→ LinkedIn Intro’s security nightmare

→ LinkedIn Intro’s security nightmare:

But what happens when using profiles for non-security, non-enterprise features becomes widespread? Won’t Google, Facebook, Twitter, and just about every social or ad-supported service want the same access to make it easier to mine your private data, spam your contacts, and evade App Store restrictions? It won’t be hard for the big services to come up with compelling features and friendly messaging to get millions of people to install their profiles, too.

[It’s a mess to be sure. Don’t miss the original if you want the nitty gritty.]

Source: Marco.org

Google’s idea of open

Google’s iron grip on Android: Controlling open source by any means necessary:

For OEMs, this means they aren’t allowed to slowly transition from Google’s Android to a fork. The second they ship one device that runs a competing fork, they are given the kiss of death and booted out of the Android family—it must be a clean break. This, by design, makes switching to forked Android a terrifying prospect to any established Android OEM. You must jump off the Google cliff, and there’s no going back.

Any OEM hoping to license Google Apps will need to pass Google’s “compatibility” tests in order to be eligible. Compatibility ensures that all the apps in the Play Store will run on your device. And to Google, “compatibility” is also a fluid concept that an Android engineer once internally described as “a club to make [OEMs] do what we want.” While Google now has automated tools that will test your device’s “compatibility,” getting a Google apps license still requires a company to privately e-mail Google and “kiss the ring” so to speak. Most of this is done through backroom agreements and secret contracts, so the majority of the information we have comes from public spats and/or lawsuits between Google and potential Android deserters (see: Acer).

Another point of control is that the Google apps are all licensed as a single bundle. So if you want Gmail and Maps, you also need to take Google Play Services, Google+, and whatever else Google feels like adding to the package. A company called Skyhook found this out the hard way when it tried to develop a competing location service for Android. Switching to Skyhook’s service meant Google would not be able to collect location data from users. This was bad for Google, so Skyhook was declared “incompatible.” OEMs that wanted the Google Apps were not allowed to use them. Skyhook sued, and the lawsuit is still pending.

[Surprised? Why would you be?]