EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.23.13

Android With Proprietary Apps Installed is Not Secure

Posted in GNU/Linux, Google, Security at 6:39 am by Dr. Roy Schestowitz

Proprietary on top of Free/libre is like mud below a fortress

A fortress

Summary: The need to be able to verify that programs treat users respectfully and how it applies to Android

A new version of Android is said to be just days away [1]. There are already some rumoured features [2], but it is hard to tell more because the development process is not as open/free as Google would like us to believe. Google already lost a prominent FOSS figure because, according to him, Android was not so loyal to freedom or openness anymore.

“One cannot build back doors if they become visible. It’s a case of trust through deterrence.”Android is becoming somewhat of a de facto standard in watches these days [3,4], even though some companies go the other way [5]. In this area of watches, unlike CCTV-like eyeglasses (Google also explores taking fingerprints soon [6]), partners of Google appear to be ahead of Google. The same goes for TVs based on Android [7]. Android is almost becoming a de facto standard in embedded also [8].

Let’s accept the fact that Android is here to stay and to thrive (around 80% market share now), but how secure is it really? According to a report from The Wall Street Journal, spies are now accessing the microphone (and maybe camera) of Android devices remotely. Let’s accept the fact that the user is the weakest link (installing malware on one’s own [9]) and without a doubt users will always need to step in and do potentially risky things (adding software, as promoted in [10-12] this month, is the strength of Android). We are left dependent on trusting developers, not just within Google but also outside it (the community is developers is broadening [13]). Many of them are releasing proprietary software into Google’s digital market, so how can we — as users — check that these applications really respect our privacy and strictly obey OS-level restrictions? The users need not be developers, they can simply rely on several other users auditing or forking the code out of curiosity. One cannot build back doors if they become visible. It’s a case of trust through deterrence.

Related/contextual items from the news:

  1. Android 4.4 KitKat tweets hint at Oct. 28 launch

    Two pictures shared by @KitKat on Twitter suggest Google will launch the operating system on October 28.

  2. Android signs up for official default setting for texting

    A single messaging app for Android might be closer than you think, as Google unveils new settings in KitKat to officially set a default text-messaging app.

  3. Sony SmartWatch 2 ticks as Google watch rumors tock

    Sony shipped its Android-based SmartWatch 2 in the U.S. market, featuring higher-resolution, NFC sync, and water resistance, while also launching its Xperia Z Ultra phablet and Xperia Z1 phone. Meanwhile, Google’s long awaited smartwatch — rumored to be a Nexus model codenamed Gem and featuring Google Now technology — is expected to be unveiled with Android 4.4 (aka KitKat) on Oct. 31.

  4. Review: Samsung Galaxy Gear smartwatch

    When a new tech product launches, reviewers usually come to some sort of consensus. Often something just clicks, and you see raves across the board. Other times, the product has obvious flaws, and critics are all equally quick to point those out. The early consensus for the Samsung Galaxy Gear, however, isn’t quite jiving with us. Though it’s been almost universally panned, we had a very different take on it. Why? Read on, as Gizmag gives you a different perspective on the new Samsung Galaxy Gear smartwatch.

  5. Nike’s no-Android stance on FuelBand is a huge mistake

    Nike is only shooting itself in the foot with its stubborn reluctance to work with Android.

  6. Android Fingerprint Sensors Coming Soon

    A coming web standard being pursued by the FIDO Alliance seeks to enable much wider use of biometric sensors to access accounts. FIDO should reduce, if not eliminate all together, the use of passwords to access accounts on mobile devices. The initial FIDO-equipped Android devices are on track to roll out in early 2014.

  7. Devs jump on Android TV ahead of Google

    Google may be keeping quiet on when the Google TV platform will be updated to the Jelly Bean operating system, but developers are already hard at work.

  8. Android HDMI-stick mini-PC includes Ethernet port

    Zhongshan Gosinggo has begun selling a 4.1 x 1.5 x 0.6-inch Android 4.1 mini-PC that includes both WiFi and Ethernet ports. The Gosinggo GSG-TB-06 is equipped with a 1GHz Allwinner A10 processor and Mali-400 GPU, as well as 1GB of DDR3 RAM, up to 32GB of flash, an HDMI port, and dual USB ports.

  9. How Secure Is Android, Really?

    Let’s get this out of the way. Android as an operating system is very secure. It has multiple layers of protection to keep malware at bay, and it requires your specific permission to do almost anything that could lead to your data or the system being compromised. However, Android is an open system that trusts you the user and its community of developers to do the right thing. If you want to, you can give away a lot of permissions, and even access to deeper parts of the system if you’ve rooted your phone. Android tries to protect you from yourself, but if you nudge it, it lets you have the final say on what to install (and from where, like unknown sources and beyond the regularly-patrolled walls of Google Play) and who to give permissions to.

  10. New Aviate app makes Android phones more intuitive

    There comes a time in every smart phone owner’s life when the number of installed apps outweighs the brainpower available to the owner to keep them all managed. Enter Aviate, a new home screen management system for Android that aims to keep everything under control, intelligently.

  11. 9 of the best video-player apps for Android
  12. Top 15 Android tablet apps for work and play

    Android tablets have come a long way since the first, the Motorola XOOM, appeared. The right apps make them great tablets for both work and play.

