EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Android With Proprietary Apps Installed is Not Secure

Posted in GNU/Linux, Google, Security at 6:39 am by Dr. Roy Schestowitz

Proprietary on top of Free/libre is like mud below a fortress

A fortress

Summary: The need to be able to verify that programs treat users respectfully and how it applies to Android

A new version of Android is said to be just days away [1]. There are already some rumoured features [2], but it is hard to tell more because the development process is not as open/free as Google would like us to believe. Google already lost a prominent FOSS figure because, according to him, Android was not so loyal to freedom or openness anymore.

“One cannot build back doors if they become visible. It’s a case of trust through deterrence.”Android is becoming somewhat of a de facto standard in watches these days [3,4], even though some companies go the other way [5]. In this area of watches, unlike CCTV-like eyeglasses (Google also explores taking fingerprints soon [6]), partners of Google appear to be ahead of Google. The same goes for TVs based on Android [7]. Android is almost becoming a de facto standard in embedded also [8].

Let’s accept the fact that Android is here to stay and to thrive (around 80% market share now), but how secure is it really? According to a report from The Wall Street Journal, spies are now accessing the microphone (and maybe camera) of Android devices remotely. Let’s accept the fact that the user is the weakest link (installing malware on one’s own [9]) and without a doubt users will always need to step in and do potentially risky things (adding software, as promoted in [10-12] this month, is the strength of Android). We are left dependent on trusting developers, not just within Google but also outside it (the community is developers is broadening [13]). Many of them are releasing proprietary software into Google’s digital market, so how can we — as users — check that these applications really respect our privacy and strictly obey OS-level restrictions? The users need not be developers, they can simply rely on several other users auditing or forking the code out of curiosity. One cannot build back doors if they become visible. It’s a case of trust through deterrence.

Related/contextual items from the news:

  1. Android 4.4 KitKat tweets hint at Oct. 28 launch

    Two pictures shared by @KitKat on Twitter suggest Google will launch the operating system on October 28.

  2. Android signs up for official default setting for texting

    A single messaging app for Android might be closer than you think, as Google unveils new settings in KitKat to officially set a default text-messaging app.

  3. Sony SmartWatch 2 ticks as Google watch rumors tock

    Sony shipped its Android-based SmartWatch 2 in the U.S. market, featuring higher-resolution, NFC sync, and water resistance, while also launching its Xperia Z Ultra phablet and Xperia Z1 phone. Meanwhile, Google’s long awaited smartwatch — rumored to be a Nexus model codenamed Gem and featuring Google Now technology — is expected to be unveiled with Android 4.4 (aka KitKat) on Oct. 31.

  4. Review: Samsung Galaxy Gear smartwatch

    When a new tech product launches, reviewers usually come to some sort of consensus. Often something just clicks, and you see raves across the board. Other times, the product has obvious flaws, and critics are all equally quick to point those out. The early consensus for the Samsung Galaxy Gear, however, isn’t quite jiving with us. Though it’s been almost universally panned, we had a very different take on it. Why? Read on, as Gizmag gives you a different perspective on the new Samsung Galaxy Gear smartwatch.

  5. Nike’s no-Android stance on FuelBand is a huge mistake

    Nike is only shooting itself in the foot with its stubborn reluctance to work with Android.

  6. Android Fingerprint Sensors Coming Soon

    A coming web standard being pursued by the FIDO Alliance seeks to enable much wider use of biometric sensors to access accounts. FIDO should reduce, if not eliminate all together, the use of passwords to access accounts on mobile devices. The initial FIDO-equipped Android devices are on track to roll out in early 2014.

  7. Devs jump on Android TV ahead of Google

    Google may be keeping quiet on when the Google TV platform will be updated to the Jelly Bean operating system, but developers are already hard at work.

  8. Android HDMI-stick mini-PC includes Ethernet port

    Zhongshan Gosinggo has begun selling a 4.1 x 1.5 x 0.6-inch Android 4.1 mini-PC that includes both WiFi and Ethernet ports. The Gosinggo GSG-TB-06 is equipped with a 1GHz Allwinner A10 processor and Mali-400 GPU, as well as 1GB of DDR3 RAM, up to 32GB of flash, an HDMI port, and dual USB ports.

  9. How Secure Is Android, Really?

    Let’s get this out of the way. Android as an operating system is very secure. It has multiple layers of protection to keep malware at bay, and it requires your specific permission to do almost anything that could lead to your data or the system being compromised. However, Android is an open system that trusts you the user and its community of developers to do the right thing. If you want to, you can give away a lot of permissions, and even access to deeper parts of the system if you’ve rooted your phone. Android tries to protect you from yourself, but if you nudge it, it lets you have the final say on what to install (and from where, like unknown sources and beyond the regularly-patrolled walls of Google Play) and who to give permissions to.

  10. New Aviate app makes Android phones more intuitive

    There comes a time in every smart phone owner’s life when the number of installed apps outweighs the brainpower available to the owner to keep them all managed. Enter Aviate, a new home screen management system for Android that aims to keep everything under control, intelligently.

  11. 9 of the best video-player apps for Android
  12. Top 15 Android tablet apps for work and play

    Android tablets have come a long way since the first, the Motorola XOOM, appeared. The right apps make them great tablets for both work and play.

  13. The Big Android BBQ 2013 in pictures

    The Big Android BBQ is a unique combination of developer conference and enthusiast get-together, all wrapped up in a general celebration of the Android operating system. Attendees come from all over the world to share ideas, best practices, or just to hang out with friends. This year the conference saw more than 40 sessions ranging from Glass development to hardware hacking, with more than a few things in between.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Links 20/3/2018: GStreamer 1.14.0, Freespire 3.0, Endless OS 3.3.13

    Links for the day

  2. BIO, MDMA and PhRMA Are Pushing the PTAB-Hostile STRONGER Patents Act While IAM and Patently-O Continue to Bash PTAB

    The patent microcosm, which compares the Board to the above (crude analogy from Judge Rader and other patent extremists), is still trying to kill inter partes reviews (IPRs), in effect overlooking its own hypocrisy on the matter (they don’t want patent justice, they just want to metaphorically ‘shoot down’ the judges)

  3. 35 U.S.C. § 101 is Still Effectively Tackling Software Patents in the US, But Patent Law Firms Lie/Distort to 'Sell' These Anyway

    The assertion that software patents are still worth pursuing in 2018 is based on carefully-constructed spin which mis-frames several court decisions and underplays/downplays/ignores pretty much everything that does not suit the narrative

  4. Battistelli's EPO Became Extremely Reliant on China for Distraction and on Endless Supply of Applications (Supply Which Doesn't Exist)

    Discussion about the EPO granting machine (or patent-printing machine) and figures the way EPO management would rather the public won't ever see them; the concept that China means redemption for this patent system is as laughable as always

  5. The US International Trade Commission (USITC) Against Comcast, Courtesy of the Intellectual Ventures-Connected Rovi

    The USITC/ITC, which mostly serves to impose embargoes (sometimes in shocking defiance of PTAB decisions), is being invoked by a firm connected to the world’s largest patent troll, Intellectual Ventures

  6. Tinder/Match Group Uses Software Patents to Sue a Rival, Obviously Choosing to Sue in Texas

    Software patents are being used for leverage, but only those which were likely granted before Alice and only in courts at districts somewhere around Texas

  7. Links 19/3/2018: Linux 4.16 RC6, Atom 1.25, antiX 17.1, GNU Mcron 1.1

    Links for the day

  8. From PTAB Bashing to Federal Circuit (CAFC) Bashing: How the Patent 'Industry' Sells Software Patents

    The latest tactics of the patent microcosm are just about as distasteful as last month's (or last year's), with focus shifting to the courts and few broadly-misinterpreted patent cases (mainly Finjan, Berkheimer, and Aatrix)

  9. Patent Maximalists Keep Coming Up With New Terms and Buzzwords to Bypass the Practical Ban on Software Patents

    The fightback against Section 101 and the US Supreme Court (notably Alice) seems to concentrate on old and new buzzwords, such as "Software as a Medical Device" ("SaMD") or "Fourth Industrial Revolution" ("4IR"), which the EPO recently paid European media to spread and promote

  10. News About Patents is Often Just Advertisements Composed Directly or Indirectly by Companies That Sell Patents and Patent Services

    Infomercials are still dominant among news about patents, in effect drowning out the signal (real journalism) and instead pushing agenda that is detached from reality, pertinent facts, objective assessment, public interest and so on

  11. Blocks and Paywalls Won't Protect the Patent Trolls' Lobby From Scrutiny/Fact-Checking

    Joff Wild and Benoît Battistelli have much in common, including patent maximalism and chronic resistance to facts (or fact-checking)

  12. China Has Become Very Aggressive With Patents

    China now targets other Asian countries/firms -- more so than Western firms -- with patent lawsuits; we expect this to get worse in years to come

  13. UPC/Battistelli Booster IAM Blames Brexit Rather Than EPO Abuses

    While the EPO is collapsing due to mismanagement the boosters of Team Battistelli would rather deflect and speak about Brexit, which is itself partly motivated by such mismanagement

