Google: With our weak vetting, how could this have happened?

Meanwhile, dozens of apps were found to have the same type of access to sensitive information as known spyware does, including access to the content of e-mails and text messages, phone call information, and device location, said Dan Hoffman, chief technology officer at SMobile Systems.

It seems clear that with unsigned apps and minimal vetting for its market place, Android’s (well, Google’s) priority is not security. When you’re trying like mad to offer as many apps as the iPhone you don’t have time for such things. Apps with security issues have been pulled after they’ve been on the market and enough users complained. It such cases the end user is doing the real vetting.

Problem is, not all apps are obvious about what they do. Sooner or later that comes back to haunt the end user, which leads to the real issue: Google doesn’t care that much because the end user is not their customer. I’m not saying Google wants third-party apps to be invasive without user permission, only that preventing it isn’t a priority. The end user doesn’t pay Google for their services, and are not their customer.

Similar to Facebook, Google’s customer isn’t the one using the product every day, but rather the marketing, ad, and analytics firms that make use of the massive amounts of data being gathered. There’s nothing wrong with this—it’s just a business model—but it’s important to know Google’s customers to understand Google’s priorities. Indeed, philosophically Google may not even have an issue with these apps. Google’s been gathering your data for years.

I’d like to see Google take some action on this. Get ahead of the game and make changes to the market place for vetting this stuff. Google can talk “open” all it wants, but they have a responsibility for what’s on their store. They have no issue refusing apps that violate copyright or other firms’ TOS, but that’s all in the interest of their real customers. It’s time they treated the end user with a little respect and looked out for her as well.

Advertisements

4 thoughts on “Google: With our weak vetting, how could this have happened?

  1. “Android users are all adults that paid for their phones with hard-earned cash and no censorship of any form should be allowed on that platform. Everyone and every app is equal. Google has no responsibility to any of these people, users or developers”Couldn’t that same argument be taken to say that Windows or any OS have no responsibility to build in security because it would ‘censor’ the behavior of what can be programmed as an application on the platform, and that it is 100% up to the user to manage security? The issues are that running anti-virus on a mobile platform at this point would kill battery and performance, and that even though the users of these phones are adults, that has nothing to do with their level of knowledge in terms of computer security. It doesn’t mean they’re dumb or lazy, they are just people who don’t know much about computers and want to be able to take advantage of smart-phone features and apps without having to learn how the guts of computer programs and operating systems work in order to keep their personal information safe.Unless there is a big warning on Android that pops up saying that you (user) assume all risk for the leaking of any personal information you put on the device, I think they’re in the wrong. For a non-computer literate user who spends their “hard-earned” cash on that type of device, I think it’s reasonable to expect that a bunch of simple programs that say they’ll do one thing, don’t leak all your private data to unknown parties and then blame you for not realizing that they would do that because you’re just too stupid or ill-informed.

  2. I actually agree with both of the above comments.If no harm comes from a totally open system then Apple may have to – somewhat – modify their model. However, if serious issues affect a significant number of users on the open system – whether ‘privacy’ related or simple instability – then people will have a greater appreciation for Apple’s approach.The only way for this to play out is with a totally open market.Even though there are times that I find myself thinking that Apple should allow some kind of ‘open’ ‘backdoor’ I realize it wouldn’t work. For now I’ll stick with Apple’s more cautious approach.

  3. RE: SteffenjobsI think you just described exactly why I won’t leave the iphone for a Android phone. If I have to be responsible for outsmarting international criminal cartels who trade is stolen data then I will pass. Life is to short to spend time just making sure I can use a phone without getting robbed. It’s not even like I will just be mugged for my cash either. You can loose EVERYTHING that is done with zero’s n ones (binary code). As a matter of fact, after reading your comment, if true, i will never buy an Android phone. Palm just moved up a notch.

  4. Vetting for what? A totally open OS shouldn’t require any vetting at all. Android users are all adults that paid for their phones with hard-earned cash and no censorship of any form should be allowed on that platform. Everyone and every app is equal. Google has no responsibility to any of these people, users or developers. Android’s main purpose is to deliver ads to tens of millions of mobile consumers. Android is a freely distributed OS so users and developers should take their own responsibility. Users and developers that want a truly “open” OS are basically demanding to take the bad with the good. Even as an iOS user, I want Android to stay as wide open as possible with no controls whatsoever. If a closed environment is a “bad” thing and will cause iOS to fail, then a totally open environment is a “good” thing and will cause Android to be a success. I want to see each plan carried out for about three more years and see what happens to both. I’m really curious about the outcome to see if these “open=success/closed=failure” arguments are valid.

Comments are closed.