Why has Google given itself the power to remotely install applications on citizens' Android phones? It will eventually offer a desktop-browser-based version of its Android app marketplace, allowing netizens to install apps on their Android phones using a browser on their PC. The company demoed this desktop-based Android Market …
Nice to know, especially about the desktop Market install, but it all sounds perfectly reasonable to me.
apps over the internet?
""You find the app, you download it to your PC or Mac. You then have to tether your device. Once it's down on your PC, you have to convert it over that tethering to your device and then make that sync happen.
"Well, guess what? We discovered something really cool. It's called the internet."
Riiiiiight. All my apps are installed directly on the handset using the iPhone appstore and the magic of the internet.. Think they forgot that Apple set it up for you to do that way. Having to use the PC to do it would be seriously annoying.
Re: apps over the internet?
From what I gather from this article, the new method would be browsing the marketplace on your PC and clicking 'install', which sends INSTALL_ASSET to your phone.
This is not the same way as the app store. If you want to download an app via iTunes on your PC you need to physically connect the phone. You are free to browse and download apps from the app store on your iPhone, but can't "remotely" install them.
So if the police happen to suspect you of snapping kiddies with your android, or talking to terrorists they can request Google install an app on your phone which could remotely listen to phone calls, send address book and call information and all you pictures back for them to study at their leisure.
Or Google could install an app to provide you with ads that appear to be texts based on your location without your permission.
If the police suspect that you are talking to terrorists they can seize your mobile phone records, install wiretapping devices in your house, interrogate your loved ones, put location tracking devices on your vehicle, video and photograph your every movements, request your personnel records or many other things - I don't thing google installing an app on your phone is the one to worry about when it comes to privacy?
If you start getting text advertisements through your phone and find that Google have secretly installed an app that spams you at all times of the day or night - do you really think they would still have a phone operating system to promote??
Location services can be turned off, you can get just about every app from sources other than the market, you don't even need to put in your gmail account and use any of Google's services. You can still run your phone without it.
That sort of paranoia is unhealthy...
@So in other words
"It's entirely part of a legitimate install process, and can be no more abused than Apple's remote install and remote whipe features can by Apple"
There are obvious solutions to installing apps which don't put google in control.
1. Use "pull" based mechanism
2. Keep out of band "push" mechanism, but prompt the user for permission.
3. Give each user a PKI cert so that the device can recognize installation requests which originated from their PC (as opposed to google).
Google are smart enough to come up with these, so we're left to assume that they didn't because they intended to keep device control for themselves. I also suspect the used a persistent connection to aid in tracking users.
Obviously apple can do the same thing and it's no worse than the iphone, but it is not in either of their interests to highlight the point. Just because app installation is a legitimate function does not mean its right to overload it to give google a remote control capability.
in other words....
remote install facility + man in the middle attack = massive security hole!
Still, "apple and google aren't stupid" so it's ok. This is the apple that built a phone that drops signal when you touch it and the google that illegally captured a load of wifi data, yeah? Definitely not stupid!
Browsing and installing from the same device/process is surely far more secure, as mentioned in Bascule's post above.
This is awesome
Will make IT support for remote users so easy.
Easy way to protect the phone
Just pop up a message asking the owner for permission BEFORE the software can be installed or uninstalled.
That way, the OWNER can decide if it is a transfer he asked for, or not, and act accordingly.
Just provide the adequate amount of information on the dialog box, please, and the options:
yes/not now:remind me later/never
My 2 cents
Re: Easy way to protect the phone
It's so easy that one wonders why google didn't.
And if Google wants to put a stealth app on your phone... no nice pop up.
Ooops! We forgot to do that... some bad programmer made an 'honest' mistake.
As long as you keep your wits about you and don't download stuff that looks dodgy, it sounds like a good idea to me.
In fact, it sounds like the method Xbox Live Marketplace works now - which could only be better if there was a way to switch my xbox on from my desk at work.
Why? Can you play it from work? What size TV do you have at home that you can see it from your desk in the office?
Re: Remote xbox
He's talking about turning it on so it can get on with downloading the content he's just queued up for it, rather than retardedly waiting until he gets home to switch the console on, and then waiting half an hour for everything to download before he can play.
remote kill of anything
Article states - "If you install an app from a source outside the Android market, Google will not be able to remote kill it " at least not directly.
But with the "automatic remote install" feature it will be able to push out an application that seeks and destroys whatever it wants. Best case it might be like a push version of Microsoft Malicious Software Removal Tool.
remote kill of anything
"If you install an app from a source outside the Android market, Google will not be able to remote kill it"
Do we know for sure that google cannot use the app control api with apps outside the marketplace? Or do we just have knowledge that they wouldn't use it that way?
I'm a fan of open platforms, so the sooner they sort this out the better.
You can already do this which the AppBrain application so its nothing new.
What a lot of people are forgetting is that this really is a bad thing...
Its one thing to pull an app from a phone because it violated the ToS and could be harmful.
Its another to have a stealth tie to your phone at all times.
There's a reason why Google is quiet about this 'feature'... always having a tether to your phone.
Its called monitoring your data and location.
Sure its a violation of your privacy until you tell Google that its ok for them to 'monitor' your 'Location services'.
The issue is that many users may give permission to allow Google to snoop on them because they don't know or understand what they are allowing Google to do. And that's the thing. Google can legally monitor you, your calls, etc ... when you give them permission to do so.
Definitely a fail on Android. Call me paranoid, but based on Google's other actions, I think the 'trust level' is way down.
Being able to push apps to your phone silently is also bad.
Suppose version 1.0 doesn't monitor your position and Google explains what they monitor... But then they ship out 1.01 which monitors more information, some of which you don't explicitly want them to have?
Oh sure, blame it on that rogue programmer again....
Next you'll see Phorm complaining that they should be able to silently monitor your internet activity because google is allowed to do it.
"Call me paranoid"
OK. You are paranoid. Realising the problem is half the solution.
This is the best thing since slice bread
Imagine if you will that you like to browse using your computer for apps, songs, movies, books, you name it as it has a much bigger screen and is super fast. Imagine having a button on the browser that every time you find something you like you click the button and POOF it gets installed on your mobile. I LOVE IT!!! This is a god sent feature. Thank you Google.
I've been doing that for years on my phone, but with me in control and me choosing what I install. Mine is the one with a good battery life, decent apps and automatic backups ;-)
- Product Round-up Smartwatch face off: Pebble, MetaWatch and new hi-tech timepieces
- Geek's Guide to Britain The bunker at the end of the world - in Essex
- FLABBER-JASTED: It's 'jif', NOT '.gif', says man who should know
- If you've bought DRM'd film files from Acetrax, here's the bad news
- VIDEO Herschel Space Observatory spots galaxies merging