  13. The Big Android BBQ 2013 in pictures

    The Big Android BBQ is a unique combination of developer conference and enthusiast get-together, all wrapped up in a general celebration of the Android operating system. Attendees come from all over the world to share ideas, best practices, or just to hang out with friends. This year the conference saw more than 40 sessions ranging from Glass development to hardware hacking, with more than a few things in between.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 29/9/2014: OpenDaylight Helium Release

    Links for the day



  2. European Patent Office Disorganisation: Problems With the Audit Mechanisms - Part IV

    A prelude to a long article about a thug called Topić, his controversial Battistelli-sponsored appointment, and the removal of auditory functions by Battistelli



  3. More Good News About Demise of Software Patents and Along With Them, Consequently, Patent Trolls

    A weekly roundup of news about patents in the United States and elsewhere, with special focus on software patents



  4. IRC Proceedings: June 22nd, 2014 – September 13th, 2014

    Many IRC logs



  5. Links 28/9/2014: Moto X, End of OpenSUSE 11.4

    Links for the day



  6. CBS Continues to Get Heavily Occupied by Microsoft Staff to Spread Microsoft Propaganda

    The CBS-owned ZDNet continues to hire people who have worked or are currently working for Microsoft and unsurprisingly enough they use their newly-acquired positions to praise Microsoft and bash Microsoft's competition, usually with no disclosure of their conflict of interest



  7. Links 27/9/2014: Linux (Almost) Everywhere, Features Of Linux 3.17

    Links for the day



  8. Microsoft Fakes 'Charity' and Uses Religious Groups to Acquire Lock-in in the Public Sector

    Microsoft's involvements with NGOs and with governments lead to more distrust, more surveillance, less freedom, and ultimately systemic corruption



  9. Bill Gates' Privatisation Crusade

    Mr. Gates, seeking to increase his huge profits and political power, reaches out to Catholic leaders and David Christian



  10. Tux Machines Under DDOS Attack

    Most of Tux Machines continues to work as usual, but some parts are temporarily restricted to keep the server running



  11. Links 26/9/2014: LibreOffice Celebrations, Betas of *buntu

    Links for the day



  12. Links 25/9/2014: KDE Roadmap, Bash Bug, GNOME 3.14 in Next Fedora

    Links for the day



  13. Links 24/9/2014: GNOME 3.14 Released, Bash Has a Bug

    Links for the day



  14. Links 21/9/2014: Fedora 21 Alpha

    Links for the day



  15. More of Bill Gates' Investments in GMO and Mass Indoctrination Under the Disguise of 'Donations'

    Microsoft's arrogant and famously corrupt co-founder is taken to task by those whom he is trying to bamboozle for monopoly, unlimited cross-generational power, and never-ending profit without risk



  16. Home Depot Confirmed a Victim of Microsoft's Bad Security, Microsoft Lays Off Security-Related Staff

    News reports circulate showing that Home Depot was knowingly careless with its Windows dependency while Microsoft lays off staff focused on security



  17. European Patent Office/Organisation - Suspicion of Improper Collusion Between EPO President and Chairman of the Administrative Council: Part III

    A preliminary look at Battistelli's reign and how regulatory powers got abolished, leaving the EPO reckless and largely unaccountable



  18. Links 21/9/2014: xorg-server 1.16.1, Linux Kernel 3.16.3

    Links for the day



  19. Links 20/9/2014: GNOME 3.13.92, Android L

    Links for the day



  20. Scanning Patent Troll Implodes; Is the Podcasting Patent Troll Next?

    MPHJ loses and Personal Audio LLC perhaps wins for the last time since software patents are quickly losing legitimacy in the United States



  21. If CAFC is Not Above the Law, Then it Should be Shut Down Now

    A long series of abuses in CAFC may as well suggest that this court has become broken beyond repair



  22. The Latest From Microsoft Patent Trolls and Patent Partners

    Microsoft-linked and Linux-hostile trolls continue their relentless attacks (albeit with little or no success) while patents as a weapon lose their teeth owing to a Supreme Court ruling



  23. Microsoft Proves That Its Massive Layoffs Are Not About Nokia

    Microsoft is laying off a lot of employees who have nothing at all to do with Nokia



  24. Links 19/9/2014: Another Red Hat Acquisition, Netflix Dumps Microsoft Silverlight and Brings DRM to WWW

    Links for the day



  25. Links 18/9/2014: Windows Copying GNU/Linux, Germany Moves to Security

    Links for the day



  26. Web Site 'Patent Progress' Now Officially 'Powered by CCIA' (FRAND Proponent, Microsoft Front)

    After talking a job at CCIA, "Patent Progress" and its chief author should be treated as dubious on real patent progress



  27. Articles About the Death of Software Patents in the United States

    Recent coverage of software patents and their demise in their country of origin, where even proponents of software patents are giving up



  28. The Death of Software Patents is Already Killing Some Major Patent Trolls

    VirnetX seems to be the latest victim of the demise of software patents in the United States



  29. More Microsoft Layoffs

    More Microsoft layoffs go ahead as the company is unable to compete



  30. ODF on the Rise

    Milestones for OpenDocument Format (ODF) and the launch of FixMyDocuments


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts