“Tech giants listed as part of the National Security Agency’s Prism spying program have gone to some lengths to convince the world they aren’t in bed with the U.S. government,” Mark Milian reports for Businessweek. “Google has filed a request with the U.S. Foreign Intelligence Surveillance Act court asking permission to disclose more information about the government’s data requests.”
“So there’s a certain irony that NSA programmers are now refining code that Google has approved for the company’s mobile operating system, Android,” Milian reports. “Google spokeswoman Gina Scigliano confirms that the company has already inserted some of the NSA’s programming in Android OS.”
MacDailyNews Take: Why does Google, supposedly staffed by some of the world’s preeminent genius PhDs, need U.S. government workers to write “security” code for their OS?
“Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter,” Milian reports. “NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement. NSA researcher Stephen Smalley, who works on the program, says, ‘Our goal is to raise the bar in the security of commodity mobile devices.'”
MacDailyNews Take: “Open.”
“In May the Pentagon approved the use of smartphones and tablets that run Samsung’s mobile enterprise software, Knox, which also includes NSA programming, the company wrote in a June white paper. Sony, HTC, and Samsung declined to comment,” Milian reports. “‘Apple does not accept source code from any government agencies for any of our operating systems or other products,’ says Kristin Huguet, a spokeswoman for the company.”
Read more in the full article here.
MacDailyNews Take: By SteveJack
As the post-PC world continues to diminish the use of crappy Windows PCs, which run a so-called operating system from Microsoft, a company that seemingly couldn’t wait to jump into bed with the NSA for whatever benefits that would offer, the conspiracy-minded could easily see why malware-prone Android phones and tablets are being pushed so hard to the ignorati worldwide through unending “Buy One, Get X Free” promotions, myriad slanted reviews that falsely equate Android devices with Apple products, and why lawsuits over blatant patent infringement are stalled in U.S. and other U.S.-allied nations’ courts for many years, while (and so that) Android takes hold as the world’s dominant OS in terms of unit share; get it in as many hands as possible.
But, of course, that would be crazy talk.
SteveJack is a long-time Macintosh user, former web designer, multimedia producer and a regular contributor to the MacDailyNews Opinion section.
[Thanks to MacDailyNews Reader “Peter G.” for the heads up.]
Related article:
Snowden: Apple, Facebook, Google can resist U.S. NSA – June 17, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010
No self-respecting iconoclast of any stripe would stoop to anything android. There is no honesty amongst thieves, after all.
These are strange and treacherous waters. I hope Apple navigates them well with grace and style.
The words “Google” and “trust” should never be used in the same sentence.
Why did you do it then?
Yes it should:
‘I will never trust Google’
Or “I trust Google to never be trustworthy”
I do not trust Google. No sane person should trust Google. Even Google employees should not trust Hoogle.
Enjoy your fake iPhone, Andy.
To Hell with it.
I’ve decided to forward my snail-mail to the NSA and BCC them on all emails.
(Of course, this is not news to them…)
A pragmatic decision. Better to be f*cked than raped (the difference being consent)…
I think we agree on something!
😉
Rape is never funny. In any context.
You don’t need to forward it to them. They are already monitoring snail mail as well.
http://thenewamerican.com/usnews/constitution/item/15897-the-us-postal-service-is-monitoring-your-snail-mail
the NSA is larger than the CIA and here is how wikipedia describes it:
“NSA is primarily tasked with collecting and analyzing information and data of foreign intelligence and counterintelligence value, including through clandestine means.[5] ”
Anybody feel comfortable that an agency “tasked with collecting and analyzing information” is writing code for your phone?
Android is expanding like bacteria in china, how does the Chinese govt. now feel with NSA code phones all over China?
Yesterday MDN linked an article about how Google is special because it is ‘science based’ and filled with genius scientist coders etc. Today we read how these place filled with genius coders need NSA to write code for them. And yet with these so called ‘Security Enhancements’ Android has 90+ of the mobile malware out there (so the phones aren’t that ‘secure’ after all, so what exactly is NSA doing… ? )
It’s an amazing business strategy. Develop an open-source OS, put no work into security, give the OS away for free so that the market is permeated by these cheap devices, then sit back and let the rest of the world enhance the security by developing the code for it. It is open source after all. I don’t know why it didn’t occur to me that this would happen. I can see the headlines now. Android devices more secure than Apple after 5 years of work by the NSA on the open source project. Only problem with this, from a consumer standpoint is that the NSA’s motto (and Google’s too) is “All your personal data are belong to us.”.
