Language Selection

English French German Italian Portuguese Spanish

Secret Back Doors in Android

Filed under
Just talk

I am everything but a Google basher and I spent a lot of my life descending deep into research of Google foes, Google smear campaigns, lawsuits by proxy, and antitrust actions by proxy. I also advocate Android, but in recent years I have been increasingly concerned about the direction it is taking. I wish to share my latest concern. It relates to what the media characterises as "anti-theft" but is actually a facility to kill phones in a protest or convert them into hostile listening devices. Technology impacts human rights and those who control technology can be tempted to control humans.

Google habitually updates my tablet. It is a Nexus 7 tablet which Google invites itself to update remotely (shame on me for not installing Replicant, but this device does not support it yet). It is not a 3G tablet and it does not have two operation systems (unlike mobile phones) or even a carrier tracking its location all the time. It's a purely Android device with no network tying. It is network-agnostic. I only bought it because in order to replace my PDA (for over a decade) I wanted a device that is not a tracking device. Phones were out of the question.

Networks don't track the tablet. Google, however, is always out there, fully able to identify the connected user (latched onto a Gmail address because of Play), modifying the software without even the user's consent (the user is sometimes prompted to boot, without being able to opt out of the core update itself).

The update in itself is not a problem. What's problematic is its effect.

Following the latest Google update (which I was given no option to reject) I noticed that Google had added a remote kill switch as an opition. It was enabed by default. "Allow remote lock and erase" is what Google calls it and it is essentially working like a back door. Google and its partners in government are gaining a lot of power not over a smartphone but over a tablet.

The significance of this is that not only phones should be assumed to be remotely accessible for modification, including for example additional back doors. What's more, some devices that were sold without this functionality silently have it added. According to the corporate press, the FBI remotely turns Android devices into listening devices and it is getting simpler to see how.

NSA and PRISM destroy our computing. We definitely need to demand Free software, but we should go further by asking for audits, rejecting user-hostile 'features' like DRM, 'secure' boot, and kill switches. I gradually lose any remaining trust that I had in Google and even Free software such as Android.

More in Tux Machines

Desktop News

  • Why Google plans to stop supporting your Chromebook after five years
    It’s worth noting that end-of-life doesn’t have to mean the end of useful hardware. If you have the know-how, you can install Linux on your Chromebook to extend its lifespan. Otherwise, users whose Chromebooks are still in fine working order just have to hope that end-of-life notification never comes.
  • EFF slams Microsoft's 'blatant disregard' for user privacy with Windows 10 [Ed: It's textbook definition of malware]
    THE ELECTRONIC FRONTIER FOUNDATION (EFF) has lashed out at Microsoft over the company's "blatant disregard" for user privacy with the pushy, data-slurping Windows 10 operating system. Following the launch of a petition in June, EFF has heard from thousands of pissed off people who are asked it to take action against Microsoft, and the privacy campaigners are doing just that. EFF is calling on Microsoft to listen to its users, of which more than 6,000 have signed the online petition, and incorporate their complaints into its operating system. "Otherwise, Microsoft may find that it has inadvertently discovered just how far it can push its users before they abandon a once-trusted company for a better, more privacy-protective solution," EFF's Amul Kalia said in a blog post. First on EFF’s radar is Microsoft’s backhanded tactics to get people to upgrade to Windows 10, which we here at the INQUIRER know about all too well.

Leftovers: Gaming

Leftovers: Software

  • Summary
    And so, GSoC has come to an end. In this post, I'm going to describe what I have done in the past 13 weeks.
  • The State of Wayland's GSoC Project For Improved Output Handling
    Google's annual Summer of Code 2016 (GSoC) is now officially over and we're starting to see the final reports issued by the many student developers involved. One of the reports worth mentioning is the Wayland project around getting Weston to start without any outputs and improved output handling. Student developer Armin Krezović was getting his feet wet with Wayland this summer and was led b
  • GSoC with Pitivi
  • GUADEC Experience
    In this blog post, I will be sharing my GUADEC experience which recently held from 11-Aug-2015 to 17-Aug-2016 in Karlsruhe, Germany. I actually got to see the faces behind IRC nicks, met most of developers and people from GNOME community and also most importantly, GUADEC helped me to meet my Google Summer of Code mentor Debarshi Ray in person which was just great.
  • GNOME Usability Test Results (Part 1)
    This is the first part of analysis for the usability test I recently conducted, with the purpose to uncover usability flaws of two GNOME applications: Photos and Calendar. For this part I am focusing on visualizing the results, demographics and talk more about the methodology I used for testing. We will take a closer look on how testers performed on every task given, using a heat map. Hopefully this will create a clear picture of the testing process and help to “get to know” the participants and understand them better!
  • openSUSE Tumbleweed – Review of the Weeks 2016/33
    Week 33 brought us again 5 snapshots (0812, 0813, 0815, 0816 and 0817). There were some smaller and bigger updates, as usual.

Leftovers: Debian

  • Reproducible Builds: week 69 in Stretch cycle
    Daniel Stender blogged about python packaging and explained some caveats regarding reproducible builds.
  • Proposing speakers for DebConf17
    As you may already know, next DebConf will be held at Collège de Maisonneuve in Montreal from August 6 to August 12, 2017. We are already thinking about the conference schedule, and the content team is open to suggestions for invited speakers.
  • Google Summer of Code 2016 : Final Report
    This project aims to improve diffoscope tool and fix Debian packages which are unreproducible in Reproducible builds testing framework.