Security and non-security
FINALLY, this may be getting some traction. Less than a year ago, when I bleated or whinged for better security in Android phones, I got downthumbed/drummed at times. I've a few areas of concern, and most of them stem DIRECTLY from google's reticence and wanton obtuse attitude.
I want to know why the hell Google doesn't sandbox our contact lists.
I signed up for one of the Korea-based social apps and the damned thing sucked up all my contacts. I had a choice of either use or not use. But, WTF doesn't google let us isolate our contacts so that these damned companies cannot harvest them in the first place. Maybe we only KNOW that a few of our friends are even likely to be in a social hubbing site, but we want to only trial the app. Why should the price of a trial be that every last user unwittingly or reluctantly with a deep wince and groan give up their address book?
Google needs to step up. Also, there need to be laws that tell companies to MAKE their software honor and respect non-invasiveness. All inbound subscriptions to a site that the users has not made extensive use of need to be on a probationary period of sorts. A site should not be all-knowing about a user who "just joins". Rather, it should only accumulate knowledge/details over time, only as the user uses the site. It should not invade the users' devices on initial connection.
Also, our photo albums, notepads and more in the phones could be subject to periodic "synchronization" by sites we THOUGHT we disconnected from our apps install. If we use different apps from one vendor, but delete/uninstall one app, how do we know that code fragments of the ditched app aren't hidden or "associated" to the remaining app that acquires functionality to still rip off information?
Google needs to get off its fat ass and provide native firewalls, intrusion detection, and logging, AND sensible correlation tools to help those of us who want these tools to free and freely keep tabs on whomever is infiltrating our devices. Unfortunately, there are not enough people screaming. The only way to really punish the frackers probing us is to just go cold-turkey for days on end without communicating with ANYONE, just to put hiccups into systems we HOPE we are screwing with for screwing with us.
Yes, i know firewalls and IDS's will such lots of battery power, but some of us are not that far from electrical outlets -- hell even the MUNI light rail cars have two in the passenger area (in the middle, one on each end of the middle jointed areas), most likely so the cleaners and maintenance crews can vacuum and do drilling or sanding work that may be needed. I've seen people charging their phones, and a couple of times, I did, too. So, once we get to a land-based outlet and do more surfing, we can keep the FW and IDS tools running.
Wait, Google makes money from shoving out adverts for paying clients. If they both suspect we are silently dropping adverts, advertisers may fork out less money. THAT has got to be the reason why Google so contemptously and arrogantly refuses to supply native, concerted, high-grade IDS and FW tools to us. As long as they're for-pay, fragmented, dodgy, and a PITA to use, advertisers won't fear them as much, and Google won't have to be too invasive. OTOH, it could be possible that google will ahve in each handset a "god" chip that can just silently separately stream unencrypted data off the phone for facilitating law enforcement, telcos, and corporate-managed/snooped phones.
Maybe I'll just start clicking on ads and then abandoning them, jacking up the advert click rate but having them amount to no payout. It's either that, or quit the smart phone, or find a get-it-done FW/IDS. I want the peace of mind. And, I don't want a smoke and mirrors tool. And, i don't want to FRACKING have to ROOT my phone. Why MUST we ROOT our phones to get more security? Rooting risks the phone being bricked when the carrier does an OTA update and the phone and/or carrier can't reconcile each other, or if the carrier wants to be punative. HiSurfing looks nice, but requires the user to root the phone...