So, U.S. taxpayers of today and the future are paying for Android’s “security.” Apple is paying to have the Federal Government “enhance” Android.
Maybe the NSA can take over patches for Windows XP, after Microsoft abandons it next year. Then, Microsoft can pay to have customers NOT upgrade to Windows 8, and the NSA can “protect” 30+ percent of all personal computer users.
I’m looking forward to the new heights – or depths – of justification that Android users will reach for in attempting to explain this away.
Maybe we should all start to add signatures to our email messages that triger the software filter at NSA and that way force them to archive and have an analist read every single email.
That is, use the system against them.
A list of words that refer to questionable activities should do it…
When everyone on the planet and every email is suspect, that should make it “somewhat” dificult for them to filter.
Should we replace the “sent form my Ipad” signature in our emails to F U NSA?
My first thoughts were if the gov got google to do it it’s probably in iOS as well, second thoughts were maybe this is why Google gets away with a slap on the wrist for everything evil it does and apple seems to get bent over
This is all you need to know
Google = we let the NSA put their code in our software
Apple = Apple does not accept source code from any government agencies for any of our operating systems or other products.
“… and why lawsuits over blatant patent infringement are stalled in U.S. and other U.S.-allied nations’ courts for many years, …”
Anyone else starting to get a nagging suspicion as to what might be actually behind the ridiculous DoJ case against Apple? Beyond the obvious of Amazon greasing palms in D.C.?
Punishment for not towing the NSA line?
I’m beginning to have a bad feeling about Apple’s chances of winning that case. If Apple does lose, appeals and loses, and appeals and loses… I’d say the handwriting was on the wall.
Time to put on the tinfoil hat, I guess.
Yea, I’m there: I’m thinking the judge pre-announced her view of the case because she couldn’t stomach the orders she was given on how to rule and knew that by pre-announcing her decision Apple would appeal and this would become some other judge’s problem.
Android’s market share in the US is lower than in most developed world. Its growth has been somewhat arrested, and there is some indication that it may drop even further (depending on what Apple decides to pursue with their iPhone line). Class-wise, Android seems to mostly cover lower-income parts of the American population, with lesser education. while they certainly deserve privacy protections as much as the richer Americans, it is fairly clear that the segment of the population most afflicted by Android is the one that cares the least about their own privacy.
And on the flip side, what better way to spy on the activities of foreign (and potentially hostile) nations than by looking at their people’s private communications?
MDN – always giving a fair, balanced and objectionable view on things…yeah right.
“NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device.”
I don’t get what the problem is. The NSA seems to be doing for Android what Apple already does for iOS: isolate apps to prevent them from doing bad things.
I suppose the problem arises if you don’t believe that that is what they are, in fact, doing. But on face value, it seems they’re doing Android users a favor…
Just to follow up from the original article:
“The NSA developed a separate Android project because Google’s mobile OS required markedly different programming, according to Smalley’s 2011 presentation. Brian Honan, an information technology consultant in Dublin, says his clients in European governments and multinational corporations are worried about how vulnerable their data are when dealing with U.S. companies. ”
Basically, what they’re saying is: Android (like Windows) is so full of holes only the NSA is able to patch up this mess.
Again, we may all need to be paranoid about government agencies putting code in our phones (well, not my phone of course- I have an iPhone), but maybe this was just a cheap and certified way for Google to have someone else clean up their security mess. The article also stated that the code is available for viewing “line by line”- so you can go look at it yourself to see if it’s malicious…
I really think the only thing this article is saying is “Android security is so screwed up it took the NSA to protect people.” Perhaps I’m naive, but that’s how it looks to me. Of course, even if this was the “only” take-away, it’s still worth noting how inferior Android is…
You would have to be totally blind to reality to buy their story. The NSA’s mandate is to spy on electronic communications. The NSA’s leadership has already been caught leen lying to congress about what they are doing. The BSA has already been shown to be violating their (already lax) FISA obligations, as we’ll as violating the constitution.
Why would you take anything they say at face value?
The reason Google did Android was not to sell an OS or phones but to bring in revenue, openly or otherwise.
I doubt Google foresaw that China would develop its own OS smartphone software since Android was “FREE”. But, the Aliyun OS as has been started in China and the NSA leaks are likely to accelerate a move away from Android.
Hence, they had no reason for Google to make it necessarily good or secure, just “FREE,” as a loss leader. These points are why I suspect another OS will eventually supplant Android from a company other than Google, but I can’t guess what it might be.
Apple on the other hand, sees the consumer as needing the best of the best and puts all the effort needed to get the OS right and secure for the value Apple gets from its entire ecosystem.
From what I got out of the article, it looks like NSA is only involved in Android to try to patch its myriad security problems. It seems very unlikely to me that they could hide spying software in Android’s codebase, given that it is all open source. The code is all right here for anyone to look at line-by-line: https://github.com/android
Dear citizens of the USA.
With your help we have once tried to do what was expected, in the past.
Now it’s your turn. Sounds bland, but…
Wake up…? Do something…?
This time, you got to help yourselves and I think it’s urgent.
This from a well meaning German.
Well now, this could explain why the government has been after Apple at every turn. NSA has no code on Apple iOS, that must be one hell of an irritation everyday.
It just seems strange to me that the in habitants of the Puzzle Palace would be actively involved in developing a commercial software product just because said commercial product isn’t very good. Taken at the best interpretation of their motivations, this Agency has really big fish to fry. Maybe keeping Android ubiquitous enough that most phones in the world can be readily hacked has a larger benefit to them.
Still, while not a fan, Reagan’s famous caution “I’m from the Government and I’m here to help” sure springs to mind.
Reports suggest that if current trend should be followed, less than 2% of Android devices will be infected with malware. Android is malware prone but not to the ridiculous extent that tech-analyst profess.
I know Green, but that doesn’t stop 99+% of all new malware being specifically for Android. Nor does it stop LUSER behavior whereby grannie installs any old Android app that catches her eye, oops she’s PWNed. You and I do NOT represent the masses. The LUSER Factor is the main reason Trojan horse malware is so incredibly successfully. Even Mac users got nailed a year ago to the tune of over 100,000 PWNed by one single Trojan horse.
Never ignore the LUSER Factor. Any decent IT manager keeps it foremost in his/her mind.
It comes as no surprise that Android is corrupted with NSA spyware, but what assurance do we have that iOS is not? Clearly, we cannot trust Apple or the government to tell us the truth, so how can we protect ourselves from an obviously compromised government agency?
The term “spyware” just took on a whole new meaning !
Point of Order
“Why does Google, supposedly staffed by some of the world’s preeminent genius PhDs, need U.S. government workers to write “security” code for their OS?”
The Special Ops people who got OBL were/are ‘Government Workers’.
The people who built the Atomic and Hydrogen Bombs were ‘Government Workers’.
The people who designed the space probes exploring our universe were/are ‘Government Workers’.
The Coast Guardsmen who were rescue people at sea under unimaginable circumstances are ‘Government Workers’.
Chuck Yeager was a ‘Government Worker’ as was Neil Armstrong, Alan Shephard & Ed White.
Some of the finest minds in the world work for the UNited States government despite the fact that many could earn far more elsewhere. Some do it because only the government does what they wish to do and others because they think it important to serve their country.
Remember that the next time you toss out that Republican talking point.
Bam!
Your pitifully naive little diatribe fails to answer the question posed:
Why does Google, supposedly staffed by some of the world’s preeminent genius PhDs, need U.S. government workers to write “security” code for their OS?
Do something that brain-dead liberals rarely do: Answer the fucking question, instead of blindly leaping to defend your beloved government which, by the way, doesn’t give a shit about you.
Therefore:
1) The NSA has entered the field of business and is making craptastic Android more competitive with already solidly secure iOS. More government abuse of Apple.
2) “The bottom line: The NSA is quietly writing code for Google’s Android OS. Google says anyone has the right to do so.” Bullshit Alert! ONLY Google allows code into the fake ‘open source’ Android project.
YOU are responsible Google! No wiggle room available! Your blatant LIE has been noted. Same old evil.
Can you tell it’s past my tea time? Let’s try again, sigh:
Therefore:
1) The NSA has entered the field of business and is making craptastic Android more competitive with already solidly secure iOS. More government abuse of Apple.
2) “The bottom line: The NSA is quietly writing code for Google’s Android OS. Google says anyone has the right to do so.” Bullshit Alert! ONLY Google allows code into the fake ‘open source’ Android project.
YOU are responsible Google! No wiggle room available! Your blatant LIE has been noted. Same old evil.