Slashdot Mirror
Google Has Android Remote App Install Power, Too
Trailrunner7 writes "The remote-wipe capability that Google recently invoked to remove a harmless application from some Android phones isn't the only remote control feature that the company built into its mobile OS. It turns out that Android also includes a feature that enables Google to remotely install apps on users' phones as well. Jon Oberheide, the security researcher who developed the application that Google remotely removed from Android phones, noticed during his research that the Android OS includes a feature called INSTALL_ASSET that allows Google to remotely install applications on users' phones. 'I don't know what design decision they based that on. Maybe they just figured since they had the removal mechanism, it's easy to have the install mechanism too,' Oberheide said in an interview. 'I don't know if they've used it yet.'"
Google has been taken over by Jawas.
So how long until we see someone attempt to exploit this?
Slashdot headline would have been:
"Evil Apple Hides Secret Rootkit Installer on All iPhones"
Foxdie program continues
I'm sure someone could create a honeypot wifi network that forces all Android devices that connect to it to install a particular app. Maybe it'll even teach people to stop wardriving.
What was wrong with Linux?
Curious as to how this applies to custom ROMs and rooted Android devices. More specifically, since this is a known capability now when will we seem ROMs that specifically disable these features?
I'm sure someone could create a honeypot wifi network that forces all Android devices that connect to it to install a particular app.
Not unless they manage to compromise SSL in order to make the phone think it's talking to Google when it really isn't. If someone manages to do that, we have much bigger things to worry about than a malicious phone app.
Visual IRC: Fast. Powerful. Free.
You mean they can remotely install apps over the air just like every other modern phone on every other carrier I've ever seen?
This is a non-story -- OTA install is pretty much required by every carrier out there so they can force you to upgrade your phone.
I think the name is what's most interesting -- INSTALL_ASSET - that has a distinctly govt feel to it. Gotta wonder.
Android developers blog ( http://android-developers.blogspot.com/2010/06/exercising-our-remote-application.html ) only says that they have removal power. But if INSTALL_ASSET is true - it might have something to do with the "Go to a website and send a link to your Android device to open it directly on the Device's browser or Maps App as the case may be" feature that they announced at Google IO(I forgot if / what they called it something). So you send may be a intent to install a new App that you saw on some website and it would install it automatically. This *could* be made to work securely - i.e. requiring your Google Account authentication to be able to send install intents. But if there is a bug somewhere - it could have dire consequences.
Really, this makes a bit more sense than having 234234234324234 OS updates every year. The majority of updates can be done by removing/updating apps, not to mention security patches. Really, some phones already have the latest Android they will ever get, barring rooting. But people will keep using that phone for 4+ years, that is a long time to have a security flaw out there that could steal information. Since the browser is going to be the main attack vector which is an app, it makes sense.
While this could be used to push more carrier crapware, I think updates and upgrades of installed apps are more likely to work for more phones and easier for the average user to use.
In all honesty, would you rather be using an outdated version of a browser with security flaws because your phone doesn't support Android 2.75 Double Chocolate Chunk Cookie or just have your browser update to a more secure version OTA?
Taxation is legalized theft, no more, no less.
...when Slashdot raises a stink about them removing it.
"Oops. Sorry. Here's your keylogger back."
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Calling it INSTALL_ASSET makes it seem so real.
Does anyone remember the android demo at Google IO where they showed the remote install feature from the android market on a desktop browser in froyo? Seriously, just because there is remote install functionality in the OS doesn't mean that it's there for malicious or secret use -- it's most likely part of a user facing feature.
It was Luke who removed the restraining bolt from R2D2.
It is no coincidence that in no known language does the phrase 'As pretty as an Airport' appear.
My "most modern phone", the N900, is not bound to any carrier, and I am quite certain that my carrier does not have the ability or a clue how to install anything on it. I'm root. Not them.
Apple and Android folks: Enjoy being someone else's bitch.
Was this post obnoxious? Yes, in a very nerdy way.
Excuse my ignorance... but why is this a surprise when android is an open source OS? Why has anyone not noticed this in the source code!! Or is only kernel open source and not the other parts?
one day you look at your phone: hey, there's a bing icon
couple of months later: look at that, a skype icon
it's vaguely unsettling, to be reminded of how raped you are in terms of privacy
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I'm a smartphone user, although maybe not a smart one. I have an iPhone 3GS. I'm technically adept, although perhaps not in areas that the Slashdot crowd would consider valid or useful. So, although I programmed flight data acquisition and control systems in assembler running on Z80 hardware in neolithic times, I admit I don't have nearly the fine-grain understanding of current phone OSes that it would appear one needs to evaluate and protect oneself from the (IMHO) vendors' overreaching control imperatives. I don't want my phone OS vendor to be able to install an application without my consent. I don't want my phone OS vendor to be able to remove an application without my consent. I want the mix of applications running on my phone to be up to me, not the vendor. Is that so very unreasonable? More and more, my choices with respect to control over my phone narrow, and the only obvious escape lies in open source systems, which require an investment of time to learn that is prohibitive for me. Honestly, as much as I love new technology, it offers less and less convenience and more and more of a drain on my time to administer. It makes me appreciate the efficiency of, well....you know....just a simple phone? And you can get off my lawn now.
USAF Training Exercize above Navada:
Pilot: Wait just a darn minute ... these Coord are for Mountain View, California!
Nav Ofc: Yes Sir. Mountain View, California. Afarmitive. Just a Sec ... looks to be the Google, Inc. Offices located in Mountain View, California. That's a Confirm, Sir.
Pilot: Shoot! Looks like those Ruskies have done a "End Around" on our Left Flank. Dang, I truly hate Shit like this! But, it is not our moment to judge or question or orders, but to do and diliver Hell on the Enemy!
Pilot: Ordinence Ofc, bring online bays 2 and 4, make it snappy we don't have much time!
Ordinence Ofc: Rodger that. Bays 2 and 4 are online and answering.
Pilot: Ordinence Ofc. commence prelim arming ordinence Joker and Queen, over.
Ordinence Ofc: Rodger that. Joker and Queen have Prelim Arming.
Pilor: Comm Ofc, are we recorded? Over.
Comm Ofc: Rodger that. All Comm links are being recorded for future review.
Pilot: Rodger that. As Pilot, I'm inserting my command key, ... truning, ... unlock of firing mechanism acknowledged by the SRB 171, now keying in firing code, ... SRB 171 acknowledges firing code, ... Ordinences Joker and Queen are acknowledged ... lock-on sequence acknowledged, ... lock-on sequence commencined!.
Pilor: Nav Ofc, bring us round on heading 266 TANGO, repeat, 266 TANGO, over.
Nav Ofc: Rodger that. Heading set to 266 TANGO, repeat, heading set to 266 TANGO.
Pilot: Ordinence Ofc set prelim ignition at 5000 ft, repeat, set prelim ignition at 5000 ft.
Ordinence Ofc: Rodger that ... Prelim ignition set at 5000 ft, repeat, Prelim ignition set at 5000 ft.
Pilor: Ordinence Ofc set primary ignition at 2000 ft, repeat, set primary ignition at 2000 ft.
Ordinence Ofc: Rodger that ... Primary ignition set at 2000 ft, repeat, primary ignition set at 2000 ft.
Nav Ofc: TARGET IN SIGHT ... TARGET IN SIGHT ... 30 SECONDS TO DROP ... REPEAT ... 30 SECONDS TO DROP.
Pilot: Ordinence Ofc arm Joker and Queen.
Ordinence Ofc: Joker and Queen armed, repeat, Joker and Queen armed.
Pilot: Mantinence Ofc open bomb-bay doors.
Mantinence Ofc: Rodger that, Bomb-bay doors open, repeat, bomb-bay doors open.
Comm Ofc: Sir, EMC transmission incoming, repeat, EMC transmission incomming. Request ot decode, repeat, request to decoy.
Pilot: Request to decode affarmative.
Comm Ofc: Sir, the EMC is from the Executive Office of the President ... It reads ... Burn'em all.
Pilot: YYYYYEEEEEEHHHHHHAAAAAA!!!!!!!!!!!!!!!!! Payback boys! Those hippies are goin'n to be running in the streets burn'n from head to tail just as this party starts.
Nav Ofc: 10 Second to drop, repeat, 10 seconds to drop, on, MARK.
Pilot: 9 ... 8 .... 7 ... 6 ... 5 .... 4 .... 3 .... 2 .... 1 ..... 0 [CLICK].
Pilot: TURNING TO HEADING 345 SHARP ... THRUSTING TO 105 PERCENT ... NOSE DOWN 2 PERCENT ... HERE SHE CUMS BOYS ... WE'RE SURF'N A THERMONUCLEAR SHOCKWAVE NOW.
Is it possible that remote installation/removal could be a government mandate?
Because Android is still less evil and invasive than iOS.
I'm not trying to troll, but really. if you compare the the two platforms one is mostly open and one is glued shut.
“Common sense is not so common.” — Voltaire
I know of several countries that will be interested in this.
And I'm already halfway through the security around that code.
This is a cakewalk compared to cracking the PS3 hypervisor.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
If you didn't, or this wasn't in them, well... I'd be incredibly surprised.
It is what a blackhat would be able to do if they were able to find Google's private key.
How is this different from automatic updates? Is it initiated by the phone (pull), or by a remote entity (push)? Is it usable by 3rd parties?
2.75 is not Double Chocolate Chunk Cookie. It is Maple Bar
2.80 is Jelly Donut
3.0 is Insulin Shots
It is scary that Google doen't provide an opt out option in the Market app. But there is a way out, at least if the Cyanogen mod is available for your phone: Install the Cyanogen mod without the proprietary Google bits (incudes Market app, Gmail app, text-to-speech etc). I just checked it. The vending apk that is responsible for the OTA removal/install functionality (according to http://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/) is not running on my N1. I get along pretty well without the Market. You can install your apps directly from some download site or you can install apktor which allows you to access public repositories.
Here is a quick thought on this one. Say you are some big drug pusher and you get a "clean" phone from retail. The US government is sure going to be interested in the contents (stuff they can't get by going to your telco). How can they get all the info? Install a silent trojan. Who can do that, Google of course.
It could be quite interesting to do a FOI to see how many times it has been done (Because I am pretty sure it will have been done by now)
http://www.writeitfor.us - Writing IT for the IT generation.
Hmmm. This sounds more like something M$ or Apple (or especially SONY) would do.
Suppose you were an idiot. And suppose you were a member of congress. But then I repeat myself. -- Mark Twain
Exactly, and he did so first!
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
This is how Google will insert the HYPNOTOAD onto your android phone... ALL GLORY TO THE HYPNOTOAD!...
It's funny how Android owners see the platform as an antidote to Apple's restrictive App Store and other restrictions. Google are just as crazy and dubious as Apple at times.
One can only hope HP manage to do something with Palm. Although the biggest obstacle to that is the fact it will only be on HPs hardware. Lets face it they've not released a good smartphone or PDA in a while.
If someone installs something on my phone at $2/MB I demand they pay for the bandwidth they use!
I did not choose to install the software while on 3G or whatever so why should I be billed for it?
Meanwhile my Android phone just had its first over-the-air system upgrade, losing some of my settings and clearing my entire 7-screen desktop.
Rather than Google worrying about remote app installs and remote app removals, what would be great is if basic things like minor system updates didn't practically reset the damn phone to factory defaults.
My good lady had a similar problem with her iPhone system update a few days ago -- it deleted all of her contacts.
Pretty rubbish technology we're dealing with here :-(
Let me get this straight:
The Evil Empire
Allows me to force them to ask to install updates.
The No Harm Guys
Know better than the world and exercise their paternal rights.
What's need is some guy running down the isle with a sledgehammer!
Google has demonstrated that, beyond Froyo, they will add the ability to browse the Android Market and have your phone to install a given app right from the Market by triggering an intent via push message.
How is it shocking that this intent exists prior to the functionality being fully implemented?
At about 31 minutes in: http://www.youtube.com/watch?v=IY3U2GXhz44&feature=channel
No wonder 3PO was such a wuss - they took away his bold!
Considering that property ownership means "lease until you stop paying property taxes to the City/State/Feds" or "eminent domain" Kelo v. City of New London ...
And if you "own an OEM license for an operating system" that is "non transferrable to another machine" ...
It's not surprising that the "phone you buy and own" is actually controlled by the Manufacturer and can be modified by them over the air at their discretion:
Pertinent examples:
Syrian Radar: http://spectrum.ieee.org/semiconductors/design/the-hunt-for-the-kill-switch/0
Kindle's Orwellian book deletion: http://www.nytimes.com/2009/07/18/technology/companies/18amazon.html
iPhone
This fits the "subscription model" that anti-virus, browser, and now operating systems all use to ensure steady cash-flow and hopefully phase out that frustrating "buy it once" legacy mentality that is also symptomatic of people who don't use credit cards.
I strongly suggest periodically researching alternatives to large corporations that ignore your rights or sense of ownership - i.e. try a different browser (firefox/opera?), a different search engine (hakia.com) , and hopefully somebody will fork Android like Centos does a wonderful job for Red Hat (and then post it on Sourceforge / slashdot).
What about removing malware from the Android Market?
I cast "root device" then "alter /etc/hosts".
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I can't see how this would be an unsolvable issue for anyone here. I started with a G1 and now have a Nexus One. I rooted the G1 and installed Cyanogen's Rom which completely removed the big G's ability to update my phone in any way. It's even more trivial to do that to the Nexus One than it was the G1. While most people won't install a custom rom on their phones, at least for the anointed Google phones the process isn't hard and nicely takes care of at least a few privacy concerns should you have them. T-Mobile doesn't care if an owner does this and neither does Google. YMMV on other carriers. On the flip side, while I care about privacy I have to admit that the location service offered by giving up a little privacy are very useful to me. A cab driver has to be able to know both where you are and where you want to go in order to provide service and location services are a lot like that. Turn them off when you don't need them.
load "$",8,1
Eeeek!!!!!
to stick with a basic phone. No installs, no web, nothing but phone
Mod me up/Mod me down: I wont frown as I've no crown
This is nothing new. The Blackberrys have the push feature for both service books as well as applications. It may be referred to as an "update", but there's been times where, on a restart or even without, a new "application" appears on my home screen
Don't most rooted phones not have this sort of worry? I could have sworn that most of them disabled at least the OTA update capabilities so that rooted phones didn't get suddenly un-rooted or updated with things that conflict with your own changes.
Of course they have these abilities. That should go without saying.
---- Booth was a patriot ----
I always knew C3PO was a lion somewhere deep inside of him...
chumps
I recently discovered something called a "Turbo SIM" located here: http://www.bladox.com/index.php?lang=en It is essentially a tiny microcontroller that sits between your mobile handset and your SIM card(sandwiched). The GSM standard allows network operator approved apps. to run from within the SIM. It is called "SIM toolkit" or STK. Only big business (banks etc) seem to run apps in this STK mode. The TurboSIM makes your handset think your own apps are on the SIM. The programmability of this gadget is cool as the GSM standard says that when the legit SIM is booted up it queries the hardware to find out what its capabilities are and a string of bits are returned from the handset to the SIM. One of these bits indicates whether or not the hardware is capable of OTA updates. Capturing this data and spoofing it would be trivial it would seem and is being done for other reasons (look at the forums). Something to think about.
If it bothers you, comment it out.
Maybe this is for corporate customers who want to push corporate apps out to all their devices.
No, we're obviously not reading the same slashdot. Negative Apple press on slashdot is overwhelmingly troll and fud-like, often with wilful ignorance and ludicrous non-sequiturs - much like Google's negative press.
you're a funny one
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
its been in (nearly all) other OS's for years.
to code or not to code, that is the question.
On the Energy Savings Widget is an option to switch off background network operations. You did not click that off there when you left your homes Wifi range? Then odiously you have agreed to have software installed over 3G!
Yes, I too would prefer a background network operation over WiFi only option.
Am I the only person on Slashdot that thinks that features like this are there for a good reason? Remember how Google announced (at Google I/O 2010) that they were going to allow users to browse the market and install apps directly from a PC, without needing the device connected? Well, how do you all propose that this works without Google being able to install apps on your behalf? A confirmation message on the phone every time you attempt to remotely install an app would be a pain IMO, and render this feature useless. This article just promotes FUD, and isn't really news. Maybe if it was posted before Google announced the feature at I/O 2010, then we should get worried.