this, please note that it was "per the ToS". Don't like it? Don't use the (Android) software, then. It's a free market -- vote with your money elsewhere. Until this remote nuke feature is used on something I've PAID for, and I'm left without my app or my money, I'm not too bothered by it as, again, I AGREED TO THE TOS.
It could be that the only purpose of your life is to serve as a warning to others.
So, which apps? I've RTFA and it doesn't mention which apps were removed. I also wonder if this is done silently, or if there is some mention in the installer/Android Market that tells you what has happened. Yep, they can do this, and I still trust Google. Yes, they are a big company and have the potential to do nefarious things, but I don't really see it happening.
Or they might, you know, point to the fact that it's not true. Hell, you don't even need to RTFA on this one, just RTFT(itle): "20 percent of Android apps can threaten privacy, says vendor". This is about the fact that apps give access to areas of the phone like web browsing, contacts, call notification (to be able to suspend, etc) and that there are privacy concerns. In no way does that even come close to malicious, in fact it's standard behaviour, this isn't a Google issue, all the other operating systems with user-installable apps do exactly the same thing, I think possibly the only difference is Google apps actually tell you in advance exactly which areas of the phone it needs access to, so at least you can make an informed judgement (i.e. why does this screensaver need access to my phone's dialler).
Just chalk this up to ITWorld being click-whoring sensationalist garbage and move on.
This. And as I posted yesterday, that "security report" was self-promotion of their "security software".
Moreover, it was 20% of Android apps require some sort of permission that gives them access to some subset of your personal data or phone functions in order to operate. Only something like 2% required permissions to access phone/contact features, most likely because they are dialer/launcher replacement/address book apps.
In comparison, on your desktop Windows machine, 100% of apps have access to your filesystem that contains lots of personal data. And all your apps pop up Windows requesting permission to modify your computer (i.e. root access) all the time. And nobody gets hysterical, they just click OK constantly.
What a stupid meme this is. Android's permission model isn't perfect and could use some clarification and simplification, but it's much better than the other mainstream desktop OSes or phone OSes.
Sony removes Linux, Amazon removes books, MS removes music/Sidekick data issue, Apple watches over software, isp's shape traffic, telcos get a national security letter on domestic phone tapping ect . A search/ad company sucks up data around the world.
Then they expect the end users to take them seriously.
Time to think long and hard about any new 'rental' telco device.
Physical media and a fast desktop computer seem rather wise now.
Maybe try a http://en.wikipedia.org/wiki/MeeGo supporting device to keep your property backed up and safe from remote interference/incompetence/mistakes.
Domestic spying is now "Benign Information Gathering"
Hell yes, you will be modded down into oblivion for this. Not because you attack "Google Fanbois" but because you clearly haven't read the article (20% is not malicious). To make matters worse your argument is a pre-emptive ad hominem attack. Stating that you will get modded down for this certainly won't prevent it from happening.
Replying to A/C trolls, I know, I know...
security vendor SMobile Systems published a report saying that 20% of Android apps are malicious.
This is even more misleading than the average Slashdot post.
When the app is clicked on, it should open a page that says: "Note: Google has determined this app to be malicious / in violation of terms of use. Tap here for a complete explanation. The app has been removed from the store, and running it is not safe. Tap here to safely and permanently remove this app"
-- 'The' Lord and Master Bitman On High, Master Of All
That's why slopes are slippery. Go up a containing level.
There is little all about ________ remotely nuking _________ because ______ says it violates ______. There's some scary scope in those MadLib blanks. It also is a clear threat - they're demonstrating an extremely dangerous policy capability.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Yeah, "20% are malicious" is pure and utter FUD.
"20% of apps might use personal data" just doesn't have the same ring to it, I guess.
The blog post comes a day after security vendor SMobile Systems published a report saying that 20% of Android apps are malicious
Bullshit. The report says that 20% of the apps are capable of collecting information that could be misused but that most collecting it are doing it for well-intentioned reasons.
It is in the ToS. Most of us probably didn't read it in detail (I know I didn't) but we agreed to it when we purchased the phone and downloaded the app from the Marketplace. If a user got their hands on an install file and installed this thing manually I don't think anyone at Google would bat an eye. This is just Google exercising stewardship over their distribution mechanism. They tend to be very hands off in this respect, but we can't expect them to allow total anarchy. No-one can really expect total control over all aspects of a device that operates on someone else's network, or even privacy on a mobile phone in general.
I think you are right. It is easy to paint Google and Apple as opposite ends of a Privacy/User Control spectrum, but in reality I think they are very close.
The fact is that once the apps/book was on YOUR device, it was *deleted* without your approval. Whether $ were shelled or not, this is exactly the kind of things what we around here call draconian control.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
security vendor SMobile Systems published a report saying that 20% of Android apps are malicious.
This is even more misleading than the average Slashdot post.
And that's really saying something, considering that 80% of Slashdot posts are malicious!
which is totally what she said
Have a remote nuking of malicious as a strictly opt-in feature.
Let's restate it in the opposite way: IF apple were keeping out only apps that were security risks and allowing through everything else, some random people on /. would complain about "It's my phone!", but the overall outrage over censorship, unfair app approvals and a questionable approval process would be, to most people, not an issue.
Whether or not there is some sort of god, I'm not supposed to say/god is a word and the argument ends there-Smog
... was to remove a couple (relatively harmless) trojans for free. Maybe we should be thankful for the service.
I wonder if these apps really were for legit research then the researchers could/should have asked google to remotely uninstall them since you shouldn't leave your apparatus lying on the floor after an experiment.
$ unzip, strip, touch, finger, grep, mount, fsck, more, yes,fsck,fsck,fsck,umount, sleep
In a few cases, the choice is between AT&T and the other network that gives 0 bars. Now which do you choose?
As an Apple fanboy who's tired of seeing the anti-Apple sensationalism in other postings (ok, even the blatantly pro-Apple sensationalism is annoying too), allow me to say that the 1-in-5 comment in the summary was absolute FUD. It really would be nice if story submissions were more about the story and less about furthering marketing agendas for/against a given product. I realize we're all passionate about our particular sections of geekdom but this is just getting pathetic. I think it's interesting that Google exercised their orbital nuke option (for a variety of reasons that I'm sure will be discussed in other threads below) but the little addendum to the story was completely irrelevant and served only one purpose - to troll. Would be nice if slashdot editors removed those extra tidbits.
This company is fear-mongering about nothing to such a degreee that I wonder if they are on Apple's payroll.
Or maybe, just maybe, the security vendor is on their own payroll and is attempting to drum up some fear and uncertainty and doubt in order to sell their own products. Kinda like all the other security vendors out there have been doing for years and years and years.
I gotta admit, I am laughing my ass off. After a year of listening to Slashdotters slam Apple for it's overly restrictive App store policies (Waaaa - I can't run any piece of crap app I want - waaaaa), it is like a breath of fresh air to see a *real* big brother operation in action. Google can remotely yank apps directly off that "completely open" phone? Priceless.
The days of user-managed consumer computing devices is just about over. The future is stringently managed devices and no unapproved applications. Why? The device manufacturers must ensure a seamless user experience - any hiccup in either hardware or application just helps sink a product in this highly competitive space. And OS manufacturers (not to mention the users) are fed up with security breaches and malware - better just to lock it all down, and eliminate the complaints and problems. The vast majority of users have no desire whatsoever to manage anything on their computers - they just want to buy and play the games or run apps that never crash. Keeping up with the latest viruses is something only totally uncool people do anymore.
The cowboy days are over, folks. The wild, wild west is becoming settled.
This seems more like a clean up of junk software no one needed anyway. Yawn.
"I'm not a quack, I'm a mad scientist! There's a difference." - Dr. Cockroach
They just showed that they can remotely censor your device - that is a definite NO NO - you keep your fucking hands of my device.
Its bad enough you can only download apps from the web, don't they dare remove them as well.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
just RTFT(itle): "20 percent of Android apps can threaten privacy, says vendor".
Nuff said.
violating user privacy
What private data are we talking about? The list of apps you've downloaded from the market?
I've got some bad news for you, most online markets keep track of that.
[PowerPoint] is a tool for capitalist presentation
Remember the protest when Microsoft first added "call home" activation to Windows and Office? Where is it the fury now? We are slowly being conditioned to accept this kind of behavior from companies. Amazon removing 1984, and now Google removing some useless app. At first, people protest, but after a while this becomes accepted behavior, and people don't think twice about it.
And do they all use it to force changes down to your phone?
So - troll or shockingly poor reading comprehension on the part of the submitter?
I'd almost like to think the former, especially how polarised the readership of this site can be (for a site presumably catering to intelligent, tech-savvy people there is an *incredible* amount of fanboyism), though I'm not sure the latter isn't somehow preferable; at least ignorance can be taught out of people.
It's official. Most of you are morons.
No one is claiming they don't have a legal right, or that it's not in their TOS (and it's a matter of debate whether a notice on their website trumps the law - otherwise I might as well put a TOS up saying I've got the right to delete stuff from other people's phones).
The point is that it's bad if they're deleting applications from people's own phones, and it is something that we should rightly criticise.
This is a big break of trust.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Is there a straightforward howto on this. I'm planning my next phone to be an Android phone, swayed in no small part by the openness of the android platform. However, the idea that google can uninstall anything on my phone isn't acceptable at all (but neither is becoming an iSlave to Jobs, or an eSlave to Microsoft--so much for competition).
What I'd like to be able to do is
1. Download an app from an android app store
2. install it in such a way that the app store has no permissions to delete the app
3. still be notified of any updates and update, manually if that's what it takes to ensure #2 above.
In your experience with that plaform, is that doable with a reasonable amount of simplicity?
The Future of Human Evolution: Autonomy
In point of fact, it's not an issue for most people as it stands today.
There is with this at all.
What the hell is that sentence supposed to mean?
... and then they built the supercollider.
Intelligence doesn't necessarily preclude arrogance, elitism and even religious fervour in a person.. unfortunately.
which is totally what she said
It doesn't say anything of the sort, wtf!?
Basically, what this is leading to, is that the only way to own a computer is to own not just the hardware and the software, but also the network and the services that run on it. If you don't, you're pwned by the owners who do own these things. It's not enough for hardware and software to be free; the network and services also need to be free and open. Anything other than total and complete freedom opens a backdoor through which all your freedom will eventually leak out, given enough time.
So, good luck with that. You'll never own everything. It's damn hard just to own the software, let alone the hardware that you purhcased. Forget about ever owning the network or the services; these are things that are inherently communal. Only, there's large corporate superorganisms out there who will dominate any individual or group of consumers.
And even if you could own it all, that only means that it's possible for, at most, one person to be free. Everyone else is either enslaved, at risk of enslavement, or a non-participant.
Might as well give up and let them implant slave chips in the back of our heads.
You see? You see? Your stupid minds! Stupid! Stupid!
I agree, and I think it's fine for a company to retain some reasonable controls. Opinions will differ on what constitutes 'reasonable,' certainly.
What blows my mind is seeing people lambaste Apple for exerting 'control' over a device, and then saying, 'but Google meant well, so it's okay for them to do it.'
Wow, Google pulled an Amazon here, remotely DELETED an app from users' phone... and half of the posts here are OK with it?!
Where's the outrage? Isn't the big ADVANTAGE of Android is that it is YOUR phone, which you CONTROL, and that YOU decide what to put on it? Now Google, not only told you they hold a REMOTE KILL switch, but actually went and DID a remote kill, and wow, half of the posters here are fine with it.
Amazing.
Oliver.
If anybody is laughing their ass off about this story, it would be Steve Jobs. If the apps removed were more or less harmless, what did Google really accomplish by deciding to "exercise our remote application removal feature", other than to teach users once again, that Google really can't be trusted?
It may be something, but it certainly isn't the best security system possible. There's no way to control which permissions you allow - it's all or nothing. There's also no option for granting permission on a case-by-case bases (i.e. "App X wishes to send the following text message: .... [Allow] [Deny] [Always Allow] [Always Deny]").
Those would be massive improvements, but I don't think Google have any interest in implementing them (or even accepting patches).
Well, that's what you get for thinkin'
Your gadgets oWn you!
For justice, we must go to Don Corleone
Because you are comparing things which are irrelevant, it doesn't matter what the programs did or what the cost was - they violated users trust by just deleting programs on their computers (because yes, that is what it is - a small computer running Android)
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Apple removes apps from the store, they do not remove apps from your device.
Google nukes it, and then lets you reinstall it if you want? Why go through the theater of nuking it from devices then? "It's SO INSECURE that we have to take control of your phone and remove it. But don't worry, you can always put your phone back to being insecure later."
