back to article Google can kill or install apps on citizen Androids

Google has the power to not only remove applications from users' Android phones, but remotely install them as well. Last week, Google told the world it had exercised its Android "Remote Application Removal Feature," reaching out over the airwaves and lifting two applications from citizen handsets, and as pointed out by the man …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Down

    D.B.E.

    "Google has the power to not only remove applications from users' Android phones, but remotely install them as well."

    Well......fuck that then.

    1. Anonymous John

      So?

      Android phones are supplied with loads of apps. Does it really matter if they can install others remotely? As long as they are free, that is.

      1. Anonymous Coward
        Big Brother

        RE: So?

        Yes, but obviously not to you. Do you use Apple products by any chance?

        1. Anonymous John

          No.

          I've got an HTC Desire. Which came with a load of Apps that don't interest me. I can see no practical difference between unwanted pre-installed apps and unwanted downloaded apps.

          Especially when Google isn't doing it.

          1. Anonymous Coward
            Anonymous Coward

            RE: No

            o_0

            Erm, I don't think your comment makes any sense within the context of this article.

      2. Anonymous Coward
        Anonymous Coward

        Freedom!

        Is this really too much to ask?

        That's what this is about. Not which Apps you can and can't access, but the apps they install for you. I am an open source user; but Nokia in their wisdom went and installed a small office application that can't read ODF and also can't be removed. Also, a game that I can't remove. Nice of them to waste my precious system memory for me, especially as the X6 doesn't have removable memory.

        I was looking at Android tablets and also my next handset was going to be Android as well. I've just started reading on programming Android. Not any more I'm not.

        1. captain veg

          Re: Freedom!

          You'll be wanting an N900 then. As much open sourcery as you can eat, and a physical keyboard too. You need it, for the command line shell.

          -A.

        2. Doshu

          Before i pack my bags...

          ... i'll wait and see if some enterprising programmer can't figure out a way to block google's interventions without actually crippling app installations in general.

      3. Pablo
        Big Brother

        RE: So?

        So... who wants a free copy of BuzzMobile?

  2. Anonymous Coward
    FAIL

    Anyone want to point out..

    That Apple also have this ability.....

    1. DZ-Jay

      Really?

      And where did you get this information from? I'm not saying they do not have the ability, I'm just curious to know where it is documented, for I haven't seen anything about it.

      -dZ.

    2. Anonymous Coward
      FAIL

      WTF has this got to do with Apple?

      This is Google's misdemeanour , not Apple. Yes, Apple have a smartphone on the market too, so what! So does everyone else and their neighbour! Fanboi. The only failure here is yours. Even Cade Metz managed not to mention Apple!

  3. Anonymous Coward
    Anonymous Coward

    Surely the author has it wrong.

    Surely the fact that they can remotely install apps without authorisation has to be a lot more disturbing then their abililty to remove them wihtouth authorisation. Don't forget that this is a company which is proving itself to be highly untrustworthy. A fact that, thankfully, more people are, albeit slowly, waking up to.

    1. Anonymous Coward
      Anonymous Coward

      RE: Surely the author has it wrong

      Did someone not read page 2? :)

  4. Mr Brush
    Big Brother

    Meh...

    I would expect an admin backdoor like this in any networkable product.

    I'm sure people would be equally up in arms if something nasty crept into the Android market and Google didn't have the capacity to do something about it.

  5. Anonymous Coward
    IT Angle

    Let's see

    A big software vendor introduces something that end users have no control over, it phones home automagically, it can add software or remove software at its own pleasure, and is vulnerable to impersonation or man in the middle attacks.

    That's Windows Update, isn't it?

    Not saying that what Google are doing isn't evil, but where's the equivalent fuss for the MS equivalent technique?

    Just askin', like.

    1. John Sturdy
      Gates Horns

      MS are less hypocritical

      MS don't have a "don't be evil" motto. So there's less to make a fuss about.

    2. matt 115

      RE: Let's see...

      Dont think its proved to be vulnerable to impersonation or man in the middle

    3. The Original Steve
      Grenade

      There's a difference

      When I buy a computer from an OEM I'm ASKED what I want Windows Updates to do. I can disable it completely with one click - it's one of the first things you are asked when you "setup" Windows as a new user.

      So I'm told about, can chose to enabled or disable it or I can be selective and say tell me, but I'll manually review the updates and install the ones I want at my leisure.

      That is NOT what Google are doing. This has been 'discovered' by a researcher that they can install stuff remotely, you can't disable it as far as I know and it's completely out of your control.

    4. NogginTheNog

      Not default

      Windows Update doesn't default to automatically updating your box, you have to explicitly agree to it (though yes it does twist your arm a bit about it), so at least you're aware of what will happen.

      If there's an issue with WU it's how they're forever pushing guff at you like Silverlight et al...

      1. OffBeatMammal

        Apple Updater

        IMO the Apple Updater is worse... I have Safari on my machine for browser compat testing because apparently some folks use it on Windows and it doesn't always behave the same as it does on the Mac.... but once every couple of weeks I get an agressive little pop-up trying to get me to install iTunes, Quicktime etc as well ... and if I want to keep the Safari auto-updater I don't seem to have a way to kill these "helpful reminders"

        At least with Windows/Microsoft Update there's a very simple option to leave it enabled but select and hide apps I don't want updated

      2. Pawel 1
        FAIL

        Re:Windows Update

        You Sir should read the small print more carefully - Microsoft states that Windows Update can update *itself* at any time, without asking you for consent.

        Shall I just remind you that it has a lot of privileges on a windows system?

    5. Thomas Bottrill

      RE: Let's see

      Windows Update must be explicitly enabled (it asks you during setup) and can be disabled at any time.

      I'm not sure if this can be disabled.

  6. Anonymous Coward
    Anonymous Coward

    Evil

    When thinking about issues like this it is always best to remember that Google's "do no evil" mantra only holds for certain values of "evil". Those values being the ones that Google have defined. If your definition of evil differs from that of Google then you probably shouldn't own a device over which Google has so much control.

    1. nichomach
      Thumb Up

      Not un-akin...

      ...to definitions of torture recently espoused by certain governments;

      "We do not torture people"

      "Define torture"

      "Anything we don't wish to do"

      "So by that definition anything you do do can never be classified torture"

  7. Pascal Monett Silver badge

    Not acceptable

    I don't care what the excuse is - nobody installs or removes anything on anything I have without my express permission.

    I have no need to be nannied. If I install some objectionable material on my hardware, it is my responsibility. If I goof and install something harmful to my hardware or my privacy, well too bad for me and I've learned something new. I will certainly not accept anyone deciding for me what needs to be removed. Of course, the consequence is that nobody will remove for me a trojan app that I, as well as others, installed because of some advertised function that I found useful. The normal way to do things in that case is that I get a mail or some sort of notification telling me what the issue is with that app and how to deal with it. I will decide what to do with it.

    On the other hand, there is simply no excuse for remote unauthorized install. That is just about as Big Brother and disrespectful of my rights as it gets.

    But of course, I'm harping about a long-lost notion : the consumer has rights. Seems that that is sooo last century.

    1. Ian McNee
      Stop

      And it gets worse...

      I have an Android phone - love it, best mobile device I've ever had by a long way, but it's association with Google leaves a bitter taste in the mouth that just seems to be getting worse and worse.

      Aside from the meaningless "do no evil" mantra that Google spouts they do say something very meaningful about Android: that it is Open Source (eventually at least). Part of that meaning to me is that the development and functionality of the OS is accountable to the user/developer community.

      Thus as I have a handset made by Motorola running an Open Source OS connecting to Orange's mobile network. What part of that package allows Google to determine what software I will or will not run on my device that I have paid for?

      Jon Oberheide is right to point out the pontential security issues with this but at least as important is the question of Google overstepping the mark again in seeking to snoop/control on-line activity. I'm no fan of M$ and Apple but at least they don't try to use Open Source as a fig leaf for their monopolistic activities.

    2. Lou Gosselin

      Re: Not acceptable

      Agree entirely.

      This is a major conflict of interest, think of the espionage possibilities.

      It wouldn't be bad if google's remote update mechanism 1) was optional, and 2) explicitly prompted the user, however that is was hidden shows just how untrustworthy google is.

