Android

From Wikispooks
Jump to navigation Jump to search

Concept.png Android 
(Operating system)Rdf-entity.pngRdf-icon.png
Android.svg
A widely used mobile operating system

Android is a widely used mobile operating system developed by Google. It is a generally reliable[citation needed] open source OS, but as sold to consumers it almost invariably comes bundled with manufacturer malware to facilitate universal surveillance.

Pre-installed Malware

Although open source, Android is often sold pre-installed on mobile phones with dozens of pieces of proprietary malware, usually not able to be uninstalled and sometimes even invisible to end users. The proprietary Android cellphone, in this state, has been described as "the most sophisticated surveillance machine to date for monitoring your routines."[1] Even with a custom ROM, Google Play Services itself can act as spyware, tracking one's location [2], for example.

According to a study by Douglas Leith from Irish Trinity College, Android devices send almost 20 times more data to Google than iPhones to Apple. Telemetry (GPS position, telephone number and IMEI, whether the SIM card is inserted, MAC addresses of the closest WLAN router, etc.) is continuously transmitted - even if the user has not activated a Google account or has objected to the collection of statistical data. Even in standby mode, information is transmitted every 4.5 minutes on average. In 12 hours, Android sends its creator one megabyte, iOS sends 52 kilobytes.[3]. Spokespeople from Google contradicted Leith's findings and pointed to errors in his methodology. According to the corporation, the scientist simply described how modern smartphones work.[4]

Rooting phones

Android is based on Linux, and is affected by a number of Linux bugs. In October 2016, 'Dirty Cow', a Linux privilege escalation bug was published online, which was "believed to work reliably on every version of the mobile operating system and a wide array of hardware."[5]

Avoiding malware

To avoid software-based malware on Android phones, one should use one that gives the user full control (i.e. are rootable) and allow reinstall of an alternative OS such as plain AOSP Android (such as Pixys OS[6], LineageOS or Resurrection Remix OS.

Software sources

Some Android apps abuse their privileges to subvert the phone and serve adverts.[7] The most popular software repository is the Google Playstore.

F-Droid

Full article: F-Droid

F-Droid, started in 2010, is the best established repository which contains only freely available open source apps.

Google Play store

Full article: Google/Play

By July 2017 "at least 500 apps collectively downloaded more than 100 million times from Google's official Play market contained a secret backdoor that allowed developers to install a range of spyware at any time".[8]

In March 2019 a joint investigation by researchers from Security Without Borders and Vice concluded that the Google Play store had around 20 government-sponsored malware apps that had been undetected for 2 or so years.[9]

Alternatives

Another (closed source) alternative software repository is Aptoide, launched in 2009.

Drivers

Some phones use proprietary drivers, which being closed source, cannot be independently verified to be safe. Dealing with these requires either a phone with open drivers available or one writing open drivers themselves. Since reverse engineering hardware protocols can be an extremely challenging ordeal, one should usually avoid phones with proprietary drivers if they want maximum security.


 

Related Document

TitleTypePublication dateAuthor(s)Description
Document:Huawei’s phone business would be decimated without Google’s AndroidArticle20 May 2019Vlad SavovA resolution to the ongoing trade dispute between the US and China is now more urgent than ever. However, China is unlikely to react positively to the bullying tactics of the US. And that means Huawei’s phone business may be in limbo for a while yet.
Many thanks to our Patrons who cover ~2/3 of our hosting bill. Please join them if you can.


References