If they don't change this behavior right now, as in remove this feature from android phones with the next update.
And you are right, its a slippery slope - "we found some words in your email which you are going to regret tomorrow so we decided not to send it for you"
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
My favorite thing in the world is when someone makes a big fuss about these malicious applications and then nobody says what the applications are or what they were supposed to do.
or else!
FUD or not, I see Apple using this as an ipso facto defence of their walled-garden app store model. Besides, isn't safer to put our security in the hands of those who know better? This question always reminds me of an adage from one of our wisest founding fathers here, state-side of the pond, Ben Franklin(paraphrased; exact quote is unknown): "Those who would trade their freedom for security deserve neither."
No where does that article you link to come close to stating that "20% of Android apps are malicious." It states that 20% of applications have access to private data. So if to you that is the definition of malicious, then, for example, every email client in the world is a malicious. Having access to do is not the definition of malicious. It only becomes malicious when that access is misused. This is the second time I've seen a slashdot post that totally misquotes this article. Until itwbennett learns some basic reading comprehension skills, they should stay away from the keyboard and stop spreading misinformation.
Indeed!!!! And on top of that Android's architecture is such that the user knows exactly what access a program will have whenever it is installed. That is how they were able to produce this report, because every program has to request those granular permissions. Really the is a demonstration of why android's operating system is great for security, because on a desktop platform, when you install a program, you don't know what it is going to try and do, whereas on Android you know exactly what access it will have.
I suppose they did from orbit, as its the only way to be sure.
BTW, has anybody been able to dial Chicago lately?
When I install the application, it asks me if I want to give the application access to these resources. I can choose to give access to these resources and install the application or not. It wouldn't make sense to selectively disable some of these requested resources since the application wouldn't work this access. I think that the Windows UAC model of continually bugging the user with Allow, Deny, Abort, etc. has been shown to be useless as well as extremely irritating.
You give each application access to the resources it needs. If you don't trust the application to use these resources properly, then you don't trust the application developer and you shouldn't install the application.
I don't read your sig. Why are you reading mine?
It wouldn't make sense to selectively disable some of these requested resources since the application wouldn't work this access.
Absolute rubbish. Suppose I don't trust your app not to silently track my position but I want to test it out. I could easily deny it internet access and allow GPS and bluetooth.
And your app *does* work without GPS/internet/bluetooth. It may not be able to do everything it wants to, but it won't just crash.
Unlike Apple, though, Android Marketplace is not the sole gateway for putting apps onto your phone. If the Android Marketplace gets to uppity, the free market will slap them down by users USING OTHER MARKETPLACES. I think this is the right way to do this, actually. If you want a protected, safe phone, then use the default options. If you don't, then you can go find a third party marketplace that has the correct tradeoff of security and flexibility for you. I would be perfectly fine with the Android Marketplace being worse than the Apple App Store, because if it is not right for me, it is easy to find another one who is.
If this wasn't Google doing this everyone would be up in arms and screaming bloody murder.
Imagine if Apple did this.
People are defending this, saying read the ToS? Ridiculous.
Why do you use Android Marketplace? Why not just install all your apps directly from the web, or use a third party marketplace? I use Android Marketplace because I trust them to filter out malicious apps. When they realize that one got through when it shouldn't have, I am fine with them removing it from my phone. But don't try to force them to change (or accuse them of being evil) when there are people who consider that a valuable service. The only time when I would consider something like this immoral is if they are the only option for getting apps (like Apple). But, they aren't. So if you don't like the service they provide, go find another service.
I don't use Android Marketplace. I'm pointing out the blatant hypocrisy inherent in Slashdot's 'prevailing wisdom' that Android is completely free of controls, and iOS is so locked down as to be unusable - as if it's a fact of nature that Google = Good / Apple = Bad, rather than an opinion about a service that, as you correctly state, both companies provide that adds value.
I was saying "Boo-urns."
Maybe it wasn't FUD... Maybe they just don't understand statistics and their sample size was five apps. OMG! One of these is malware! Call the President! Release the hounds!
The CB App. What's your 20?
It really does come down to trusting the application. If you don't trust the application to do what it says, then don't install it.
I don't read your sig. Why are you reading mine?