      This is no different from what apple do, but then apple don't operating under the pretense of selling open devices, people (should) know that apple controls their device.

      "But of course, I'm harping about a long-lost notion : the consumer has rights. Seems that that is sooo last century."

      The PC era was so fantastic for consumers because of open platforms which spurred innovation and competition. I worry very much that the future of computing could be closed and proprietary, and only a few corporations holding the keys to all apps and data.

      1. Anonymous Coward
        Anonymous Coward

        Just a perverse and obscure thought...

        What if this was a EU based company trying the same sort of trick in the USA?

        Would/could it be allowed?

  8. Anonymous Coward
    Anonymous Coward

    I wonder

    How deep in the T&C the remove and install "features" are buried?

    1. Mike Bell

      @AC 11:03 - How Deep?

      "How deep in the T&C the remove and install 'features' are buried?"

      The Removal scenario is stated clearly near the beginning of the Android Market Terms of Use (http://www.google.com/mobile/android/market-tos.html, section 2.4)

      Someone else can hunt down the terms for Android use in general, including application installation and update. But I rather doubt you'll find Google's lawyers have slipped up in this regard. In particular for the scenario that's been highlighted, which would rely on a hacker exploiting an unpatched vulnerability.

  9. Sentient
    Paris Hilton

    Question

    How comes that he has to reverse engineer the behaviour if android is open source? Can't he just download the source and see what it does?

    I fear I am missing something obvious here.

    1. The Original Steve

      Because...

      Whilst the Android OS is open, not the whole stack is. (Unless I'm mistaken).

      Google apps and features are not open source AFAIK - which would include the marketplace.

  10. James Robertson 2

    apple haters google lovers

    perhaps all the people that love (apple/google) or hate (apple/google) will now realise that every company is in it to

    a make money, and

    b protect their money making hardware/software

    1. matt 115

      RE: apple haters google lovers

      c, protect their users

      ; P

      1. jackharbringer

        RE: RE: apple haters google lovers

        >c, protect their users

        Now that's just crazy talk!

      2. Anonymous Coward
        Anonymous Coward

        Title?

        Only if c is required by a and/or b.

  11. Daf L

    Remote Install

    Every App you have installed on an Android phone from the Market is remotely installed - that is how it works. You select an app and the channel opens up with a command to your phone to install it. It then gives you the permissions the app requires and then you can choose to go ahead with the installation.

    The Froyo build goes even further - you can just select an app on the Marketplace website and it will get installed on your phone using similar technology. This was one of the big wow factors at Google IO and helps you work with your PC or Phone but through (cough) "The Cloud", rather than have to connect your phone to your PC itself.

    If you don't want your phone to do this, or have any links to Google, then don't put a gmail address in when you first install the phone.

  12. quirkius
    Thumb Down

    Does not apply to all Driod phones

    Surely these feature were invoked by Google where they are the service provider, and would not apply to all Driod phones world-wide?

  13. Tim Schomer

    Or alternatively

    ... just turn off the data network when you're not using it. I do and it also saves a load of battery (as well as mildly upsetting some apps that want permanent net connection)

  14. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      Except that...

      he was using it to demonstrate how to get a rootkit onto the phone. Once the rootkit was running it would be able to block the uninstall but make it appear to have worked.

      1. This post has been deleted by its author

        1. Captain Thyratron

          ö

          How?

  15. Anonymous Coward
    FAIL

    Remote Install....

    >It's unclear whether Google's "kill switch" can remove applications that were not download through the Android Market.

    Its very clear - they can't. All apps through market are 'remote installed' and remote deleting is a feature of iPhone, Kindle, WinMo7 etc.

  16. Mickey Porkpies
    Thumb Down

    oh well no Android for me

    Just the right to install what I want on the phone I bought with MY money!

    what a safe and sterile world we would have if these corporate nob-odies got their way

    1. Anonymous Coward
      Anonymous Coward

      RE: oh well no Android for me

      So what phone are you going to get instead?

  17. nichomach
    FAIL

    "We still say the kill switch is more unsettling"

    You say wrong; given that possession offences are strict liability offences, suppose a phone were to have illegal content of whatever form downloaded to it or an app to acquire such content? What about an eavesdropping application that Google have agreed to provide to, for instance, a government in whose jurisdiction you live? Their definition of evil has proven sufficiently malleable to allow such adaptation to local concerns before now.

