Is Android an open source platform? Yes!

in

In the past few weeks (or even months, before anything was even open sourced) many opinions appeared on the internet, that the Android platform is

  • not really open
  • includes kill switch, which is evil
  • has substantial limitations
  • reserves functionality to built-in / closed applications
  • it is just J2ME in a new dress

I can completely understand this frustration. However, contrary to these opinions, I don't think that there is anything wrong with Android in this regard. The problem is, like in most cases, communication.

Many people, who read the slogan open source platform were actually expecting an open source firmware for mobile phones. Of course, this is not what Google promised.

So the real question is: What is an open source platform?

In my generic definition a software platform consists of the following parts:

  • a well documented, standardized programming interface and necessary tools to enable application development.
  • a set of software and optionally hardware components that can be used by vendors to quickly develop products that conform to the documented interface of the platform. These are usually provided as a reference implementation.

The openness of a platform does not imply anything about the openness of the products built on the platform.
To find an appropriate example, we don't have to go far, just look around the GNU/Linux market.

The GNU/Linux platform is one of the most popular open source platforms. It contains a full set of development tools, complete GUI frameworks, desktop environments, productivity applications.

There are many vendors, who create products that are based on this platform, yet these products contain a fair number of proprietary components.

Q: Does the existence of such products affect the openness of the GNU/Linux platform?
A: No.

Q: Can a product that is based on an open source platform impose restrictions on its users?
A: Sure. Just try to use an "Enterprise Linux" product with a custom kernel, and get support from the vendor at the same time.

Q: Is it possible to create a really open product based on an open source platform?
A: Of course! This is what non-commercial Linux distributors like Debian were doing for over a decade!

So now let us assess the properties of the Android platform:

  • API and Tools:The SDK is available, which includes documentation, IDE integration, emulator, debugger and other development tools.
  • Reference Implementation:The full source code is available at http://source.android.com, most components under the liberal BSD and Apache 2.0 licenses. Also, the kernel modifications are available under the GPL, as required.

Based on this it is fair to conclude that Android is really an open source platform. Of course, as stated above, how open the actual products will be, depends only on the product vendors.

Whether the features provided by the Android platform will be sufficient, is a completely different matter and only time will tell. Most limitations are also known to Google, and they will work on fixing them.
Also, the Android Open Source Project is accepting contributions from anyone, and the community is already very active, with the first new processor architecture (armv4t) being supported after just one week.

As a last resort, it is always possible to fork an open source platform, like Android, if Google does not accept crucial features. This forked platform will need to target hardware that was either designed or reverse engineered to accept customized firmware.

At this point it is fair to ask: Why is this Android platform a big deal? We had GNU/Linux on embedded devices for many years now!

While the above statement is true in some segments of the embedded market, like SOHO routers, until now there was no mainstream open source platform for mobile phones:

  • Previous phones with Linux on the inside were not based on an open source platform.
  • While OpenMoko introduced the first phones with an open source firmware, but they failed to create a real platform until now.

So Android, in my opinion, is really the first mainstream open source platform for mobile phones. Whether it will be a success (commercial or otherwise), is yet to be seen.

In future entries I will blog about topics like:

  • What are the advantages / disadvantages of an open source platform for different parties (end users, application developers, device vendors)?
  • Is it possible to develop completely open source mobile phones? Is it really necessary?
  • Is Android harmful for OpenMoko? Will other "hackable" phone projects emerge targetting Android specifically?
  • Does Android have a potential in markets other than mobile phones?

Thank you for reading, and I am looking forward to your comments.

Trackback URL for this post:

http://mattakis.com/trackback/11

Comments

Android was described as an "Open Platform"..

The Android website calls Android an "the first complete, open, and free mobile platform.", not an Open Source Mobile platform (see http://code.google.com/android/). If you lock down APIs and introduce a kill switch which can only be used by a few companies it's not really an open and free platform.

My problem is the open-ness of the platform, not the open-ness of the development process.

Android was described as an "Open Platform"..

Well, Google was never great with marketing. :) Both open and free are unfortunate choice of words. No wonder nowadays you see "free / libre" many times when referring to free software.

Actually the whole site is out of date, it does not even mention the source code release in the FAQ.

In my opinion the openness of a platform cannot be measured by the number of APIs locked down in specific products. You are completely free to take the platform reference implementation, fork it and remove the kill switch, DRM, and other things you don't like. You can write an AndAppStore service to replace the Android Marketplace client, with the same, or even more functionality.

Yes, this fork will only run on hardware which supports custom firmware, and you won't get such phones into the the portfolio of big operators anytime soon. These are the tradeoffs of being completely free or accepting the limits imposed by the "big companies".

However, you can still run all the Android applications that were written only with the "mainstream" phones in mind. This way even your fork won't be a second grade citizien in the mobile market. This is the freedom that was not possible before.
Not even with the previous OpenMoko firmwares. You could use a few Linux applications, but most of those were not designed for phones and are suboptimal in terms of features. And no commercial applications are available for OpenMoko.

Regarding the other issues that you mention in your article (Marketplace, Emergency Numbers, private APIs), I think that Dianne Hackborne (hackbod) gave completely acceptable answers. I worked as developer and team leader on 4 generations of Siemens mobile phones (R65, X75, X85 and one that got never released), so I can truly understand both the security considerations and the time pressures they had.

And they managed to achieve something, what Siemens almost never did: on time release for the christmas market.

Very good post, thanks a

Very good post, thanks a lot.

Open? Huh? They reserve

Editor: The comment deleted because of obscene language.

In essence the commenter did not agree with the blog entry, because of the restrictions imposed by the Android platform (Java only applications, functionality restricted to phone vendors ... etc.)

> so I can truly understand

> so I can truly understand both the security considerations and the time pressures they had
Now, you can listen some funny words from other side of barricades.

That's really funny. You guys are NEVER care about security in way it should be. While CONSUMER pays for all your crap after all, YOU ARE MISERABLY FAILED to protect phone users at all. Hardest protections are for SIM locks ONLY and they are either working AGAINST users or just do nothing in best case. This bullsh*t payed ans sponsioed by users itself btw. Surely operators will not pay any cents on their own - all moneys are from subscribers, after all. How funny. User code on other side is pretty lame and easy to remove, And user's data are not protected anyhow at all. So, you care only about operator's "security" to enslave customers while do not care what really happen if phone stolen, etc and if user can retrieve phone or if thief will gain access to user's data, isn't it? So, actually, you are together with operators just a bunch of cheaters who pwns customers for their own moneys. This is not security, this is TREACHERY actually. And while slavery has been disabled hundreds of years ago, some nasty cell operators still believe that it is a good way to do business instead of healthy and fair competition. Technically, GSM has been designed to allow free choice of cell operators by consumers. So fair and healthy competition has a way to go. This is how this works in countries where cell phones went into mainstream starting from GSM and earlier crappy standards without SIM cards were not widely used, So for example in exUSSR, GSM is just as it should be. You can buy phone you prefer as device of your choice. Then you can select operator you like and subscription you prefer. And what done by operators in "civil" Europe or USA closely resembles one of light slavery forms existed in Russia in XIX century and earlier. Before 1861 slave peasants had right to leave their master and seek for another master only one day in each year. Now, same sh*t with subscribers and contracts happens - you can leave only on certain day (when contract ends) and no, you can't just select phone and subscription you will like. To enforce this there is technical restrictions applied which are interfering with nature of GSM idea at all. So, this is really "mind slavery". Open source people usually smart enough to recognize this. That's why Google and other are backslashed and this is good. I hope day will come and mind slavery will be gone just as slavery gone some centuries ago. And you can be pretty sure: WE WILL CELEBRATE THIS EVENT. Just as our ancestors celebrated end of usual slavery. And you can be pretty sure: lots of slaves HATES or DISLIKES their slavers. And this is reasonable. That's why Google is backslashed. Everyone feels that this mind slavery will fail soon, just as real slavery did once.

