Openness versus consumer protection? Android, iPhone, and transparency

Posted on January 30, 2009 - 16:22 by egeorge

If you follow news about the Android mobile phone platform, you may have seen recent allegations of malware against a third party application available on Google's Android application market. It's unclear whether or not the application in question, MemoryUp, was actually capable of any of the reported claims against it - Google's own testing showed no malicious behavior - but the application disappeared from the Android Market anyway.
Elisabeth Oppenheimer, of StopBadware director Jonathan Zittrain's "Future of the Internet" blog, writes:
[I]f Google is going to have the kind of open marketplace they want, they’re going to have to be more clear about what they’re doing. No one seems to know who pulled the app—the developer, Google itself, or perhaps some automatic system based on customer complaints. If Google is silently pulling disputed apps while the developers protest … they’ve replicated the iPhone’s App Store. There hasn’t been much protest about the Android kill switch, and people might well be okay with pulling apps that pose security problems from the Market (especially since there are alternative distribution methods). But Android users ought to know who pulled the app, and why.
Contrast the Apple iTunes App Store, which pre-screens applications. It's unlikely for malware to get through, but the high level of gatekeeping also can keep legitimate applications out - including, controversially, competitors to some applications designed by Apple.
Elisabeth continues:
Professor Zittrain argues for solutions that engage the community of users and don’t assume a zero-sum game. Having users test and rate applications—as they do on Android—is a certainly a step in that direction. (Google removing apps without explanation would be a step in the opposite direction, and would make developers nervous.)
Do we really need to choose between openness and security? Professor Zittrain argues that, with the help of the community of internet users at large, we should not need to. For companies in a position to act as gatekeepers seeking a balance they can live with, a high level of transparency and communication with users can help mitigate any restrictions on openness - and can help foster a more secure internet for us all. 
Disclosure: Google is one of StopBadware's sponsors.

Zittrain on the future of the internet

Posted on April 9, 2008 - 16:13 by egeorge

Computerworld has a nice "interview with Jonathan Zittrain":, a StopBadware co-director and professor at Oxford and Harvard. Zittrain has just published a new book, "The Future of the Internet and How to Stop It":, looking at the consequences decreasing openness can have for the capacity for innovation, which he calls "generativity."

Zittrain explains how badware and other online ills can threaten the future of innovation online:

[T]he qualities that make generative systems good make them susceptible to abuse when they become successful. Then, the natural reaction of many people is to retreat. So there is a migration to "locked down" information appliances, like the iPod, that are not programmable by third parties. And you are increasingly seeing the PC itself locked down in places like offices and schools.

If you're in the Boston or New York City areas, consider joining us to celebrate the release of Professor Zittrain's new book. For information, see the Berkman Center's "events page":

Zittrain on Security & Innovation

Posted on March 22, 2007 - 11:09 by egeorge

StopBadware founder and co-director Jonathan Zittrain is featured in Information Security News speaking on badware as a threat to the openness and innovation of the internet. As badware attacks become more common, makers of networked devices – including personal computers – are looking to more locked-down solutions to protect users, Zittrain says.

Professor Zittrain warns that public fears over security could lead manufacturers to create highly controlled computers that function more like appliances, running only pre-approved processes. "'There's a movement to turn the PC into things like the Tivo or BlackBerry, which are tethered to their maker,'" he says.

You can read the full article here. For more on this issue from Jonathan Zittrain, see this interview in Wired, and his paper on "The Generative Internet," available on SSRN.