Sure, but who says the app vendor is willing to make it available under those terms? The security system provides a framework for an agreement analogous to a contract between the app vendor and the user: the vendor says "I will provide you this app to use, provided you give it these permissions", and the user chooses to agree or not.
Its true, though, that you could maintain this with a more flexible security model in which the app supplier could specify both mandatory permissions and optional permissions.
Sure, but who says the app vendor is willing to make it available under those terms?
Why should they have any choice?
Well since so far AT&T only has a single Android phone
This article disagrees with you. First it was the Backflip, now the Aria.
Apple reserves the right to remove apps from your device if they are acquired through the App Store just as Google does if you acquire apps through the Android Market.
Apple requires you to use the App Store to install third-party apps, Google does not require you to use Android Market to do so.
Congratulations for realizing that Apps downloaded from "The Market" which Google has control over (though rarely use it with the plethora of shitty apps), has strings attached.
You can still download and install any other application, ROM, or otherwise from the internet, without worrying that Google will brick your phone for defying their design.
I'll take Android over iPhone any day of the week. I have a custom ROM, with custom apps not downloaded from the market, and the only thing I did was violate a manufacturer warranty, instead of violating terms of service.
I don't see the hypocrisy. People want their experience to be managed. Apple does a good job at it. Google is, in my opinion, doing a decent job. Where "good" versus "bad" comes in is that if you don't like the "Apple Experience", then your only option is to buy a different phone. And if they decide to change the experience to something you don't like after you have bought the phone from them, you are SOL - no refund. If you don't like the "Google Experience", you can create your own. You can even modify their experience by installing apps that they don't support. If their experience changes to something you don't like, then you still have the option of modifying the experience to suit you, or creating your own. Basically, the Apple App Store is a monopoly, so they have to try very hard not to be "bad" (and they don't seem to try very hard). Android Marketplace is not a monopoly, so if they piss off their users enough, the users will just use someone else.
Why should they have the right to set the conditions on which they are willing to provide something they have created and own to you?
I think the answer is pretty clear.
Not only that, but while you may agree to an app because it *appears* to need certain permission (say it's a SIP/VOIP app and it needs access to make calls, access bluetooth, access contacts, etc) do you *really* want to wait for an email from google if it is actually malicious and causes your phone to go rogue?
I just don't get the big complaint.
I have a milestone, and personally if I somehow ended up with such an app, I'd be happy to have google nuke it BEFORE it starts dialing Russian's toll numbers, signing me up for paid-text programs, spamming my contacts, or worse.
They don't own the device. If I want to have *my* device tell the app there's no internet connection even when there is, why on Earth should the app developer be able to stop me?
They may have a right to have the code in their app execute as written, but they certainly shouldn't have any say over how the API should behave.
By the way, there is already an app to do this (at least for internet connectivity):
http://code.google.com/p/droidwall/
... you haven't checked your phone. Maybe you're away, sleeping, whatever. It's got a bad app that's doing bad things (ones that could cost you a LOT of money on a cellular). Do you *really* want it to be running off insanely waiting for you to wake up in the morning and click OK?
No, they own the software.
There are conditions on which they are willing to offer you the software.
There's a conceptual difference between telling the systems internet layer to pretend that the internet is unavailable and denying an app permissions to use internet facilities.
I would agree that it might be a useful user convenience to have features in the OS that allow an easily-configured way of faking certain conditions to apps, including "internet connection not available". I don't, OTOH, think that this is an essential security feature.
Control and privacy aren't the same thing. There was no privacy violated in this case, is all I'm saying.
[PowerPoint] is a tool for capitalist presentation
If Google nukes a less-questionable app sometime after this, all your slippery slope arguments are valid. Claiming slippery slope on a single case of anything is mindless paranoia.
Difficult to know that, without knowing how they accomplished the feat of deleting software remotely. How do they know you have that particular piece of software installed? Did they query handsets and ask for a list of installed software? Did they simply push down a blanket "delete software named X" command? What if I wanted to keep that software on my handset for some reason, like say, I'm the researcher that wrote it, or a similar research with an interest in this software?
A third party taking control of your device for even a few moments has a lot of privacy and control implications if you stop to think about it.
The hypocrisy is evident in the treatment of Apple (with their "draconian controls") and the emphasis on how much open and more free Android is.
So open and free that Google will feel free to reach out and delete stuff from your phone if it feels it shouldn't be there.
I don't object to the idea of a curated experience, and in fact, I think it's what many (perhaps most) users actually want. I just wish people here on slashdot would stop pretending that something being "Android" miraculously means it's free of any controls or restrictions. This case proves it, and it'll be interesting to see exactly how often this sort of functionality gets used.
The story is about google nuking things on peoples phones, not some crap about permissions.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Always was a bit disappointed that the N900 didn't do as well as it should have, being an open system and all. Everyone jumped from one big and questionable company to another.
If anybody is laughing their ass off about this story, it would be Steve Jobs.
He would, but he's still too busy answering emails about iPhone 4 signal loss issues. ~
It is, indeed, interesting. And it does give pause to anyone who sees Android as a complete anarchy. For Android fanboys, that means Android isn't quite a free-wheeling as they might like. For Apple fanboys, that means Android isn't quite as chaotic as they fear.
Of course, this doesn't negate a lot of other controls that Android does or does not present. That includes legal availability of customized Android builds for many Android phones and the ability to install apps without the Marketplace. Which means you'll probably have to suffer the Android fanboys a bit longer.
You may be right this time. But history is not on your side. People flee from closed plataforms everytime an open one becomes available and the closed one does not support one of the products that the open one supports and they want. Then, they complain about too many choices...
That happened more than once on the computers history. You may know about the personal computer, but there were also Unix, and the Internet that I can name without much effort.
Rethinking email
And any time anything is said about Android, Apple fanboi's will latch onto and exaggerate it so that their precious Apple looks better.
For one, this really has no bearing on the Android OS. Why are you saying that this "proves" that Android is controlled or restricted? You are probably used to using the iPhone where Apple has COMPLETE CONTROL over which applications you can install (unless you jailbreak, but that might actually be illegal by the DMCA). With an Android phone, you can install whatever applications you want. Google can't stop you. They do have control over the Android Marketplace (which is what this article is about). But since I do not have to use the Android Marketplace to get the apps I want, they can do whatever they want with it. And since there are alternatives, it does not reflect badly on the whole OS when it does get a bit restrictive.
Apple is controlled and restrictive in general. I would personally never buy an iPhone because I like to have freedom to do what I want with my hardware. Most people don't need that, and the iPhone is an excellent choice for them. That is why the iPhone is so popular. But, the people who like having control of their hardware are very vocal in their reasons. So, they generally use Android instead (because you actually do have all of the control you want. If you want any further control, you can always dive into the source and change it yourself). But, when you try to say that Apple is just as open as Android you prove that you are just arguing from emotions and not from facts. It makes your whole argument sound kinda foolish.
Absolutely. I have seen some very good stuff around the newer 2.x versions of Android, and my limited exposure to the Nexus One leads me to believe that it's a remarkably good device, and I'm sure the Droid & HTC stuff coming out now & over the next year will be, as well.
And I'm happy to see that - it will only mean Apple has to keep working hard to keep up in the iPhone, and perhaps HP/Palm with WebOS, and even Microsoft with Windows Phone. I want there to be lots of vigorous competition in this space, even if I never purchase a Palm or Windows or Android device (I currently own an iPhone 3G, full disclosure).
But nowhere in the article, or in the Android Marketplace TOS (Section 2.4) do they state that "only those copies downloaded from the Marketplace will be remotely deleted."
Are they deleting any copy, no matter where it was from? Can they tell the difference remotely between a copy that was downloaded from the Marketplace and one that was installed by the user via other means?
Are you comfortable with that? Are you sure what sort of restrictions Google has imposed on themselves?
I never said "apple is just as open as Android," I said "it sounds like Android isn't as free and open as people seem to enjoy trumpeting every time the iPhone is mentioned."
Quick baseline - how many apps have you written for your own Android device? And how many apps have you installed that didn't come from the Marketplace? And were you even aware of this clause in the Marketplace's terms of service before today's article? I'm genuinely curious.
Maybe it is, and maybe it isn't. Since you don't have to use the Android Market to get third-party apps onto an Android device, if you think its wrong that they make you agree to that to use the Android Market, the simple solution is don't use the Android Market.
You give each application access to the resources it needs. If you don't trust the application to use these resources properly, then you don't trust the application developer and you shouldn't install the application.
So, you're saying that the preferred model of Android's allegedly "very fine grained" permission system is that, you give access to an ENTIRE RESOURCE (say, WiFi access), FOREVER, and then TRUST that EVERY-SINGLE-TIME the app is actually USING that resource is A-OK, right?!?!?
Are you beginning to see the fundamental FLAW in that system?
It would be TRIVIAL for the NON-REVIEWED code (c'mon; just how many USERS of OSS can actually (or DO actually!) REVIEW every single line of every single app they run?) to slip in a WiFi transaction or two with NEFARIOUS purposes in amongst the hundreds of other "legit" packets?
So, the "very fine grained" permission really ISN'T "fine grained" at all. Nor is it effective, unless you BOTH read every single line of every single app BEFORE you install it, and ALSO compile that app from scratch. Afterall, there is NO guarantee that a pre-compiled binary contains the same code as the "source" files.
Android's permission model isn't perfect and could use some clarification and simplification, but it's much better than the other mainstream desktop OSes or phone OSes.
Sez you. Prove it.
FUD or not, I see Apple using this as an ipso facto defence of their walled-garden app store model.
As well they should.
This question always reminds me of an adage from one of our wisest founding fathers here, state-side of the pond, Ben Franklin(paraphrased; exact quote is unknown): "Those who would trade their freedom for security deserve neither."
Ben Franklin never had to read a EULA that was longer than the U.S. Constitution and more legally obsfucated than a Credit Card agreement, nor try to audit someone else's uncommented application code. He might have had a different quote for that occasion...
No-one can really expect total control over all aspects of a device that operates on someone else's network,
As much as I agree with Apple's App Store process, I have to wonder if your statement extends to YOUR personal computer, which, every time you connect to the internet, is a "device that operates on someone else's network".
So, you think that no one can really expect total control over their personal computer, right?
And any time anything is said about Android, Apple fanboi's will latch onto and exaggerate it so that their precious Apple looks better.
Name one instance of Apple reaching onto mass iPhones and deleting an app.
Well?
For one, this really has no bearing on the Android OS.
Sure it does. It is their APIs that allow this level of intrusive control. I am not sure that iOS4 does allow the remote nuking of a particular app, and in any event, Apple sure hasn't done it in the over 3 years of iPhone OSes.
For one, this really has no bearing on the Android OS. Why are you saying that this "proves" that Android is controlled or restricted?
See above.
You are probably used to using the iPhone where Apple has COMPLETE CONTROL over which applications you can install (unless you jailbreak, but that might actually be illegal by the DMCA).
Strawman alert: I MIGHT have brought my arrowhead collection. But I DIDN'T (apologies to George Carlin, R.I.P.).
With an Android phone, you can install whatever applications you want. Google can't stop you.
No, but they sure can be Indian-givers (sorry for the racial slur)!
Apple is controlled and restrictive in general.
Yeah, like the many, many standards and software packages they have created, not the least of which is the core of OS X itself, and then turned over to the Open Source community. Right.
would personally never buy an iPhone because I like to have freedom to do what I want with my hardware.
You do. Start writing...
That is why the iPhone is so popular.
No, it is so popular because it was the first phone not to suck absolute ASS, and now because it has about 10 times the apps of the nearest competitor.
But, the people who like having control of their hardware are very vocal in their reasons.
Vocal, yes. Sensical, not so much.
So, they generally use Android instead (because you actually do have all of the control you want.
Apparently not... Who had control over the deletion process? The user? Or Google?
If you want any further control, you can always dive into the source and change it yourself).
Assuming, of course, that the particular app is OSS. Many Android apps are apparently NOT Open Source. So, now what? How are THOSE apps "audited"?
But, when you try to say that Apple is just as open as Android you prove that you are just arguing from emotions and not from facts.
And, conversely, when you try to say that Google deleting apps from a USER's phone is ok, but Apple's app approval process is somehow too controlling, you are not arguing from a factual basis, either.
It makes your whole argument sound kinda foolish.
Yes, come to think of it, you do sound kinda foolish. Why am I even arguing with you?
There is with this at all.
What the hell is that sentence supposed to mean?
The hell that is to mean.
What does that have to do with socialism? It's a capitalist dream. Socialism is about protecting people against corporate domination.