@Drak
For the most part, in a embedded system, "it's open-source" is a non-sequitor, reinstalling an embedded system is less of a trivial matter then reinstalling a computer, and a large section of the population cannot manage that. That said, lets go back over the points of my post:
1) I souldn't have to trust google will only install things I want on my phone without my permission.
2) I souldn't have to trust google will not lose their key, thereby forceing me to trust someone else to only install things I want on my phone without my permission. (really, with all the companies/government agencies losing information, do you think this is something that shouldn't be considered?)
3) Google should not use their monolopoly status in one market to acheve an advatage in another. (a monopoly in android application distrobution should not equal an advantage for your android apps)
Frankly the third point, while it stands on it's own, is still the lowest of my conserns.
Having embedded this type of a backdoor in the system, I would require a full audit of the code in order to think about trusting it. Again, the cost/benifit of doing that is a no-brainer, yes I CAN audit it, but they have already proven that it has to happen in order to trust them. It's far more cost effective to go with a company that has not earned my distrust.
If you can't guess, I will not be buying one.