Google can kill or install apps on citizen Androids
Google has the power to not only remove applications from users' Android phones, but remotely install them as well. Last week, Google told the world it had exercised its Android "Remote Application Removal Feature," reaching out over the airwaves and lifting two applications from citizen handsets, and as pointed out by the man …
"Google has the power to not only remove applications from users' Android phones, but remotely install them as well."
Well......fuck that then.
Android phones are supplied with loads of apps. Does it really matter if they can install others remotely? As long as they are free, that is.
Yes, but obviously not to you. Do you use Apple products by any chance?
Is this really too much to ask?
That's what this is about. Not which Apps you can and can't access, but the apps they install for you. I am an open source user; but Nokia in their wisdom went and installed a small office application that can't read ODF and also can't be removed. Also, a game that I can't remove. Nice of them to waste my precious system memory for me, especially as the X6 doesn't have removable memory.
I was looking at Android tablets and also my next handset was going to be Android as well. I've just started reading on programming Android. Not any more I'm not.
I've got an HTC Desire. Which came with a load of Apps that don't interest me. I can see no practical difference between unwanted pre-installed apps and unwanted downloaded apps.
Especially when Google isn't doing it.
You'll be wanting an N900 then. As much open sourcery as you can eat, and a physical keyboard too. You need it, for the command line shell.
-A.
o_0
Erm, I don't think your comment makes any sense within the context of this article.
... i'll wait and see if some enterprising programmer can't figure out a way to block google's interventions without actually crippling app installations in general.
When thinking about issues like this it is always best to remember that Google's "do no evil" mantra only holds for certain values of "evil". Those values being the ones that Google have defined. If your definition of evil differs from that of Google then you probably shouldn't own a device over which Google has so much control.
...to definitions of torture recently espoused by certain governments;
"We do not torture people"
"Define torture"
"Anything we don't wish to do"
"So by that definition anything you do do can never be classified torture"
A big software vendor introduces something that end users have no control over, it phones home automagically, it can add software or remove software at its own pleasure, and is vulnerable to impersonation or man in the middle attacks.
That's Windows Update, isn't it?
Not saying that what Google are doing isn't evil, but where's the equivalent fuss for the MS equivalent technique?
Just askin', like.
MS don't have a "don't be evil" motto. So there's less to make a fuss about.
Dont think its proved to be vulnerable to impersonation or man in the middle
When I buy a computer from an OEM I'm ASKED what I want Windows Updates to do. I can disable it completely with one click - it's one of the first things you are asked when you "setup" Windows as a new user.
So I'm told about, can chose to enabled or disable it or I can be selective and say tell me, but I'll manually review the updates and install the ones I want at my leisure.
That is NOT what Google are doing. This has been 'discovered' by a researcher that they can install stuff remotely, you can't disable it as far as I know and it's completely out of your control.
Windows Update doesn't default to automatically updating your box, you have to explicitly agree to it (though yes it does twist your arm a bit about it), so at least you're aware of what will happen.
If there's an issue with WU it's how they're forever pushing guff at you like Silverlight et al...
Windows Update must be explicitly enabled (it asks you during setup) and can be disabled at any time.
I'm not sure if this can be disabled.
IMO the Apple Updater is worse... I have Safari on my machine for browser compat testing because apparently some folks use it on Windows and it doesn't always behave the same as it does on the Mac.... but once every couple of weeks I get an agressive little pop-up trying to get me to install iTunes, Quicktime etc as well ... and if I want to keep the Safari auto-updater I don't seem to have a way to kill these "helpful reminders"
At least with Windows/Microsoft Update there's a very simple option to leave it enabled but select and hide apps I don't want updated
You Sir should read the small print more carefully - Microsoft states that Windows Update can update *itself* at any time, without asking you for consent.
Shall I just remind you that it has a lot of privileges on a windows system?
I would expect an admin backdoor like this in any networkable product.
I'm sure people would be equally up in arms if something nasty crept into the Android market and Google didn't have the capacity to do something about it.
Surely the fact that they can remotely install apps without authorisation has to be a lot more disturbing then their abililty to remove them wihtouth authorisation. Don't forget that this is a company which is proving itself to be highly untrustworthy. A fact that, thankfully, more people are, albeit slowly, waking up to.
Did someone not read page 2? :)
That Apple also have this ability.....
And where did you get this information from? I'm not saying they do not have the ability, I'm just curious to know where it is documented, for I haven't seen anything about it.
-dZ.
This is Google's misdemeanour , not Apple. Yes, Apple have a smartphone on the market too, so what! So does everyone else and their neighbour! Fanboi. The only failure here is yours. Even Cade Metz managed not to mention Apple!
How deep in the T&C the remove and install "features" are buried?
"How deep in the T&C the remove and install 'features' are buried?"
The Removal scenario is stated clearly near the beginning of the Android Market Terms of Use (http://www.google.com/mobile/android/market-tos.html, section 2.4)
Someone else can hunt down the terms for Android use in general, including application installation and update. But I rather doubt you'll find Google's lawyers have slipped up in this regard. In particular for the scenario that's been highlighted, which would rely on a hacker exploiting an unpatched vulnerability.
How comes that he has to reverse engineer the behaviour if android is open source? Can't he just download the source and see what it does?
I fear I am missing something obvious here.
Whilst the Android OS is open, not the whole stack is. (Unless I'm mistaken).
Google apps and features are not open source AFAIK - which would include the marketplace.
I don't care what the excuse is - nobody installs or removes anything on anything I have without my express permission.
I have no need to be nannied. If I install some objectionable material on my hardware, it is my responsibility. If I goof and install something harmful to my hardware or my privacy, well too bad for me and I've learned something new. I will certainly not accept anyone deciding for me what needs to be removed. Of course, the consequence is that nobody will remove for me a trojan app that I, as well as others, installed because of some advertised function that I found useful. The normal way to do things in that case is that I get a mail or some sort of notification telling me what the issue is with that app and how to deal with it. I will decide what to do with it.
On the other hand, there is simply no excuse for remote unauthorized install. That is just about as Big Brother and disrespectful of my rights as it gets.
But of course, I'm harping about a long-lost notion : the consumer has rights. Seems that that is sooo last century.
I have an Android phone - love it, best mobile device I've ever had by a long way, but it's association with Google leaves a bitter taste in the mouth that just seems to be getting worse and worse.
Aside from the meaningless "do no evil" mantra that Google spouts they do say something very meaningful about Android: that it is Open Source (eventually at least). Part of that meaning to me is that the development and functionality of the OS is accountable to the user/developer community.
Thus as I have a handset made by Motorola running an Open Source OS connecting to Orange's mobile network. What part of that package allows Google to determine what software I will or will not run on my device that I have paid for?
Jon Oberheide is right to point out the pontential security issues with this but at least as important is the question of Google overstepping the mark again in seeking to snoop/control on-line activity. I'm no fan of M$ and Apple but at least they don't try to use Open Source as a fig leaf for their monopolistic activities.
Agree entirely.
This is a major conflict of interest, think of the espionage possibilities.
It wouldn't be bad if google's remote update mechanism 1) was optional, and 2) explicitly prompted the user, however that is was hidden shows just how untrustworthy google is.
This is no different from what apple do, but then apple don't operating under the pretense of selling open devices, people (should) know that apple controls their device.
"But of course, I'm harping about a long-lost notion : the consumer has rights. Seems that that is sooo last century."
The PC era was so fantastic for consumers because of open platforms which spurred innovation and competition. I worry very much that the future of computing could be closed and proprietary, and only a few corporations holding the keys to all apps and data.
What if this was a EU based company trying the same sort of trick in the USA?
Would/could it be allowed?
perhaps all the people that love (apple/google) or hate (apple/google) will now realise that every company is in it to
a make money, and
b protect their money making hardware/software
>c, protect their users
Now that's just crazy talk!
Every App you have installed on an Android phone from the Market is remotely installed - that is how it works. You select an app and the channel opens up with a command to your phone to install it. It then gives you the permissions the app requires and then you can choose to go ahead with the installation.
The Froyo build goes even further - you can just select an app on the Marketplace website and it will get installed on your phone using similar technology. This was one of the big wow factors at Google IO and helps you work with your PC or Phone but through (cough) "The Cloud", rather than have to connect your phone to your PC itself.
If you don't want your phone to do this, or have any links to Google, then don't put a gmail address in when you first install the phone.
Surely these feature were invoked by Google where they are the service provider, and would not apply to all Driod phones world-wide?
... just turn off the data network when you're not using it. I do and it also saves a load of battery (as well as mildly upsetting some apps that want permanent net connection)
>It's unclear whether Google's "kill switch" can remove applications that were not download through the Android Market.
Its very clear - they can't. All apps through market are 'remote installed' and remote deleting is a feature of iPhone, Kindle, WinMo7 etc.
So he created a demo of how an app could misrepresnt itself and sit checking for remote code vulnerabilities.
And google showed their demo of what they do in that situation, namely - Remote nuke it.
Then he said "what if someone ran 'INSTALL_APP' with a MITM attack.
And the response is, presumably, when control is restored to the server - Remote nuke it.
And this is bad because if this useful interface exists then it could be used to remove apps google doesn't like?
Well... um... tough. I prefer the knowledge that if an app goes rogue the app dissapears to the fear of "if google goes rogue my pointles game may dissapear".
he was using it to demonstrate how to get a rootkit onto the phone. Once the rootkit was running it would be able to block the uninstall but make it appear to have worked.
"An attacker could use such an approach to gain a large install base for a seemingly innocent application and then push down a local privilege escalation exploit as soon as a new vulnerability is discovered in the Linux kernel and root the device,"
The large install base waiting for a vulnerability to be discovered to actually allow the rootkit to be installed would be somewhat scuppered by google's auto-delete. Which was the point I was making.
Just the right to install what I want on the phone I bought with MY money!
what a safe and sterile world we would have if these corporate nob-odies got their way
So what phone are you going to get instead?
You say wrong; given that possession offences are strict liability offences, suppose a phone were to have illegal content of whatever form downloaded to it or an app to acquire such content? What about an eavesdropping application that Google have agreed to provide to, for instance, a government in whose jurisdiction you live? Their definition of evil has proven sufficiently malleable to allow such adaptation to local concerns before now.
Covertly installing applications without the user's permission on their phones? Well I'm sure that won't interest the security services at all. I'm sure there absolutely definitely won't be a flood of sealed court orders winging their way to Google HQ, identifying certain phones of interest, will there...
In today's world, hackers and system attacks are inevitable. It would be irresponsible to not have a method to deal with them. Google's chosen method is this removal tool – and a corresponding tool that can patch the systems remotely or install other critical components. This method was effective, and demonstrates that Google can eliminate threats.
Keep in mind, this was a threat. It wasn't a case where someone wrote an app that competed with a Google app, and it was removed to limit competition (ala iPhone). This was a hacker who used social engineering tricks (standard hacker MO) to install a root kit on users phones. The app represented a danger to the consumers, and rightfully should have been removed.
Frankly, I am sick of these “white hat” hackers doing evil things just to prove how easy it is to do evil things. The excuse that it was for “good” or “demonstration” purposes does not excuse it in my mind. Imagine using that defense in a murder trial: “Your Honor, I only shot her in the face to show how easy it is to shoot a person in the face! You should thank me for revealing that vulnerability.”
Sign up, sign up for The Register's weekly IT security newsletter - click here
