Amazon want to disable security on your mobile
Amazon have done something crazy. They’re trying to get users to break the security on Android phones just so that they can flog you a few Apps and Games from the Amazon app store.
I am, as many readers will know, a fan of Android phones. Unsurprisingly I have the Amazon App installed, so when the app tells me there’s an upgrade available I’m normally quite happy to update the app…. from Google Play where I downloaded it in the first place.
That’s not what Amazon’s latest upgrade message is though. They shout at you to “Upgrade the Amazon App now to get the latest features and enhancements”. They’re telling lies. They think users are stupid. The upgrade isn’t to get the latest features and enhancements it’s to tear down the security on your Android mobile.
That’s revealed on the next screen which is where Amazon’s true intentions are revealed. They want me to set up my phone to browse apps and games from Amazon and the killer “To do this you will need to turn on Unknown sources in your phone’s Security Settings”. Note how the only button is “Continue”, there’s no “For Gods sake cancel and get me out of here” option.
If you do notice and click the ‘X’ at the top of the screen you’ll get the dire warning “If you do not complete this step you will not be able to install apps and games from Amazon on this phone”. This time there is a “Not now” and a “Continue” button. Decent of Amazon to at last give users a choice.
For those uses that don’t manage to cancel out of the flow, the final screen gives you instructions on how to remove the default security setting which only allows downloads from Google Play. Amazon think this is a great thing, it means you can spend your hard earned money on much smaller choice of apps from Amazon instead of the Google.
You may ask what’s the big problem with Amazon, surely they’re a reputable company and you can trust apps that you download from Amazon, and the answer is yes you can trust Amazon. What they’re not telling you is that it’s not just Amazon that you’ll be able to get apps from, you’ve just told your phone you’re happy for apps from any source to installed on your phone. You’ve just made it easier for hackers to tempt you to download and install malware on your mobile.
If there’s a particular app that you want that isn’t from Google Play, the recommended course of action is to enable untrusted sources, install the app, and then to immediately disable untrusted sources again to prevent any further untrusted installations. Amazon don’t want to you disable the untrusted sources again, they want you to leave the door wide open with the key in the lock, so that they can tempt you to download Amazon’s own offerings… along with any apps from hackers and crackers that you’re now exposed to.
You might think I’m being ultra cautious in saying Amazon are asking users to be stupid, but let’s face it most of us are. Most of the people using a smartphone haven’t a clue what a trusted or untrusted source is any more than what a phishing email looks like. That’s why so many people have various accounts hacked each year. It’s for the stupid people that Google have a default no apps from untrusted sources option set as default. It’s to keep stupid people safe.
Of course the people I’m referring to as ‘Stupid’ aren’t really stupid. They’re just not very tech savvy and are clever in many different ways. They are doctors and nurses, teachers and Police officers. They’re in the Army and Navy or are solicitors and accountants. They’re honest hard working people who trust companies like Amazon to look after their interests and sadly in this instance that’s misplaced trust.
The people I should really be calling stupid are the boffins at Amazon that decided disabling default security settings on your mobile so that they could sell you apps would be a great idea and on balance exposing you to hackers and malware isn’t too great price for you to pay.
I guess if we’d all rushed out and bought an Amazon Fire Phone they wouldn’t have had to worry. Now that the Fire Phone has turned out to be a massive flop, they’ve got to figure out another way to flog all those apps developers have invested in and removing your mobile’s security appears to be the price they’re happy to pay.
I think you are exaggerating the risk. Even if this setting is activated, you still have to consent to the installation of each app from other sources. You get a full screen warning dialogue before any such app can be installed, similar to Windows 8’s security warning.
You can also interpret this policy in two ways. IMO it is part of Google’s attempt to enforce a quasi-monopoly on App sales, as no other app stores are trusted except handset manufacturers’ stores e.g. Galaxy Apps on Samsung. There needs to be a mechanism within official Android for reputable 3rd party non manufacturer App stores such as Amazon to be approved to install apps so that there can be more genuine competition for app sales on Android. I doubt Google will ever allow this for their own selfish monopolistic reasons.
I guess the real answer is that Android is an open operating system which is free for anyone to develop (which is what Amazon have done for their own Fire Phone products and tablets).
The thing is if I wanted a bastardised version I’m free to go and buy it, to root my phone or to develop my own version. However if I use the standard Android version that ships on my phone (generally tweaked by the phone manufacturer) I’m going to be safer.
As for Windows security warnings… I’ve never known anyone do anything other than click “Ok” when they pop up which is often the way Malware manages to get itself installed in the first place and just the reason that “stupid” (non-technical!) people are better off with a standard version of Android and sticking to Google Play downloads only, in my opinion.
Of course what Amazon should really be doing is approach phone manufacturer’s like Samsung and pay them to embed the Amazon app store at the same time as they embed the Samsung app store… but that would probably be time consuming and costly which is why they prefer to trick users into creating a security hole on their mobile instead… ;-)
i think the two of them are as bad as each other.
“untrusted source” = anybody that’s not me.
“trusted source” = me, or anyone who paid me to say they’re trustworthy (whether they are or not, i give no guarantees, just suggestive names).
android was built on openness, fairness, exactly the opposite of what you’re ranting about here.
if you really, genuinely, desire a locked-down and unopen ecosystem, to protect you from your own (as you say) stupidity, then you want an iphone.
Trust me… I don’t want an iPhone :D
That is what I used to say.
the good news is, if you do download a suspicious .apk file and try to install it, android will still warn you.
even after you install a dodgy one it’ll remind you every so often that android has it flagged as dodgy.
and if you have antivirus software, they’ll usually flag suspicious apk’s too.
the first thing i do with a new android is turn off the ‘trusted sources only’, but then i am a rebel. :P
I wonder if Google will now release similar instructions to allow users to use Google Play on their Kindles and Fire Phones.
No, Google won’t release similar instructions because that’s not how Kindle Fires and the Fire phone are “protected.” Anyone who wants to can easily install the Google Play store on either, and I think I read the source for rooting a Kindle Fire was released.
I’m all for embracing technology yo help shape the fututre and enhance the good of mankind and our planet etc but let us remember this is a phone for Petes sake!! U make and take calls!! Yes certain features on smartphones are great and useful and important but where will it end? I never download apps etc I prefer old school