Google Goes Big Brother with the Android 'Kill Switch'
The most disturbing thing about the Android malware scare might be Google's cure.
Peter Pachal By Peter Pachal
pcmag.com
Over the weekend Google deployed its so-called "kill switch" against the Android malware that had infected possibly thousands of phones. Google's action remote-wipes any of the identified malware from any Android phone and reinforces protections against subsequent infection. "Kill switch" is an apt, if unfortunate, description of the procedure, as the same term has been recently used to describe what the Egyptian and Libyan governments have done to Internet access in their countries.
Is it just me or should we all feel slightly creeped out by Google's move? Certainly, the company had to act, and act swiftly, which it did. Not only did it remove the malicious apps almost the minute it heard about them, but it deployed a fix within days. Considering the number of devices and versions of Android that need to be addressed, that's impressive. But going into my phone and erasing software—no matter how bad it may be—strikes me as a vaguely Orwellian thing to do.
Maybe I'm being needlessly concerned here (and I feel a bit hypocritical after just writing about the benefits of Facebook's openness). If there any offending apps from your phone, Google was nice enough to leave a note about what they erased and why they erased it. And I'm sure Google's on solid legal ground here: although no one who isn't a lawyer has probably ever read any of those Terms of Service agreements we all click "Agree" on with abandon, Google no doubt reserves the right to perform acts like this whenever it has reason to.
It's not even the first time Google has used the measure. Last year Google remote-wiped apps that it deemed deceitful. Although the apps weren't actually malware, their true purpose (to provide data to the developer, a security researcher) was concealed. Honestly, upon reflection, that case is probably more disturbing, because the "quarantine" defense—that the spread of malware needs to be stopped to prevent infection of other devices—doesn't apply. That was simply a judgment call by Google.
Should Google be making those judgments for my phone, though? Put aside the legalities for a second. Would you stand for Microsoft remote-wiping Windows apps on your PC and only letting you know after the fact? Even antivirus programs let you decide to wipe first before they proceed (most of them, anyway). Taking it a step further, would you stand for a car manufacturer to come into you garage in the middle of the night to fix that tricky alternator without clearing it with you first?
I appreciate Google's position here, that position being right in between Rock Avenue and Hard Place Way. Do the remote-wipe, and Big Brother accusations fly. But if they had told victims of the malware why they should remove the apps and gave them the option to remove them or not, there would certainly be a percentage who didn't (for whatever reason). I still think that would have been the better choice, though. Once a customer has bought the phone, that customer should have ultimate control over what's installed on it (and again, I recognize the legalities are more complicated).
Which isn't to say all phones should be open-source or jailbreaking should be encouraged. If you want to play out of bounds from the manufacturers' guidelines, that's your prerogative (and it's not even illegal, according to the copyright office), and you must accept the consequences of doing so. But it should be your prerogative.
I realize Google's not the first company to remotely monkey with users' software, and I don't think it should be raked over the coals for this. But the incident serves as an wake-up call, showing that "control" in the digital realm can be largely illusory. Do you trust companies like Google to rummage through your digital belongings in the name of security? A cellphone is one of the most personal products you can own, but Google's action is a stark reminder that you don't really own it at all. |
