Google has already inserted some U.S. NSA code into Android

“Tech giants listed as part of the National Security Agency’s Prism spying program have gone to some lengths to convince the world they aren’t in bed with the U.S. government,” Mark Milian reports for Businessweek. “Google has filed a request with the U.S. Foreign Intelligence Surveillance Act court asking permission to disclose more information about the government’s data requests.”

“So there’s a certain irony that NSA programmers are now refining code that Google has approved for the company’s mobile operating system, Android,” Milian reports. “Google spokeswoman Gina Scigliano confirms that the company has already inserted some of the NSA’s programming in Android OS.”

MacDailyNews Take: Why does Google, supposedly staffed by some of the world’s preeminent genius PhDs, need U.S. government workers to write “security” code for their OS?

“Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter,” Milian reports. “NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement. NSA researcher Stephen Smalley, who works on the program, says, ‘Our goal is to raise the bar in the security of commodity mobile devices.'”

MacDailyNews Take: “Open.”

“In May the Pentagon approved the use of smartphones and tablets that run Samsung’s mobile enterprise software, Knox, which also includes NSA programming, the company wrote in a June white paper. Sony, HTC, and Samsung declined to comment,” Milian reports. “‘Apple does not accept source code from any government agencies for any of our operating systems or other products,’ says Kristin Huguet, a spokeswoman for the company.”

Read more in the full article here.

MacDailyNews Take: By SteveJack

As the post-PC world continues to diminish the use of crappy Windows PCs, which run a so-called operating system from Microsoft, a company that seemingly couldn’t wait to jump into bed with the NSA for whatever benefits that would offer, the conspiracy-minded could easily see why malware-prone Android phones and tablets are being pushed so hard to the ignorati worldwide through unending “Buy One, Get X Free” promotions, myriad slanted reviews that falsely equate Android devices with Apple products, and why lawsuits over blatant patent infringement are stalled in U.S. and other U.S.-allied nations’ courts for many years, while (and so that) Android takes hold as the world’s dominant OS in terms of unit share; get it in as many hands as possible.

But, of course, that would be crazy talk.

SteveJack is a long-time Macintosh user, former web designer, multimedia producer and a regular contributor to the MacDailyNews Opinion section.

[Thanks to MacDailyNews Reader “Peter G.” for the heads up.]

Related article:
Snowden: Apple, Facebook, Google can resist U.S. NSA – June 17, 2013

Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010

44 Comments

  1. This is all you need to know

    Google = we let the NSA put their code in our software

    Apple = Apple does not accept source code from any government agencies for any of our operating systems or other products.

  2. “… and why lawsuits over blatant patent infringement are stalled in U.S. and other U.S.-allied nations’ courts for many years, …”

    Anyone else starting to get a nagging suspicion as to what might be actually behind the ridiculous DoJ case against Apple? Beyond the obvious of Amazon greasing palms in D.C.?

    Punishment for not towing the NSA line?

    I’m beginning to have a bad feeling about Apple’s chances of winning that case. If Apple does lose, appeals and loses, and appeals and loses… I’d say the handwriting was on the wall.

    Time to put on the tinfoil hat, I guess.

    1. Yea, I’m there: I’m thinking the judge pre-announced her view of the case because she couldn’t stomach the orders she was given on how to rule and knew that by pre-announcing her decision Apple would appeal and this would become some other judge’s problem.

  3. Android’s market share in the US is lower than in most developed world. Its growth has been somewhat arrested, and there is some indication that it may drop even further (depending on what Apple decides to pursue with their iPhone line). Class-wise, Android seems to mostly cover lower-income parts of the American population, with lesser education. while they certainly deserve privacy protections as much as the richer Americans, it is fairly clear that the segment of the population most afflicted by Android is the one that cares the least about their own privacy.

    And on the flip side, what better way to spy on the activities of foreign (and potentially hostile) nations than by looking at their people’s private communications?

  4. “NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device.”

    I don’t get what the problem is. The NSA seems to be doing for Android what Apple already does for iOS: isolate apps to prevent them from doing bad things.

    I suppose the problem arises if you don’t believe that that is what they are, in fact, doing. But on face value, it seems they’re doing Android users a favor…

    1. Just to follow up from the original article:

      “The NSA developed a separate Android project because Google’s mobile OS required markedly different programming, according to Smalley’s 2011 presentation. Brian Honan, an information technology consultant in Dublin, says his clients in European governments and multinational corporations are worried about how vulnerable their data are when dealing with U.S. companies. ”

      Basically, what they’re saying is: Android (like Windows) is so full of holes only the NSA is able to patch up this mess.

      Again, we may all need to be paranoid about government agencies putting code in our phones (well, not my phone of course- I have an iPhone), but maybe this was just a cheap and certified way for Google to have someone else clean up their security mess. The article also stated that the code is available for viewing “line by line”- so you can go look at it yourself to see if it’s malicious…

      I really think the only thing this article is saying is “Android security is so screwed up it took the NSA to protect people.” Perhaps I’m naive, but that’s how it looks to me. Of course, even if this was the “only” take-away, it’s still worth noting how inferior Android is…

      1. You would have to be totally blind to reality to buy their story. The NSA’s mandate is to spy on electronic communications. The NSA’s leadership has already been caught leen lying to congress about what they are doing. The BSA has already been shown to be violating their (already lax) FISA obligations, as we’ll as violating the constitution.

        Why would you take anything they say at face value?

  5. The reason Google did Android was not to sell an OS or phones but to bring in revenue, openly or otherwise.

    I doubt Google foresaw that China would develop its own OS smartphone software since Android was “FREE”. But, the Aliyun OS as has been started in China and the NSA leaks are likely to accelerate a move away from Android.

    Hence, they had no reason for Google to make it necessarily good or secure, just “FREE,” as a loss leader. These points are why I suspect another OS will eventually supplant Android from a company other than Google, but I can’t guess what it might be.

    Apple on the other hand, sees the consumer as needing the best of the best and puts all the effort needed to get the OS right and secure for the value Apple gets from its entire ecosystem.

  6. From what I got out of the article, it looks like NSA is only involved in Android to try to patch its myriad security problems. It seems very unlikely to me that they could hide spying software in Android’s codebase, given that it is all open source. The code is all right here for anyone to look at line-by-line: https://github.com/android

  7. Dear citizens of the USA.

    With your help we have once tried to do what was expected, in the past.
    Now it’s your turn. Sounds bland, but…
    Wake up…? Do something…?
    This time, you got to help yourselves and I think it’s urgent.

    This from a well meaning German.

  8. It just seems strange to me that the in habitants of the Puzzle Palace would be actively involved in developing a commercial software product just because said commercial product isn’t very good. Taken at the best interpretation of their motivations, this Agency has really big fish to fry. Maybe keeping Android ubiquitous enough that most phones in the world can be readily hacked has a larger benefit to them.

    Still, while not a fan, Reagan’s famous caution “I’m from the Government and I’m here to help” sure springs to mind.

Leave a Reply to Chuck Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.