If you didn't know, Google has the ability to remotely delete applications from your phone that may be malicious or otherwise violate the Android and Android Market Terms of Service. And it's a pretty big deal when that happens, and it's a testament to the platform and the developers that it doesn't often happen in this open community.

But Google recently took steps to remotely wipe an app from a small number of phones. And in the interest of full disclosure, they're telling us why:

Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.

After the researcher voluntarily removed these applications from Android Market, we decided to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.

The remote application removal feature is one of many security controls Android possesses to help protect users from malicious applications. In case of an emergency, a dangerous application could be removed from active circulation in a rapid and scalable manner to prevent further exposure to users. While we hope to not have to use it, we know that we have the capability to take swift action on behalf of users’ safety when needed.

Good on Google for not wielding this sword unnecessarily, and good on them for explaining to us why it was done. Hit the source link for the full deets. [Android Developers Blog]

 

Reader comments

Google remotely wipes app from a few phones, explains why

41 Comments

OK, and whom is the one to make the decision about an application being "bad"? Obama?, Bush?, Bill Gates? Steve Jobs?... I believe about INFORMING people about a POTENTIAL or even INMINENT risk (That is Caring), but still leting people to make their own decisions (otherwise is at least meddling).......
I guess we have a New Big Brother to add to the list, Google
I do not believe this is what Open Source is all about......

you're ridiculous... or paranoid. so you're saying if there was an app getting all of your info: passwords account numbers, and copying your e-mails. you'd only want to be notified about it on the android dev blog ? that an average person wouldn't even know existed? or even worse what if it took control of your phone so it could not allow you to uninstall it yourself ! then what ? you're just SOL ? yeah no thanks. i'll pass.

I said informing is caring. they could send you a message alerting you about the threat, not invading your privacy to getting something from your phone...... after all, that is not a good sign if they do that, what they can do you do not know about???? I REALLY do not need or want making decisions for myself..... They did not pay for the phone, they do not pay my monthly bill, and so on.... I lived a few decades withouth the help I will do allright without it, maybe you are way too used to get somebody to lake decisions for you.....
This is all the sme we critizing Stece Jobs for.
Abd BTW if it was such a threatm why did they allowed it on the marketplace?

I can see where you're coming from but you really have to look at it based on the circumstances. You can't just judge everything under that mindset. In this case, it was a application that was gathering private data from your phone which tricked you to download it stating it would do something else but failed to do so. YOU WERE BAMBOOZLED, HOODWINKED, LIED TO. So if you had your own decision, you would like your private data to be taken without permission? I don't think anyone in their right mind would choose that option...

I think this was definitely a time for Google to take swift action. Oh, by the way..... Google is not new to the list. They ARE, THE, Big Brother. ;)

As long as Google lives up to not being "Evil" I'm fine with this. But!! the day they start to censor my apps and remove useful things off my phone is the day I drop Android and never look back.

Even with the best of intentions, this is troubling. Google says the capability is there to stop security risks and malicious code, and only to be used in an emergency. Then they admit this program didn't pose a risk, and there was no emergency. In other words, they're lying about how and when they'll use the capability. When will they decide to ignore their own policy next?

This is reminiscent of Amazon deleting paid-for books from people's Kindles remotely. If HTC threatens a lawsuit, will Google remote delete copies of any software that HTC claims violates their copyrights?

This phone is MY device. I paid for it, and I own it, not Google. I wouldn't let google come into my house to remove malicious software, why should I be forced to let them into my phone?

This is a very bad precedent. But WebOS allows the same control. If you don't want this to happen, lobby Congress, because Google couldn't care less about your privacy.

I'd say the fact that the author "intentionally misrepresented" the use and purpose of a program justifies Google's action here.

I think Google was perfectly within their rights and I see no problem with them doing what they did, or with them having the ability to do it again.

I too have a problem with anyone, including Google, just having their way with what is on my phone without my permission. That said, I do see where a situation could exist where a person might need to be informed they have a "dishonest" app on their phone so they can be given the option of what to do about it.

If the situation should ever arise where a program gets on someones phone that poses a SEVERE risk to the community via cross-infection or something of that nature then people can be informed that they have a choice to 1) removed said app or 2) be quarantined. If not, why not?

As to who makes the call on what comprises a risk, I think a judgment could be made about this as long as the criteria for that judgment were published so that the public had general knowledge of it and could react accordingly.

Wow, this whole subject has the potential to "bring up lots of stuff" eh? Just "thinkin' out loud" and trying to be fair..what say ye?

Sorry but really can't knock Google on this. It doesn't look like they are going to make questionable decisions. The app is going to have to clearly be bad...like attempting to collect your personal info without your knowledge. I'd prefer they have the power to just wipe it without asking you. Or if they have to ask you then at least quarantine the app so that you cannot run it without acknowledging that you have been told that its malicious. Then again scratch that. Because if it were something that could spread or its a part of a botnet you'd still have some idiots that would accept it and let it run and ruin things for others. Just wipe it Google.

I agree with those above that said this is MY phone. Entering my property without my permission & taking something is stealing. No matter the reason. Google even said this app was not malicious, didn't have acces to personal info & didn't do anything. So how was it a threat? Were the people that had it wiped from their phones even notified personally? If they don't read the blogs they may never know that Google accessed their phone without their permission. I also agree with those that brought up Google should have put a notice directly on the phones found to have this app explaining the situation & giving the phone owner input into the process.

But something that no one has brought up. If my phone is rooted with a custom Rom does Google still have access to MY phone through this feature?

Another question... is it only apps we get thru market? Or also installed thru apk downloads?
If other than market, how/why do they have access to listings of what we have installed?

I PURCHASED this phone, not leased it. What it on it is no ones business but my own.

absolute power corrupts absolutely

This is BAD BAD BAD. I am defnately in the notify me ONLY camp. I can see the slippery slope principle here. Google CEO leaves, new CEO is like Jobs and decides no adult material in app store. Overnight it is gone from our devices and we have no choice... OK no big deal, I dont have adult material, but what if he decides no Gaming, or Google gets into a fight with facobook... It is far fetced now, but with this power and baby steps we CAN get there.

/tin foil hat on/

this is what i said a couple weeks ago, about the HTC widget emulators out there, Google CAN pull them. and if HTC want's them pulled, Google would likely pull them

I agree with them being in their rights regarding removal from the market. I am troubled however by the remote wipe...
While I am thankful for the protection against malicious software, the old line "power corrupts, abosulte power corrupts absolutly" can apply here.
If they have absolute power to remote kill any app as they see fit, they have the ability (whether used or not) to dictate what and how you use your phone.
Example, a while back google forced dolphin browser to pull video downloading (even though multiple apps exist that also download video), what it to prevent them from removing all copies from users who didn't bow to google and update to a new version w/o download? Nothing.

I think what sits the most wrong with me in this instance is their apparentl 'secrecy' on this... no where can I find anything from google stating what apps they pulled. They will only refer to them as 'the apps'... why not disclose the names???

I'd rather have a quarantine option. I don't want Google removing apps from my device without me knowing about it. I also don't want it to simply prompt users about the issue while not quarantining said app, because next thing you know, someone will use a fake prompt to compromise your phone.

Doesn't this have the ability to be catastrophic for Android? What if someone hacked into Google's systems, and remotely deleted some critical file on your system? What if they removed the ability to make a phone call?

I understand some people's fear about them using it to remove apps they don't agree with, and I disagree with Eric Schmidt's political leanings, but I just don't see it happening. The second Google removes an app for a political reason, they will have a mass exodus of users. Fewer users means less data, less data makes their advertising positions less valuable. It would be suicide that would affect more than just their US position. Google has alot of data/power, and I believe alot of people know this, but trust Google just enough to continue to use them. It wouldn't take much for them to lose this trust.

No problem here. Nothing wrong with free virus protection.

What about all those transcribed voicemails and voice searches - I bet those are saved. Along with everything else on your phone that touches the cloud - it's all available to Google. If you don't trust them then you better use a payphone instead - if you can find one.

Google doing this is kinda both good and bad. The good part is that if an "evil app" has been installed on your phone and you are unaware that the app is "evil" because it told you it was "good",lol.Google can remove it.

But it should be published about:
1.What the app's name was ?
2.WHat was the evil it was doing,or attempting to do ?
3.Did it get anything before Google removed?

And also who detemines where the line is drawn on border line cases

Dont't delete the app without the phone owner having some knowledge about because they will think their phone is freaking out :p

Wow the tin foil hat set is in force here today, what Google did was right in ANY context you can think of regarding malicious apps, anyone that wants to be notified only is just ignorant of the potential damage some of the apps can do if allowed to stay on your phone

Uhm, I seem to remember that Google did this while saying the apps were not really dangerous, just dishonest. I do recognize the danger of malicious apps but I don't want Google to treat me like I'm a child either. "Mommy Google took that toy away because someone gave it to you saying it was a toy-truck, but it was really just a block of wood."

"Security Researcher" (Tranlation: hacker) Writes app to see if they can sneak something thru the Market.

Google finds out. (Somehow: App binary scanning, Blackmail attempt, unexpected data access/transfer, or Bug report from "researcher", or press article).

Google says, you lied, you die. We will suffer the embarrassment of protecting our users rather than let you blackmail us or embarrass us in the press.

NO PEOPLE its NOT THE SAME as the Amazon 1984 incident. Not even close.

Exactly how many times have they done this before?

I don't really care if they can do this.O noes da powur tripz!

And they're probably not saying the names of the apps because they dont want people searching for them.Just a thought.

Gotta say that I really don't like this. I have the same problem with this that I did a few years ago when Amazon wiped a book from some peoples kindles. Google should have the capacity to raise a popup on the phone that says that 'App xxxxx is a hazard to your phone because of yyyyyyyy and has been removed from the app market. do you want to delete it from your phone now?'

I do not grant google the right to remove anything from my phone at their own discretion. It would be like granting Microsoft the right to remove software from my PC at home because they thought it was dangerous. Even anti-virus programs only quarantine potential threats unless you, the user, tell them to do otherwise.

You did grant Google the right to do anything with software tied to the Market. Re-read the TOS, specifically section 2.4:

"From time to time, Google may discover a Product on the Market that violates the Android Market Developer Distribution Agreement or other legal agreements, laws, regulations or policies. You agree that in such an instance Google retains the right to remotely remove those applications from your Device at its sole discretion."

you did READ what you agreed to correct?

I am on the fence with this one. I really like the fact that Google is protecting the end user here but like most I think there should be a level of notification before removal and If its malicious maybe remotely disabling it and then letting me know before its wiped. As smart phones get smarter its inevitable people will begin to spread things to our phones especially with such a centralized distribution method.(app store) I think you all crying about it need to see it for what it is and not some Roswell conspiracy theory. Google thanks for that but tweak the execution just a tad.

Noone should be surprised at this - assuming youve read the Android Market Terms of Service when starting to use the Market. Section 2.4 explicitly states that you agree that Google can remotely remove any product from your device that violates the developer distribution agreement or any other agreements or laws... at their sole discretion to do so. ;)

I see both sides of this argument as being valid. But to be honest do any of you guys know enough about programing to know if an app is a valid threat? If Google says the app is a danger to your personal information I would listen to them. It's their software they made it and know more about it than you do. they designed the software in the sdk and know what its capable of. they have said that they would not use this function unless they feel its absolutely needed. So just relax and let big brother watch out for you. Lol

Just remember guys, Open Source only means that the source code is provided, and the dev cycle is transparent, doesn't mean free as in beer.

Apple took a lot of flak when the iPhone first came out and Steve Jobs admitted there was a remote app "kill" switch for situations like these. As far as we know, Apple has never used it.

Now we learn that Google not only has the same ability, but has also used it. While I appreciate the thought, I don't want any one, no matter how well intentioned they are, to have the ability to remotely remove stuff from my phone without my permission. It's just creepy.

Not sure I know the best way to handle it, but something along the lines of warning me and allowing me to decide sits better with my overall sense of privacy. I can see the arguments both ways, so perhaps a user selection in your account settings is best. Let me opt-in to remote removes without my okay, or opt-out...something to let me feel like I have some say-so in the matter.

Comments saying this is somehow an evil feature are hilarious.

Take off the tin foil hat, put down the crack pipe and go buy an iPhone. But if you don't don't give up your land line. You'll need it to make calls that don't drop. (Assuming you like to, you know, pick up your phone and hold it while you talk on it.)