When a politician or judge proclaims he is getting tough on crime, it only makes me wonder what their stance on crime has been. It also makes me wonder what changed to make them care all of a sudden. What it never does is make me want to vote for them, as it is clear that crime is not a real priority for them. But we are not talking about politics. We are talking about Google, and their new stance on Android apps with deceptive ads:
Google has issued revised rules for Google Play apps in its continuing effort to stay one step ahead of nefarious developers. This time, the primary target is apps with pop-up ads that spoof a system, service or app notification and trick you into clicking where you shouldn't. It's also cracking down on "promotion or install tactics" that cause downloads or Play store redirects without your say-so, along with apps that send unsolicited SMS ads. Finally, it's forbidding any the use of "erotic content" to promote pornography and forcing advertisers to clarify when and how they use in-app purchases. Google will allow developers a 15-day grace period before it drops the ban hammer -- by which point the bad guys will have likely found workarounds.
You can properly read this catalog of horrors as things Google didn't prioritize before. We have every right to question their newfound commitment to it now. More to the point, we have to ask why it is Google tacitly allowed these things for so long. The answer lies in who and what Google is at its core. You cannot separate the core of a company from the products it produces. Android is what Google is. If you are okay with one, there is no use complaining about the other. In this, as in most things, you get what you pay for.
In this case, what you pay for is an advertising company that views you as the product. They also have demonstrated no core values when it comes to consumer privacy or protection. With Google, it is always, “buyer beware”. Google's policies are all about providing easy access for advertisers to your information. That is not a side business. It is how they make their money. Their policies have always been tailored for the exploiters.
There is a reason why 90% of mobile malware is written for Android and not iOS. It is the same reason why convenience stores are targeted by thieves more frequently than Fort Knox. While Fort Knox is where the money is, convenience stores are just easier to rob. If thieves wanted to do the hard work, they wouldn't be thieves in the first place. Convenience stores are designed for convenience. Security is something bolted on after the fact.
It is not that these developers don't try to target iOS. It is that Apple prioritizes security in such a way as to make it nearly impossible for these developers to succeed. Rebuffed, they move on to Android where there are few laws regulating their kind. Google doesn't really care if you click on fraudulent ads. They attitude is that you should b more careful what you click on. Did an SMS scam siphon hundreds of dollars from your account? More fool, you!
I believe that what is really driving this crackdown is Google's push into the enterprise. The latest rumors suggest that the next version of Android will be focused on business. Google, Microsoft, and Blackberry are all sick and tired of seeing Apple gain so much share in enterprise without even trying. Adoption of iPhones and iPads in business is driven by the fact that iOS is the system of choice for the people who work there. iOS has also proven to be safe, secure, and easy to adapt to a work environment.
Android, on the other hand, has a well-earned reputation for being unsafe and unsecure for sensitive data. In business, all data is sensitive. Almost all mobile malware is written for Android. Now that Google cares about businesses, they have to care about their reputation as a safe harbor for bad guys.
The real proof that these new policies do not reach Google's core is the fact that Google is offering a 15 day grace period for these scammers. Google could cut them off at the knees the moment they discover these breaches. Apple certainly would. Instead, they are giving the bad guys a chance to change their code and do a better job of hiding their scams. This makes no sense whatsoever. Google is not canceling their developer accounts or immediately removing the apps. They are providing a grace period for exploiters to continue to exploit. That is really all you need to know about Google and Android. If none of that phases you, happy Androiding.