Slashdot Mirror
Sundar Pichai: Android Designed For Openness; Security a Lower Priority
An anonymous reader writes "Earlier this week, Google Android chief Sundar Pichai spoke at the Mobile World Congress where he explained, rather bluntly, that Android is designed to be open more so than it's designed to be safe. He also added that if he were a hacker today, he too would focus most of his efforts on Android on account of its marketshare position." Related: wiredmikey writes "Boeing is launching 'Boeing Black phone,' a self-destructing Android-based smartphone that the company says has no serviceable parts, and any attempted servicing or replacing of parts would destroy the product. 'Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,' the company explained. ... The device should not be confused with the new encrypted Blackphone, developed by the U.S. secure communications firm Silent Circle with Spanish manufacturer Geeksphone."
If there's a way to put it together, there's a way to take it apart. Also, it kind of sucks to have your data wiped if your phone takes a major spill and thinks you're trying to break it open.
Blackberry prioritized security over extensibility. Where did that get them?
I thought that the HTC One already had that market cornered.
Seriously, this is the kind of phone that should be in our troops hands. Basically, we need secured systems that are also weather and water proof. And if Boeing builds it with western chips, then it should be fully secured.
I prefer the "u" in honour as it seems to be missing these days.
I spent a few moments RTFA and TFS distorts it badly. What he is actually saying is that unless you lock the OS down like iOS is you will never get that level of security. In other words any open system that allows the owner to run the software they want to run can never be as secure as one that only runs software Apple wants to run.
So, take your pick, run only Apple approved code (which as we saw recently isn't immune to malware anyway) or actually own your device and take some responsibility for it. Almost all malware for Android relies on the user being an idiot, and that is what this guy is saying. With power comes responsibility and all that.
Also, you wouldn't expect that an OS with say 85% of the market would only get 85% of the malware. People gravitate towards the most popular systems, and you also have to consider that Android is much bigger in countries like China and India where they don't seem to have had as long as westerners to become get savvy to torjans or excessive permission requests. Many Chinese carriers put their own app stores on their devices too, and then fail to properly police them, and of course (trojan) pirate software is widespread.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
For the small percent who does root their phone it isn't a huge concern, but considering the most popular firmware claims around 10 million installs compared to the 1 billion total Android devices there are a ton of people left in the dark. Most of the people I know who use Android devices get the free phone, the 1 phone, or get the stupid Casio "rugged" phone. All of those options are going to leave them in the dark on updates.
I spend quite a bit more for my devices than $100, but that's because I hate being locked to a carrier or paying the big four carriers' fees. Paying more for my device and having a sub-$30 bill compared to the $79+ bill I'd have for a smartphone on Verizon is a no brainer to me. Even buying the ultra bestest Samsung phone at $700 outright buyout isn't a big deal when I'll save that much in half the two year contract time.
I'm still okay with recommending Android to non-technical users, given that most of them manage just fine on Macs and PCs that face the same primary vector for attack (i.e. the user downloading and installing a trojan).
That said, yeah, Android is really getting a disproportionate share of the malware. More recent reports peg it at 99% of all mobile malware, and Pichai is trying to brush that away as a simple factor of market share, which is rather short-sighted. iOS currently sits around a 16% market share (and falling, due to Android outpacing iOS' rate of growth), which should be more than enough to attract malware. Especially so when you consider that iOS still attracts a comparable (some would argue better) amount of third-party support from developers making apps, as well as the fact that we still get reports like these (tl;dr: this last Christmas season, iOS users accounted for 5x more online purchases than Android users and spent roughly 2x as much on each purcase), making them potentially much more lucrative targets to developers of adware and malware.
Yet, despite all of that, iOS malware rates aren't even being registered on any of the mobile malware reports I can find from the last quarter. I recall them being at something like 0.07% the quarter before that, with Blackberry even registering more malware than them.
The summary provided some related news, but isn't the fact that Apple just published a white paper about the security of iOS a bit more relevant to comments from Android's chief about its security than what the summary provided?
For example, consider the contrast in how the two companies approach the topic of security:
Google's Android chief: "We can not guarantee that Android is designed to be safe, the format was designed to give more freedom."
Apple's white paper: "Apple designed the iOS platform with security at its core. [...] The tight integration of hardware and software on iOS devices ensures that each component of the system is trusted, and validates the system as a whole."
The two approaches are practically polar opposites of each other, which I find horribly fascinating. As with pretty much everything, there are tradeoffs to either side. Android enjoys a load of benefits from being more open, and Apple enjoys a load of benefits from being more closed. Pick which works best for you and appreciate the differences.
To be fair, there are issues with Android that don't have anything to do with signed code. On iOS, you can deny individual permissions (at the time they're actually exercised!) and still run an app (and modify those permissions post-install), whereas on Android it's an all or nothing sort of thing. That's more "open" but it's less "secure", and it doesn't really anything to do with app stores or code signing.
Blackberry prioritized security over extensibility.
They had a built in man in the middle attack. I would argue they NEVER prioritized security, just presented a strong illusion of it.
It would be more accurate to say, Blackberry prioritized email above everything. And look where that got them... but it is not true of the iPhone or Android.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
People use those same devices when proclaiming how huge market share is - which means people still buy them. So they should be included in discussions on security.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The link you posted is a side-loading exploit, albeit one that begins with instructions when you click on an ad. You have to download the app and then sideload it.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Access to my contact list in exchange for information on astronomy?!
That's why Android has a system-wide Back button. If you disagree with the permissions that an application requests, tap Back instead of Install, and take it up with the application's publisher.
Since when was security mutually exclusive with openness?
It's pretty obvious that Google has refused to give users the optional security permissions that they would like to have control of.
It's daft that you have to root your phone in order to be able to increase the security.
And just because Apple have (A) good security and (B) a crazy degree of control freakery, doesn't mean that everyone else with good security needs to be a control freak too which is some in these threads are insinuating.
Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
There are no "many eyes" on Android The most important parts, the drivers, are closed source binary blobs in most cases. It is ungodly easy to hide crap inside those blobs.
The key is to differentiate between Android and AOSP, there are many eyes on AOSP but devices don't actually ship with AOSP, as you say they ship with many binary blobs that are platform services, UI layer, stock & 3rd party applications and drivers for all the hardware. The Android Open Source Project is open but (AFAIK) there is no device that runs Android that is open.
... and in the interest of "balance," (again, as I have little firsthand knowledge, it is difficult for me to ascertain how balanced this actually is) here's a rebuttal from an employee at Google:
http://arstechnica.com/information-technology/2014/02/neither-microsoft-nokia-nor-anyone-else-should-fork-android-its-unforkable/?comments=1&post=26199423
(via Reddit)
The developer always has the opportunity to make the activity close itself if you don't grant it the right permissions. (In fact, this is what applications do by default in modded ROMs and in Android 4.3 with App Ops because they don't catch SecurityException.) So again, the beef is between you and the developer. You could always get applications from F-Droid, where all applications are distributed under a free software license. Then you can load an application's source code into Android SDK and compile out the feature that you insist on not using.
No my beef is with Google/Android's weakness at letting users control their apps, I'll keep using my iPhone, thanks. While you look down on iOS users, you feel free to jump through all those wonderful hoops to lick the developer's boots or maybe I'll look down at you instead for simply rolling over and taking what the developers offer instead of taking control of your own device.
Make sure everyone's vote counts: Verified Voting
Here's what Sundar Pichai actually said minus the selective editing from that 'iOnApple' hack at NetworkWorld.
[quote]
Sorry, the premise of the question is because Android is open, it has more security issues? Respectfully, I’m not sure that’s a correct premise of the question. Open platforms historically undergo a lot of scrutiny, but there are a lot of advantages to having an open source platform from a security standpoint. I would argue that it’s the best way for a platform to be secure, because every researcher in the world can inspect it, every developer in the world can inspect it, and I think that contributes a lot to Android security.
Android was built to be very, very secure. The thing that you’re seeing is because Android is an open platform, many people can ship Android in many different ways and so there are some partners when they ship devices, they have an older version of Android. And sure you can have a security vulnerability there, but that doesn’t mean Android isn’t secure. We go to great lengths–the depth of work in Android to make it secure; the depth of work done by Google PlayGoogle Play automatically scans and verifies thousands of applications for malware. We track data on this. It’s state of the art in terms of what we do. What you see across the ecosystempeople will ship good phones and keep them updatedyou will have some phones that will not be updated. That’s where we see issues. Not Android at a fundamental level.
[/quote]
Any app can do that on any device. If you don't want software on a mobile device to have access to the 'net, don't install it. It's not an inherent insecurity to have network access.
(On iOS 7, you can disable access over cellular on a per-app basis to cut down your data usage.)