  14. European Commission Again Urged to Tackle Abuses at the European Patent Office (EPO)

    Rina Ronja Kari is the latest MEP attempting to compel the Commission to actually do something about the EPO other than turning a blind eye

  15. Links 18/3/2018: Wine 3.4, Wine-Staging 3.4, KDE Connect 1.8 for Android

    Links for the day

  16. TXED Courts Are Causing Businesses to Leave the District, Notably For Fear That Having Any Operations Based There is a Legal Liability

    A discussion about the infamous abundance of patent cases in the Eastern District of Texas (TXED/EDTX) and what this will mean for businesses that have branches or any form of operations there (making them subjected to lawsuits in that district even after TC Heartland)

  17. PTAB Hatred is So Intense Among the Patent 'Industry' That Even Scammers Are Hailed as Champions If They Target PTAB

    The patent microcosm is so eager to stop the Patent Trial and Appeal Board (PTAB) that it's supporting sham deals (or "scams") and exploits/distorts the voice of the new USPTO Director to come up with PTAB-hostile catchphrases

  18. The Patent 'Industry' is Increasingly Mocking CAFC and Its Judges Because It Doesn't Like the Decisions

    Judgmental patent maximalists are still respecting high courts only when it suits them; whenever the outcome is not desirable they're willing to attack the legitimacy of the courts and the competence of judges, even resorting to racist ad hominem attacks if necessary

  19. The Patent Trial and Appeal Board (PTAB) Carries on Enforcing § 101, Invalidating Software Patents and Upsetting the Patent 'Industry' in the Process

    A quick report on where PTAB stands at the moment, some time ahead of the Oil States decision (soon to come from the US Supreme Court)

  20. Luxembourg Can Become a Hub of Patent Trolls If the EPO Carries on With Its 'Reforms', Even Without the UPC

    With or without the Unified Patent Court (UPC), which is the wet dream of patent trolls and their legal representatives, the EPO's terrible policies have landed a lot of low-quality patents on the hands of patent trolls (many of which operate through city-states that exist for tax evasion -- a fiscal environment ripe for shells)

  21. The Patent 'Printing Machine' of the EPO Will Spawn Many Lawsuits and Extortions (Threats of Lawsuits), in Effect Taxing Europe

    The money-obsessed, money-printing patent office, where the assembly line mentality has been adopted and patent-printing management is in charge, is devaluing or diluting the pool of European Patents, more so with restrictions (monetary barriers) to challenging bad patents

  22. Links 17/3/2018: Varnish 6, Wine 3.4

    Links for the day

  23. Deleted EPO Tweets and Promotion of Software Patents Amid Complaints About Abuse and Demise of Patent Quality

    Another ordinary day at the EPO with repressions of workforce, promotion of patents that aren't even allowed, and Team UPC failing to get its act together

  24. Guest Post: Suspected “Whitewashing” Operations by Željko Topić in Croatia

    Articles about EPO Vice-President Željko Topić are disappearing and sources indicate that it’s a result of yet more SLAPP from him

  25. Monumental Effort to Highlight Decline in Quality of European Patents (a Quarter of Examiners Sign Petition in Spite of Fear), Yet Barely Any Press Coverage

    he media in Europe continues to be largely apathetic towards the EPO crisis, instead relaying a bunch of press releases and doctored figures from the EPO; only blogs that closely follow EPO scandals bothered mentioning the new petition

  26. Careful Not to Conflate UPC Critics With AfD or Anti-EU Elements

    The tyrannical Unified Patent Court (UPC) is being spun as something that only fascists would oppose after the right-wing, anti-EU politicians in Germany express strong opposition to it

  27. Links 15/3/2018: Qt Creator 4.6 RC, Microsoft Openwashing

    Links for the day

  28. PTAB Continues to Increase Capacity Ahead of Oil States; Patent Maximalists Utterly Upset

    The Patent Trial and Appeal Board (PTAB) sees the number of filings up to an almost all-time high and efforts to undermine PTAB are failing pretty badly -- a trend which will be further cemented quite soon when the US Supreme Court (quite likely) backs the processes of PTAB

  29. Patent Maximalists Are Still Trying to Create a Patent Bubble in India

    Litigation maximalists and patent zealots continue to taunt India, looking for an opportunity to sue over just about anything including abstract ideas because that's what they derive income from

  30. EPO Staff Has Just Warned the National Delegates That EPO's Decline (in Terms of Patent Quality and Staff Welfare) Would Be Beneficial to Patent Trolls

    The staff of the EPO increasingly recognises the grave dangers of low-quality patents -- an issue we've written about (also in relation to the EPO) for many years


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time


Recent Posts