The first public showing of Android prototypes at last week's MWC generated a lot of interest although the comments weren't all positive. Android was faulted for looking like just every other mobile operating system and for lacking the elegant ground breaking user interface of an iPhone. One commenter was disappointed by the lack of any sign of an integrated advertising platform or any other ground breaking APIs.
These criticisms are somewhat valid but I think they miss Android's real significance. Android will be as much of a game changer as the iPhone but for different reasons. Google is creating the first developer and user friendly mobile application platform.
Before the iPhone and Android, the real customers for devices and mobile OSes where the mobile carriers. Nokia, Microsoft, Sun, Symbian, RIM and Palm depend on the carriers to sell their products. The carriers want to maximize revenue by being the exclusive source of applications and services to their captive audience of customers.
Symbian, Windows Mobile, Palm, Blackberry were all built with a security model based on code signing certificates. Certificates authenticate the creator of a program and that it hasn't been modified. With mobile applications they are also used to provide a standard way to create branded handsets where the most desirable API's like network, location, messaging and phonebook access are restricted to applications signed with a carrier provided certificate.
Want to use Shozu to send photos to Flickr or IM with Jabber using your unlimited data plan? With most T-Mobile USA or Sprint branded phones you can't do that. ATT's handsets at least let the applications run but subject users to a barrage of "Allow program to send and receive data?" messages that can't be turned off. The situation is somewhat better outside the US but even unlocked, unbranded phones are affected by the application signing model. My Nokia N95 requires native applications to be signed although for most types of access, including file system and networking, developers can self-sign their applications for free. Location and the phonebook are off limits to self-signed applications, however. Running unsigned network-aware Java ME programs on the N95 produces prompts to allow access every time the app is run. It's not possible to grant permanent permission.
Imagine if developers of PC applications were required to obtain a costly Microsoft or Apple certification before their applications could save files or connect to the network. Had that sort of restriction had been in effect 30 years ago most of us would still be using typewriters. The current signed security model in mobile along with the high price and unpredictability of metered data plans have had a huge negative effect on innovation in mobile services and applications.
Android will destroy the signed security model in mobile. Based on everything I've read and heard, Android will not use certificates. Instead, applications will have to declare their intention to use sensitive API's like location and messaging at install. The user will be prompted to allow or disallow each type of access while installing. That means that anyone can develop for Android without asking for permission from a carrier or device manufacturer. Users will control their security and will be able to install any application with fine grained control over what it's allowed to do with data and resources.
But isn't allowing anyone and everyone to create and distribute Android programa dangerous? Not really, Android programs are Java applications and operate in a "sandbox" with no access to other applications, hardware or the OS except though tightly controlled interfaces. In order to reach out of the sandbox through an interface to a sensitive resource, a program must be granted permission by the user. The signing model took control of security away from the user and gave it to the carrier, Android puts the user back in control of his own security, something that has worked pretty well on the PC. Sure there are risks in an open application environment like Android or the PC but with risk comes reward. The reward with Android will be the availability of an enormous library of ground breaking software.
The iPhone is widely heralded for its user interface, but it's biggest impact is in showing ordinary users that the web works on phones. A Google manager was quoted as saying that the iPhone generates 50 times the search traffic of other phones. I'm guessing he means per unit rather than overall but still that's a huge difference. The big screen, capable Webkit browser and lack of native applications help but the biggest reason iPhone users surf the web so much is that Apple forced the carriers to bundle unlimited data with every iPhone voice plan.
In addition to making mobile browsing respectable, Apple turned the manufacturer/carrier relationship upside down by producing and marketing a phone that was so irresistible to consumers that Apple was able to extract concessions from carriers in return for being the exclusive national iPhone vendor. Google is taking a different approach. By bundling the Google applications and services that are so popular on the desktop with a free OS and hardware reference design, Google is hoping that the combination of a desirable product and cost savings for manufacturers and carriers will encourage them to build and sell Android phones. This probably wouldn't have worked a year ago, but today every vendor that doesn't have the iPhone is looking for something equally compelling to make or sell. Google's strategy seems to be working, the US carriers, except ATT which has the iPhone, are falling all over themselves to support Android.
Getting back to those prototypes, Android devices aren't likely to ship for another six months so there is plenty of time to polish the UI - although it will never be elegant as the iPhone, that's not Google's style. As for the lack of an advertising API, I firmly believe that it will be there at launch or shortly after. Google has built it's whole business around serving relevant advertising alongside content. They have invested too much in Android for it not to return value to the bottom line. The whole point of Android is to dominate mobile advertising the way AdSense and AdWords dominate web advertising.
More Reading on Mobile Security:
Android Platform Documentation: Security and Permissions in Android
Security consultant Kenneth van Wyk compares Android's security with the iPhone's.
Developer Ofir Leitner on why signing Java ME development a nightmare
Symbian application developer Chris Woods on the Death of the Bedroom Coder
User complaints about security restrictions on ATT's support forum
Android Logo courtesy Google