  18. Aquilus
    FAIL

    Stop making it easy for them...

    Covertly installing applications without the user's permission on their phones? Well I'm sure that won't interest the security services at all. I'm sure there absolutely definitely won't be a flood of sealed court orders winging their way to Google HQ, identifying certain phones of interest, will there...

  19. USA IT, where it all started

    Awww, did they un-install the Hacker's root kit? No sympathy from me.

    In today's world, hackers and system attacks are inevitable. It would be irresponsible to not have a method to deal with them. Google's chosen method is this removal tool – and a corresponding tool that can patch the systems remotely or install other critical components. This method was effective, and demonstrates that Google can eliminate threats.

    Keep in mind, this was a threat. It wasn't a case where someone wrote an app that competed with a Google app, and it was removed to limit competition (ala iPhone). This was a hacker who used social engineering tricks (standard hacker MO) to install a root kit on users phones. The app represented a danger to the consumers, and rightfully should have been removed.

    Frankly, I am sick of these “white hat” hackers doing evil things just to prove how easy it is to do evil things. The excuse that it was for “good” or “demonstration” purposes does not excuse it in my mind. Imagine using that defense in a murder trial: “Your Honor, I only shot her in the face to show how easy it is to shoot a person in the face! You should thank me for revealing that vulnerability.”

    1. Lou Gosselin

      Re: Awww, did they un-install the Hacker's root kit?

      That's all well and good, but at the very least google's control over the phone should be authorized by the user.

      Any updates should prompt the user each time unless the user has a configured a preference to auto install google updates.

      The way it's been described implies that google have remote access without any user authorization. Why should google or any other manufacturer keep a back door on my computing device holding my data and apps?

    2. Ian McNee
      Flame

      And for that matter, Mr "USA IT, where it *DIDN'T* all start"...

      ...check out Babbage, Lovelace, Whitehead & Russell, Gödel, Turing...and a host of other non-American mathematicians, scientists and engineers who were laying the foundations of computing while IBM were still making typewriters.

      And you didn't capture the bloody Enigma Machine either! Even Wikipedia is slightly more accurate than the Yank/Hollywood version of history.

      1. USA IT, where it all started

        Focus, Please.

        Oh dear Lord! You're down voting because of my handle? I am well aware that the foundations for computers were laid by many, and not just in the US. But IT? Well, when computers started being built for business instead of government, they were built in the US – therefore, the first mainstream IT jobs were here too.

        Meanwhile, I don't really see why my post got so many downvotes. Was it my name? England loosing to Germany (hey, we lost too)? Or perhaps I offended the Apple people or “white hat” hackers.

        At least Mr. Gosselin voiced a valid complaint. His response expressed anger that Google fixed the problem without asking the customers. I understand this POV, but I still sympathize with Google. Look at Microsoft and IE 6. They've done everything they can to tell people to stop using it, and to upgrade to a new browser – and still people continue to use it. If we apply the analogy of immunizations, these “hold outs” prevent the group from achieving herd immunity. By their vulnerability, they become a vector for attacks and endanger the larger community. Google has a solution that doesn't require effort on behalf of the (often lazy or uninformed) end user. They can close an attack vector when they find it.

        I'm not sure there is a “perfect” solution that will please everyone – but, to me, this isn't a bad solution. Now, if they start deleting things to stifle competition, or to respond to some take down notice (ala “1984” on the Kindle) then I would have a serious problem. But removing a root-kit from people who fell for a hacker's social engineering attack (“twilight” indeed) – well, I find it hard to be outraged.

        1. Dave Hart
          Unhappy

          @ Focus, Please.

          I'm thinking it was more for your ridiculous analogy of shooting someone in the face which destroyed whatever point you were making leading to the 'down-voting (like it even matters).

          Of course, the presumption that your choice of username was the reason for down-voting (along with said username to be honest) betrays all confidence in you having anything useful to contribute to the debate.

          On topic - The ability to remotely control a device which I own it without my approval is out of order. I do recognise the usefulness of the service though for the reasons touted in discussion. It should really be an optional service though - I would be happy to suggest to some users, (especially those who watch Twilight :p) that their phone is managed for them, but feel I could be trusted myself to manage a phone, and deal with the consequences if I don't.

          1. USA IT, where it all started
            Coat

            Humor transplant -Stat!!

            I would have thought that at the Reg, where we routinely discuss renegade pay toilets as evidence of the ROTM, that you would recognize snarky humor when you read it. Still, despite your distaste for the analogy, I stand by the sentiment – I don't appreciate people doing evil things to show how easy it is to do evil things.

            As for “the presumption that your choice of username was the reason for down-voting” - did you read the post I was responding too? It was solely him expressing his distaste for my choice of username. Perhaps I am mistaken – perhaps he just took the time to respond without down-voting – but I doubt it.

            Now, on to the topic – I believe that you don't need your hand held. In fact, I am positive that this incident affected no one reading this site – because we all are competent enough to manage our own devices.

            But the fact remains, there are plenty of people who aren't. And when their devices become compromised, it can affect the network – which we don't own. I don't blame Google (or even Apple, for that matter) for policing and removing maleware when it's found. Ultimately, the success or failure of their product will hinge on how well it works. If their network's performance is being hurt because of the proliferation and complacency towards maleware, then it hurts their product (and all of the other users of that product). To me, the ability to remote remove/install apps to devices isn't inherently bad. It's how that tool is used. So far, it's been used to clean up a root kit that affected (gullible) users. I have no problem with that. If it starts getting used in less justifiable ways, then I will most definitely have a problem with it.

            1. Captain Thyratron

              Here's your shovel.

              Keep on diggin'.

        2. Chad H.
          WTF?

          The reason

          The reason why we're downvoting you is becauase we think your an idiot.

          Today Google uninstalls a proof of concept rootkit attack. Tomorrow they're removing content because some overzelous lawyer files a lawsuit, or installs monitoring software because a certain government tells them too... But apparently this isnt something to worry about?

          That, and you're revisionist version of history.

  20. This post has been deleted by a moderator

    1. Lou Gosselin

      Re: Speculative bollocks

      The controversy isn't around whether third parties can break the SSL or impersonate google, it's that google themselves have a hidden channel to push instructions to the device. This is very different from a marketplace channel which merely pulls apps down when requested.

      1. This post has been deleted by a moderator

        1. Lou Gosselin

          @No

          "No, you're completely wrong and this is my point, there's no evidence they have a hidden channel"

          Look at the PDF links in the article.

          I'm looking at a PDF which shows the byte codes used in the channel encoded using XMPP.

          I cannot vouch that the evidence is accurate or anything like that, but if he's not lying, then it looks like he does have the evidence.

          "• When you click install in market app

          – Google servers push an out-of-band message

          down to you via persistent data connection

          – Triggers INSTALL_ASSET intent to start install

          – Intent handler fetches APK and installs"

          So the apps are not pulled down by the device, they're pushed up to the device using an out of band installation channel by google. Why does google need to be able to push apps to the device as opposed to letting users pull them down? Technically both mechanisms will work to install apps, but the push mechanism allows google to add/remove apps at will. I suspect the main reason google choose to push apps to the phone has more to do with having an always open channel to users that allows google to track them much more closely.

          Even then, it is very sleazy of google not to prompt the user before modifying the local applications.

    2. Captain Thyratron

      Maybe you can clear this up for me.

      So what, pray tell, does "corporate integration" mean here?

      You keep saying "no evidence", but I'm pretty sure this article was written because somebody uncovered a bunch of it.

  21. Anonymous Coward
    Boffin

    Remote Installs

    If Google has the ability to remotely install software, then it is only a matter of time before certain governments will require them to install software to "help with investigations". What Google has done is expanded "wiretap" capability in these phones. Be worried. Very worried.

    1. Anonymous Coward
      FAIL

      #Remote Installs

      >If Google has the ability to remotely install software, then it is only a matter of time before certain governments will require them to install software to "help with investigations".

      If you're a suitably suspicious character in the UK they can intercept all your calls - follow your movements live and retrospectively for several months etc anyway via the telcos - whatever handset you use and from the dawn of the analogue cellphone days. No software install is required.