Now a bit of words about security and time pressure...
- You guys are really funny. You have crafted complicated boot authorization crap just to lock peoples out of their phones while there were whole huge communities who enjoys by changing Siemens firmware to the way they like it works, looks and feels (everyone wants to have phone of their dream, not just boring and poorly customizable brick). And yeah, we are like to walk with netmontor to see how crappy cell operator network really and how this compares to ETSI documents. Then you introduced boot core to f...k up these who likes to change things in firmware (and unlockers but these are never loosing battle - if there is need to do smth and right price payed, it will be done, no matter what so any lock is always hacked, even Nokia BB5 has failed to these guys AFAIK). Funny thing was that in x5x Siemens boot core had lame code copy-pasted from old boot ROM. And shared same lame bug in boot protocol so people have crafted most strange buffer overflow packet ever to overcome your complicated security and all your efforts with boot auth, MD5 and others were nullified by just one oversized packet. That's what I'm calling a really epic struggle for freedom :) so people can have fun once more.

The cool thing in x65 with old firmware is that you probably were so time pressured that you not just released very bugged and crappy firmware but also forgot to turn off your funny debug protocol. You call these protocols BFB and BFC. So, "security" intended to take our fun away has sucked once more, actually. And phones were so plagued with bugs that rare buyer of x65 will buy anything from Siemens ever again. And your sucking Java-based menus were so slow and lagging that hackers have enabled "native" menus. It has been half baked but this was much faster. And slow menus and slow java-based software is what irritated people in Siemens x6x phones more than anything else (and you even did not used Jazelle acceleration... really funny!). So at least some Siemens guys are really worth of their fate, IMHO (top managers surely do).

Later, you have fixed lame stupidity with debug protocol enabled so ppls can have no fun anymore and rather have to "enjoy" by your slow Java menus and other crap. But other hackers have appeared. They have cracked "secure" JVM so it is turned out that JVM is not so secure and built-in OS design is so lame that it even unable to separate rights anyhow. So, your "security" only harms fair users. And those skilled enough to take their rights back are NOT harmed by your stuff. How typical - innocent users are the ONLY people who is harmed by "protections" and restrictions. These who wants to bypass them just ... bypassing them! And no matter what you will invent to keep sim locks in place, they will be always removed, regardless of anything else. There is really epic struggles are taking place :).

Fortunately, now this is mostly outdated and just to get your firmware a bit customized you do not have to crack tricky protections anymore. And there is OpenMoko who is really worth of working on it. Even for free. Because reward is good. This phone will lack a bunch of suckers who is intends to harm us for our own moneys. This is definitely great and I like it. Freedom has a price and we have learned it on our own in this hostile proprietary world. It's real price was spending hours and days to fight your damned anti-user "protections". So there is opensource coming. And I hope this will teach you some lessons. And well, it is more effective to play on same side rather than be on opposite sides of battlefield. So now we no longer need to retake our rights, we can just have fun. And looks like Nokia has already fugured this out somewhat - their n8x0 tablets are real fun as well and quite promising platform worth of spending efforts on it :D. Linux desktops apps are not well suited? Huh so here we are, We will make them well-suited and this will be faster to recompile and adapt them than re-invent wheel and write apps from scratch. So, Google apps will be just a pocket Java castrates, On n8x0, OpenMoko and other decent platformw we will have a real, fully featured apps instead. So, good luck Google. Good wheel reinvention. Just J2ME with another flavour and this crap called "smart" phone? They should be kidding. Or T-Mobile just ate their brains with talks on "security" which actually has nothing to do with a real security and rather intended to lock-in their customers (real hackers aware of GSM\3G protocol details will not fail because anyone can enter network using same SIM but other phone with completely hacked firmware, and, for example, Siemens phones quite good choice here, sorry, so words about security are lame and you should know this as PM, he-he :D).

Sorry for long and sometimes not very fair posting. Just some words from other side of this battlefield where battle never ends and actually this is just another epic struggle of skilled and smart people for their freedom. Now slavery is gone but there is mind slavery still exists. "Thenks" to you for this.

Thank you for your comment.

Thank you for your comment. The topics that you mention have their roots in the society and the economy. The technology side (vendor lock-ins, monopolies, ... etc.) is really just a symptom. I am not qualified to make judgements about those topics, nor is it the topic of this blog.
In the blog entry itself I approached the issue in a purely technical way, and I intend to keep this approach for the rest of the blog.

And now, some reflections on your statements:
I agree with you regarding security and obscurity. I was probably not clear enough in my previous comment. I am of course fully aware that these features are protecting the phone vendors' and operators' interests and not the end user.
In other cases, they can really help the naive users. For example that it is not easy for an attacker to load bogus firmware into an unsuspecting user's phone.

I do think that the world is not black and white, good or evil.
For example: As an engineer, if you have a set of requirements, you will try to fulfill those. Also, in many cases you have to fulfill contradicting requirements.
If the requirements are wrong, you will try to get the customer to reconsider. If he does not, you have the option to (1) do it anyways, (2) go and find another job. It depends on many factors (both professional and personal) which option you will choose.

Regarding the Siemens phones / software: You only scratched the surface with all the things that you describe here.

And now back to the real questions:
- Why did Google start Android anyways? Because they wanted to extend their presence in the mobile device market to make more profit.
- Why was the Android SDK made free? Because they wanted developers to create applications quickly so the platform is more appealing to the end user, and they can make more profit.
- Why was the Android platform made open source? Google wanted to have as many devices as possible on the market to run their applications. Making the platform open source and free made it very appealing to mobile phone vendors. They were used to paying royalties and licensing fees for much smaller amount of code. So in turn all of them just wanted to make more profit.
- Why were all these lockdown features included in the platform? These were requirements from the phone vendors and from the operators. And since the whole reason for the platform was to quickly create a market share of Android devices, it was logical for them to include the features that their partners all required.

However, this time, they actually released value to the world: the Android source code. The community around it will do great things with it, possibly unrelated to mobile phones. It is worth to have a look at Gerrit and repo and the community that is forming around it.

How does this all affect us?
- One can buy Android phones from major operators. These phones will be customized to meet the business needs of the operators. These could be cheaper for the end users, who are willing to accept the limits of these offerings.

- Since the platform is open source, it is possible for "Open" vendors to create more "Open" products. And their users will still be able to use the applications that were targeted at the Android platform.
This is happening already with OpenMoko, but I hope that there will be more competing companies in this segment.
Unfortunately this route also has its limits. Currently the "Open" phones lack hardware features that are present in closed phones.

- As an Application Developer, the situation is not optimal: Since everyone knows that one has to test on real hardware, they will have to work with the closed Android products as well. This is suboptimal, as some of the "security" features also makes the lives of the developers harder. E.g. it would be very nice to be able to install and test application software on real hardware without manual intervention. This is possible on open Android phones, but not on closed ones currently.
One way to go is to use phones for development that were jailbroken. The other way is to try to convince the Android phone vendors to release "Open/Developer" versions of their devices.

I agree, that Android will not change the world as a whole, but it will change the way how mobile devices are developed, and will lower the barrier for entering the mobile phone market. This can in turn make the current players to change their tactics and strategies, which could lead to a more open market.

> Editor: The comment deleted

> Editor: The comment deleted because of obscene language.
Surely you can do your best to keep us shut up but we will do a bad publicity to Android anyway and looks like we were somewhat successful after all. Because it is just dumb and restrictive platform and removing posts will not fix this anyhow. As well as any opensource ppl will be agry because Google just abused buzzwords to release thing worth of placing on "Defective by Design" site at very most :)

As for statement that google is forced to implement platform in such ways - hmm... killers are "forced" by their employees too do dirty job for some reward and then, killers are punished anyway. So if Google harms others they are not better, Even if someone "forces" them to do this harm and restrictions, it is they are who doing this so, they really worth of bad publicity. Create good device without restrictions and it will have a good publicity then. Is this so hard to understand?

"Surely you can do your best

"Surely you can do your best to keep us shut up but we will do a bad publicity to Android anyway and looks like we were somewhat successful after all."

If I wanted to, I could have deleted the whole comment. I respect the opinion of others, until they do it in a civilized way, like you did it. I won't have obscene language on my blog, sorry.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.