Press "Enter" to skip to content

Android’s Nuclear Football

The day after I pat Google on the back for doing something right, they go screw it up. What’s got me and others scratching our heads is there doesn’t seem to be a reason for it.

I’m talking about the so-called “kill switch” built into Android that lets Googlefolk remove installed applications from Android phones. We’ve known about its existence since the beginning of Android, it’s mentioned in the terms and conditions at the Google app store and the mainstream press took note as early as October of 2008. But, to me at least, it’s been something akin to the U.S. intercontinental nuclear arsenal. I don’t like it’s existence, but I figure that sane people are in charge and it’ll never get used.


But Google’s now used it, and has even bragged about that fact on the Android Developers Blog in a post by Android Security Lead, Rich Cannings:

“The remote application removal feature is one of many security controls Android possesses to help protect users from malicious applications. In case of an emergency, a dangerous application could be removed from active circulation in a rapid and scalable manner to prevent further exposure to users. While we hope to not have to use it, we know that we have the capability to take swift action on behalf of users’ safety when needed.”

The thing is, the same blog had already sought to assure us there was absolutely nothing dangerous about the apps removed. They weren’t malware, just deadware.

“These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.”

I suppose the average Android user, who may be only vaguely aware that Android is open source or what open source means, won’t mind too much, if at all, that apps can be remotely removed from their phones without their input. Many users might even be pleased to know Google is standing over them, ready to protect them from any unscrupulous app that might hurt their smartphone or bank account .

But Houston, we’ve got a problem. This is open source, and such heavy handed we’re-going-to-take-over-your-device-for-your-own-good behavior goes completely against the spirit of the GPL.

It’s fine and dandy that Apple puts a similar switch on the iPhone (which they haven’t used) or that Amazon can delete books from Kindle (which they’ve ironically done with 1984), because they’re both proprietary systems. You don’t own the operating system on an iPhone or Kindle, you just have the right to use it.

That’s not the case with Android. You own the the operating system outright. According to the license, you have the right to modify it any way you like. You can sell it. You can give it away. You can do anything you like with it. It’s yours.

I’m reasonably sure that Google has good motives. After all, people do their banking and lots of other things on their cell phones that could put them at risk if an unscrupulous developer were to design a back door into an app that didn’t get caught until after it was downloaded. But good motives don’t make this right.

However, there is something Google can do that will allow them to keep this function without violating the spirit of the open source model. That something is called “choice.” Allow the user the ability to configure how the kill switch functions on his or her devise. The user could choose either “let Android automatically remove malicious applications,” “prompt me to remove malicious applications,” or “disable kill switch, entirely, I’m feeling lucky.”

If they did that, they could even make the first option the default.

Breaking News: