back to article Mobe-makers' BLOATWARE is Android's Achilles heel

Android's Achilles Heel is not Google, but vendors who pack their devices chock-full of dodgy software. That's the conclusion reached by North Carolina State University researchers led by Xuxian Jiang, who has spent some time analysing Android security. In the latest work, co-authored with Lei Wu, Michael Grace, Yajin Zhou …

COMMENTS

This topic is closed for new posts.
  1. Kevin McMurtrie Silver badge

    Chock-full of it

    No dodgy software or excessive privileges from Google? Chrome is crippled until you sign in and grant it permission to monitor everything you do. It's difficult to turn on GPS without Google monitoring your location, networks, and nearby WiFi points. Android Backup Service wants a copy of everything. Google Maps demands login for offline mode. As for sucking up resources, there's Google+, Google Play Music, Google Play Music & TV, Google Play Music Magazines, Google Play Books, Play Store, Gmail, Exchange Services, Picasa Uploader, Talk, Maps, Earth, YouTube, Google Search, Google Services, etc.

    1. Anonymous Coward
      Anonymous Coward

      Re: Chock-full of it

      You think Google is the problem? Do you know your mobile operator has to keep you phone location data for 12 months by law. And if you think the spooks don't get that data you are probably mistaken. And I'm sure they get a whole heap of other info too.

      Google give us chrome for free. In fact they give us lots for free. However that's clearly not a sustainable business model. So in exchange you actually give them into about yourself so they can target you with advertising. That's how they fund all this stuff. *Personally* I'm happy to do that if I don't have to hand over cash instead. The thing is if Google better tailor the advertising and search results I will see fewer adverts and get better search results and will get done what I need to quicker. Is a reciprocal deal. We are both happy.

      Thing is nothing is really free. Everybody needs to eat.

    2. Anonymous Coward
      Anonymous Coward

      Re: Chock-full of it

      " It's difficult to turn on GPS without Google monitoring your location, networks, and nearby WiFi points. Google Maps demands login for offline mode"

      So use a paid or free alternative that works offline (Navmii works OK given it's free, and I hear good reports of Copilot if you want better but paid for quality), and turn off data network mode. In fact, data network mode can be off much of the time unless you need web access (it's just in the top setting bar, so no furkling around deep in menus to find it).

      You may also find that you get much better battery life with mobile data off as a side benefit.

  2. Christian Berger Silver badge

    That's why we need a common hardware platform

    It's like on the PC, manufacturers ship their them with lots of pre-installed crapware, but that doesn't matter a lot since PCs have a common hardware platform. You can install any operating system you like and easily re-install it. You pop in the boot medium and it boots.

    Since however the mobile world has no standard hardware, every operating system needs to be ported to every device. This is what takes most of the development resources.

    1. Khaptain Silver badge

      Re: That's why we need a common hardware platform

      "A common hardware platform" is the Cyanogenetic approach; business couldn't care less.

      Cyanogenetic ; Adjective : FUD free .

    2. Bullseyed

      Re: That's why we need a common hardware platform

      Uh, what?

      You know phones all have motherboards, processors, RAM and storage just like all PCs do, right?

      1. annodomini2

        Re: That's why we need a common hardware platform

        True, but no standardised BIOS system.

  3. Anonymous Coward
    Anonymous Coward

    Phone makers take note

    You don't need to install more than the bare functionality. There's an app store for the rest.

  4. Chairo

    Why all the exitement?

    Since ICS android contains a feature to disable internal apps. So if you don't like it, just disable it and install something more sensible.

    1. Dan 55 Silver badge

      Re: Why all the exitement?

      It'd nice if it were an uninstall option. There's no particular need to set aside a gigabyte or so with disabled bloat if you don't want it.

      1. The BigYin

        Re: Why all the exitement?

        Indeed. I'd like to delete Facebook and related crap to get some space back. But as it is "baked in" for whatever reason, I am stuck with garbage I don't want.

        Shame Cyanogenmod doesn't run on my phone.

        1. tony2heads
          Gimp

          Re: Why all the exitement?

          My phone doesn't have an official Cyanogenmod install, but the nice folks on XDA

          http://www.xda-developers.com/

          may be able to help

        2. Bullseyed

          Re: Why all the exitement?

          You can either use the Android stock disable features or you can root your phone and delete it.

          Neither option is available on Apple devices.

      2. Chairo

        Re: Why all the exitement?

        Yes, on the other hand, AFAIK pre-installed applications are stored in another partition than normal apps. That means, even if you could delete them, you would have to repartition everything to gain new, free space.

        But at least you can delete the data, used by the apps you disable. That can already free up quite some flash.

        And yes, I am well aware that not every user is able to find the disable option in the app settings and then judge, which app is bloat and which is crucial.

        A good part of the Google apps can be disabled, btw, but you might lose functionality - you need "Google Search" to have voice search, for example.

    2. WonkoTheSane Silver badge
      Thumb Down

      Re: Why all the exitement?

      Thanks for reminding me about this.

      Just used it to kill the HP printer software supplied on my brand-new Nexus 5 direct from Google.

      Devs please note:- Unless an app is an _essential_ part of the OS, it _must_ be deletable.

    3. Bsquared

      Re: Why all the exitement?

      Delighted to see the Wildfire S in the hall of shame in the article. Mine still runs Gingerbread, and its pitiful amount of RAM and parasite burden of shit apps from HTC and Telstra made my life miserable for a long time. (Isn't it just super when gmail stops working with less than 12Mb of RAM is available on a Wildfire S?)

      I also didn't have much luck with CyanogenMod and a couple of other non-stock ROMS for this ancient phone. However, even if you don't have ICS, there is hope! If you root the bastard, make a special partition on your SD card and then install LinkSD, you can move almost any app to the SD card, and you can "freeze" non-essential stock apps from ever being loaded (yeah, that's right, Facebook, I'm looking at you) hence freeing up valuable RAM.

      It's been working like a charm for over a year now with almost 50Mb free, but I notice with some trepidation that the Google Play updates are getting bigger....and bigger....

  5. Oh Homer
    Gimp

    Been saying this for years

    Most of the problems attributed to "Android", including licensing, bugs and security issues, have in fact nothing to do with Android whatsoever, but are almost entirely caused by proprietary third-party software. Screw Googlers are disingenuously using Android (and the fact that it's Free Software) as a scapegoat. Of course they like to ignore that inconvenient fact, any yet they're strangely silent when it comes to Windows security problems, much of which can rightfully be attributed to Microsoft.

    Coincidentally, most of those screaming about "Android" problems, are those with a vested interest in software that's claimed to solve those problems, closely followed by those with a vested interest in competing platforms.

  6. Alan Watson

    Why list by manufacturer?

    If the problem is carrier bloatware, surely listing vulnerabilities and excessive privileges by carrier would be more relevant than by which handset/manufacturer they've put them into?

  7. Anonymous Coward
    Anonymous Coward

    Bloatware

    Can anyone justify why the Android Speedtest app (Ookla) has grown to over 8MB in its latest release? That must be about 7.9MB of unncecessary, potentially exploitable, code.

    1. Tim Parker

      Re: Bloatware

      "Can anyone justify why the Android Speedtest app (Ookla) has grown to over 8MB in its latest release?"

      App ? Can you not just run the test from speedtest.net directly ?

    2. Charles 9 Silver badge

      Re: Bloatware

      Probably more data than code. Odds are it's mostly an offline comparison database. It grows because more devices keep getting added.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019