Google's Android kill switch is a GOOD thing
People get so paranoid about Google! Not that Google or any other large company in this industry is especially loveable, but so-called privacy advocates are especially prone to presume the most evil motives on its part. The latest example is the "Android Kill Switch."
This issue grew out of the discovery of dozens of malicious applications in the Android Marketplace on March 1st. Google removed the apps and went a couple of steps further: The company issued a program to reverse the effects of any infections, triggering the Remote Application Removal Feature.
Droids Mop Up Malware
This feature allows Google to remove applications remotely on users' devices with a signal from its end. It's not clear if Google can do this for applications not distributed through the Android Market, but in this case the applications were, so the company could. In the past Google has used the same technique for applications that were misrepresented in the Android Market in some way.
But this time several reports on the affair expressed discomfort with the move. "Creeped out" was the word used by my PC Magazine colleague Peter Pachal, who is clear that he doesn't want to make too much of it. But I wonder why he feels uncomfortable with it at all. This kill switch is a good thing.
Even as a fairly expert user I like the idea that Google, who knows Android about as well as anyone, can clean up any messes I get myself into. And malware on Android or any other platform can be harmful to other devices, so one could argue Google protects everyone by removing it. This reasoning presumes that Google only removes that which should be removed, and I'm willing to assume the company is competent enough to do that.
The real scandal isn't that Google has such comprehensive mopping-up facilities; it's that the preventative measures are so weak. In some contrast to Apple, Google made it as cheap and easy as possible to write apps and get them into the Android Marketplace. There's a one-time $25 fee and that's it. Apple has a $99 annual fee.
Getting a bit technical about it, Apple requires that apps be digitally signed with a real code signing certificate that it issues. Google essentially requires that you use what is called a "self-signed" certificate. Such a certificate cannot be tracked to any identity, although it does give Google a unique key to use the kill switch.
And while it's not an issue here, Android devices are a bit less secure by merit of their including jailbreaking as a feature: You can allow your device to install apps from outside the store. This has led to many malware events, the most recent one a malicious repackaged version of the cleanup tool Google issued for the malware in the Android Marketplace. You get one of those, it's on you, but it's good news for all the security companies trying to roll out Android security products.
As a Wall Street Journal story on the matter describes, unlike Apple and RIM, Google doesn't have any people involved in vetting applications submitted to the Market. Google takes a "clean it up later" approach. This may be necessary since Google doesn't charge for Android, but it's hard to pity Google for its expenses.
Apple Way Better?
Suffice it to say that if Apple took Google's approach to security for applications submitted to the App Store, the market for iOS security products would be a brisk and rich one. And it's not like iOS has an enviable security model. Apple constantly leads the pack in reported vulnerabilities, including about 60 just fixed in the new iOS 4.3. Apple's capable of responding quickly to a threat, but determined and talented hackers have no trouble getting past its defenses. Apple seems to add the extra measures to the front-end of the process, which so far has proven to be the right way to do it.
But if you're a user who owns an Android device and buys applications through the Android Market, you have already decided to trust Google to a significant degree with your device, your mobile connection and your data. Trusting Google to remove malicious applications is just plain reasonable.
Larry Seltzer is a freelance writer and consultant, dealing mostly with security matters. He has written recently for Infoworld, eWEEK, Dr. Dobb's Journal, and is a Contibuting Editor at PC Magazine and author of their Security Watch blog. He has also written for Symantec Authentication (formerly VeriSign) and Lumension's Intelligent Whitelisting site.