Google: Android Security Is No Myth
With Google’s Nexus S now available to the masses, the search engine giant’s favorite smartphone has been facing some criticism over the fact that the mobile OS can be easily rooted (or hacked for you non-geeks), making the device insecure.
Not desiring to let this myth fester unopposed, Google decided to take on the critics by enlightening them on how Android is designed.
The Nexus S, like the Nexus One before it, is designed to allow enthusiasts to install custom operating systems. Allowing your own boot image on a pure Nexus S is as simple as runningÂ
fastbootÂ oemÂ unlock. It should be no surprise that modifying the operating system can give you root access to your phone. Hopefully thatâ€™s just the beginning of the changes you might make. [...]
Android has a strong security strategy, backed by a solid implementation. By default, all Android applicationsÂ are sandboxedÂ from each other, helping to ensure that a malicious or buggy application cannot interfere with another. All applications are required toÂ declare the permissions they use, ensuring the user is in control of the information they share. And yes, we aggressively fix known security holes, including those that can be used for rooting. Our peers in the security community have recognizedÂ our contribution to mobile security, and for that, we are extremely grateful. (Android Developers Blog)
Google goes on to explain that unlike their Nexus S, rooting a device is not a feature, but rather a user exploiting a weakness within the device in order to gain deeper access to the mobile OS.
Unlike many other smartphones (including heavily customized ones running Android), the Nexus S is designed with rooting in mind to make it easier for users to modify their phones instead of locking it down (somethingÂ manufacturesÂ and carriers prefer to do).
Although it’s great to see Google taking a stand in favor of granting users greater access to their phones, the company will probably need to make a greater effort to convince more developers that building upon Android is safe (which could help convince a few iOS developers to finally port their apps upon Android).