      Doesn't worry me at all, it is afterall what the intelligence services get paid to do. Would be far scarier if they couldn't.

      1. Lou Gosselin

        Re: #Remote Installs

        Except that there's a big difference between merely monitoring open communications and having remote back doors on consumer devices.

  22. DrunkenMessiah
    Grenade

    RE: Oh well...

    I'd be interested to know what smartphone you'll get instead which doesn't have this feature or another like it?

    1. gilf

      Nokia?

      This is way I like the N900

  23. Lou Gosselin

    Hidden control channel

    This hidden control channel in android's marketplace app is disappointing...

    Of course any software with an auto-update function has potential to take over, but at least the knowledgeable owner should be aware of them, and can disable them.

    Hopefully google realizes that this is evil, and makes these "auto updates" configurable by the end user.

    I don't want google controlling my device any more than I want apple controlling it.

  24. Anonymous Coward
    Thumb Down

    Sounds like...

    ...Android is the perfect plaything for people who can't handle the responsibilities of a real computer with a real OS. Pity. But with Google behind it I can't really say that I'm surprised.

  25. Robert Carnegie Silver badge

    Corporate users may need "install app"

    Suppose that my corporation issues Android phones to all staff. Then my chairman wants to put a "chairman's thought for the day" app onto every phone. Or maybe something more useful. I think this is how it would be done. Does that make sense?

    1. gilf

      No

      You would have your own application deployed, which could in turn add or remove functions from your repositories.

    2. Pablo
      Thumb Down

      Fine

      But that's no excuse for putting a back door on every phone. They could easily provide a separate remove-admin app for organizations who need it. It's not even clear that the current feature can be used they way you describe.

  26. sniper

    Buzz

    Let's be glad that the Google Buzz team missed that one - otherwise they surely would have installed a Buzz client on every Android device instead of just enabling it for everybody in GMail.

  27. Kubla Cant Silver badge

    Who pays for the data transfer?

    If Google is installing an application on a phone, obviously it's transferring data. The same applies, to a lesser degree, if it's sending a removal command.

    Recent Reg articles have reported how Vodafone et al are jacking up the prices and screwing down the limits for data transfer. Roaming data prices are particularly steep.

    Even if the actual cost is small, it looks to me like Google is stealing bandwidth when it does this.

    1. JHH

      Data

      Here on Verizon I have unlimited data but I do get buggered if I turn on data roaming. As long as I am in network I can use as much as I want.

  28. ForthIsNotDead
    Thumb Down

    Adverts

    Don't forget, Google are an advert company.

    They will probably push an app to your 'phone that monitors the 'phone numbers you call, their duration, and their cost.

    Then they cross reference the telephone against their own search engine to find out who you are calling, then push you a 'personalised' advert 'experience', made just for you.

    "Google has noticed you are calling a lot of Escort services. Would you like a list of Escort Services in your current location (which we know, by the way)?"

    < YES > < NO > < LATER >

    or

    "Google has noticed you are calling a lot of Escort services. Google has sent your number to GoogleBirds, our licenced Google Affiliate, who will call you back, absolutely free. No need to thank us! Google: Do No Evil!"

    < OK >

    Fuck that.

  29. stupormundi
    Linux

    Really confused now

    Is there 1 single Android Market? Wasn't there talk of how there could be multiple markets, perhaps hosted by carriers or hardware manufacturers?

    I've not developed for Android (yet), so I wonder: can you load your freshly developed app locally, or do you have to submit it to google in order to deploy it?

    What I'm getting at: I can imagine how a kill switch works, if there is one global set of unique identifiers for apps (one Android Market scenario). But what if there are multiple markets? Who handles the app IDs? What about apps that I might develop myself, but don't intend to publish to the Android Market? Do they get IDs?

    I was planning on using Android phones for robotics, but I would want to be sure no google can remove my apps when it feels like it.

    1. Mr Brush
      Boffin

      Local install

      There is only one 'market'. The apps have a manifest that details the requirements so that you only see supported apps from your device.

      However, there are numerous places where you can download APKs and install them yourself.

      APK Installer on the marketplace will install APKs from your SD card. Or you can frig it via the SDK if you don't want to go near the market.

      http://www.talkandroid.com/guides/install-apk-files-on-android/

  30. Justin Clements

    Good quarter for Google

    Google are having a good quarter.

    First, collecting wifi payload data for some obscure reason.

    Second, withdrawing an app from people's phones. Did they miss the Amazon case last year or something? People do not like companies coming back onto their paid for devices, and removing stuff. It's a bit like the Tesco breaking into your house and removing something you bought from them.

  31. Eddy Ito
    WTF?

    So what's left?

    Palm and WebOS... I need to talk to a few people but it's looking better every day.

  32. ludachrs

    I Trust Google Completely

    they can have all of my information, bank account, credit numbers, IDs anything really, it's cool. I read their "do no evil" and I believe it. They offer me free stuff searches and email and phones and its great. I hope one day they control all computers and internet.

  33. kedaly
    Jobs Horns

    Silliness

    I've had a Blackberry & and Android phone and have many friends with IPhones. All of these devices have remote install and remove capabilities, the network carriers would not allow them on their networks if they didn't.

    What people fail to realize is that it may be their device, but it isn't their network, and the terms of service for the network clearly state that the vendors have the right to do this. This makes total sense in the ways of protecting the mobile networks from the kind of crap we have to deal with on the PC side, where network anarchy is the rule of thumb.

    If you don't want remote install or remove then don't connect your phone to a network!

    1. M Gale

      Hang on, what?

      By your argument, whenever I connect my laptop to the Internet, Virgin reserve the right to install spyware on my machine. As do any intermediate networks my packets may happen to travel through. Oh, and if I connect to a free wifi point somewhere, the owners of that AP reserve the right to run SSLstrip and snaffle my usernames and passwords.

      I really don't give a damn who's network MY device is connected to. It's my device. Period.

      And how are you supposed to use a phone, without connecting to a network? Isn't that the point of a phone?

      Ahwell. Increasingly glad I never bothered with the whole smartphone craze. I may end up developing for them at some stage, but I'll be damned if I ever use one as more than a test platform. Google, you'd better change this, quick. Openness and "freedom" is the only differentiator between you and Apple at the moment. Secret remote installation of software is the sort of thing I'd expect a virus to get up to. Really, what the hell were the people who thought this up smoking?

  34. JHH

    I would say

    If there is already a patch out there that works rather well to root my droid (and another that relies on it to turn it into a nice WIFI AP) there will soon be an app that will allow you to block google from adding or removing apps.

  35. Rattus Rattus

    I love my Android phone...

    but I am seriously NOT happy about this particular "feature." On a completely unrelated note (sure), does anyone know of a good, configurable, LOGGING firewall app for Android? I've only been able find so-called "firewalls" that block unwanted phonecalls or messages. No luck so far in finding an IP firewall.

  36. M7S

    Perv Phone

    Ideal defence for anyone with dodgy pics found on their phone (as various recent stories have shown) "Google (or someone who cracked their system) must have installed the app that downloaded these".

    A modern variant for the old "a virus changed the dialer on my PC".

  37. spegru
    Thumb Down

    Control Freak

    It's only a matter of time before all devices have this type of feature unless we find a way to legislate against it.

    Apple showed the way. Android copied it and it's inevitable that MSFT etc will go that way too.

    I find this really worrying. the fact that Android is basically opensource makes it worse in many ways. It just shows that it 's not just the pedigree of OS that's important, it's the way it's built and the way it's built into the hardware and of course the network it operates over.

    This is going to become an increasing problem I fear

  38. Ian Yates
    Black Helicopters

    Badgers!

    While I don't like the idea of remote install, remote kill does make some sense given how free the market is - in this instance they used it to remove an app that was misrepresenting itself, which makes a certain kind of sense.

    Yes, it could be open to abuse.

    Remote install seems odd - why do they need this ability for any good reason?

    On the "plus" side, it appears to be part of Market not the OS, so you could remove the market and be "safe" from this. It's not like you can't find and install apps (legally) outside of the market.

    This is the sort of publicity Google should face and explain, possibly admitting they were wrong to reserve this kind of power and reverse it. Where Google tend to do themselves harm is that they just stay quiet from here on and make people nervous that they're happy to accumulate this power without reason.

    I'm a happy Android user, and I don't think this is going to dissaude my from continuing with Android... but I'll be keeping an eye on it.

    1. Matt Piechota

      Yep

      "On the "plus" side, it appears to be part of Market not the OS, so you could remove the market and be "safe" from this. It's not like you can't find and install apps (legally) outside of the market."

      Yep, just uninstall the Google Market if you don't like it. Try that on the other devices. :)

      As for other Markets, I haven't seen any apps, but you can just download the apks for anything. I assume someone that wanted to develop a market would have to write a market app for the phone. I'd think Google would helpfully sell you a copy of theirs though.

      (Of course, there's probably another back door hiding in the system itself...)

  39. Anonymous Coward
    Badgers

    Compliance impossible?

    I work for a large company that handles sensitive stock market data and, as such, is bound by laws such as SOX that require the integrity of processes and audit. How could we depoly any Android device (or iPhone/pad) when we are aware that a third party has the ability to modify its software/contents without our knowledge? I can't see any way we could certify it as compliant when that might be changed at any time.

    We are a major Blackberry user. If I understand correctly our BES is administered by our company and not by our carrier so we get to say what content gets put onto them. I'm not saying there is no back door RIM could use to insert content but I've seen no evidence of one.

  40. Anonymous Coward
    Anonymous Coward

    Pro Google?

    I suspect that those of you defending Google would defend Google whaterver they did simple because you believe in their "don't be evil" marketing crap.

    So long as you believe that Google would never abuse this facility in order to push out or remove applications for good reasons then that's fine. But where do you get the idea that just because somebody says they're not a bad guy that means they must be a good guy? I don't suppose Adolf Hitler went around telling everybody he was evil did he? Nope, he thought he was a good guy. Extreme example, but you get my point.

    Google gobbling up your wifi data? I seem to remember they told us they hadn't done that right up until the point where they admitted they had. If you can't trust them on that how come you can trust them on the remote install/remove issue?

    People on here seem to thing that MS are the most evil thing since the Nazi party, but even they don't have the power to install or remove software without users knowing about it.

    Some of us saw Google's true colours years ago, but if you still haven't woken up and spotted them then you probably deserve to be screwed by them. Twice.

    1. Captain Thyratron

      Ain't that going a little too far?

      I get your point, but did you really need to Godwin the thread for it? I mean, it's not like we're talking about fascism or something.

    2. mego
      Alert

      The title is required, and must contain letters and/or digits.

      >>People on here seem to thing that MS are the most evil thing since the Nazi party, but even they don't have the power to install or remove software without users knowing about it.<<

      So far as we know... although given the way Geniune Advantage and WAT behaves, I don't really agree.

  41. Captain Thyratron

    Oi weh.

    Articles like this make me real glad to have an amateur radio license.

  42. justsaying
    Alien

    The title is required, and must contain letters and/or digits.

    All you people going on about Google and Microsoft. We should never forget the real enemy - Apple! Simply replace Google for the Romans and Apple for the Judean People's Front and it all makes sense (the Popular Front is of course Palm).

    Reg: “ The only people we hate more than the Romans are the f**king Judean People’s Front.”

    Stan: “Yeah, the Judean People’s Front.”

    Reg: “Yeah. Splitters.”

    Stan: “And the Popular Front of Judea.”

    Reg: “Yeah. Splitters.”

    Stan: “And the People’s Front of Judea.”

    Reg: “Yea... what?”

    Stan: “The People’s Front of Judea. Splitters.”

    Reg: “We're the People’s Front of Judea!”

    Stan: “Oh. I thought we were the Popular Front.”

    Reg: “People’s Front!”

    Francis: “Whatever happened to the Popular Front, Reg?”

    Reg: “He’s over there.” [points to a lone man]

    Reg, Stan, Francis, Judith: “SPLITTER!”

  43. Gil Grissum
    Grenade

    Full power to the shiields...

    And I almost got the HTC Aria but instead got the Palm Pre. Glad I did. There won't be any remote installs, deletes on my device (unless HP changes that when the deal to acquire Palm, is complete)

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020