The whole Cyanogen ROM brouhaha has seen a whipsawing set of emotions from all corners of the Android ecosystem. Directly, I have no horse in this race, insofar as I do not use Cyanogen ROMs and have no near-term plans to do so — I need factory-fresh devices in order to develop and teach development on the standard platform.
The good news is that Cyanogen seems to be shifting gears towards making a ROM free from proprietary bits, that would then blend with proprietary bits from a user’s device to form a fully-functional personal ROM. While this is a bit less of an explored territory from a legal perspective, it’s undoubtedly better than shipping unlicensed proprietary bits.
It also appears that Google has opened up a better line of communication to Cyanogen. Assuming things went down as originally depicted (“cease and desist” relatively out of the blue), that was ham-handed, but par for the course for the legal departments of big corporations. I’ll have more thoughts on what should be done on the communications front in a post in Monday’s Android Angle column on NetworkWorld, where I usually put my unsolicited (and frequently unheeded) advice to Google.
My concern is with the visceral and hate-filled reaction from some members of the community over the original cease-and-desist and to some of Google’s explanations. The anger is misplaced. The problem is not that Google is trying to stop redistribution of proprietary bits: the problem is that we need some of those bits in the first place.
In July 2009, a mobile carrier based in the United Arab Emirates pushed out an update to some 100,000 Blackberry users that contained spyware, designed to monitor and report on email messages. Whether this spyware was put into the patch by accident, by a decision from the mobile carrier, or by orders from the UAE government, is not clear.
Call me crazy, but I’m not a big fan of this.
I long for the day when I can have a quality consumer-grade mobile communications device in my pocket, whose firmware has been vetted against spyware by groups with my interests at heart (e.g., EFF), and that contains the requisite software to allow me to keep my data and communications as free from interception as I choose. Then, and only then, will motivated mobile users be secure that the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.
Android might be the OS powering that device. It, along with an open source Symbian, are really the only two current possibilities, since we really need end-to-end open source to feel as confident as possible that there are no backdoors or malware lurking about, and open source alternatives either lack the hardware support or are not designed for smartphones with user-chosen apps.
If you want a fight worth fighting for, consider liberty sometime. Not everyone has it, even in nations that claim it as part of their mission statement. Liberty is particularly relevant now, since the very thing that hung up Cyanogen is what prevents Android from fulfilling its portion of the liberty vision: proprietary bits.
Achieving the Vision
Google could have easily backed away from the Android ecosystem over the reaction to the Cyanogen incident. In many ways, I couldn’t even blame them — what major corporation would willingly try to assist a bile-spewing community? There are easier ways to turn a buck than to open employees up to attack.
Beyond whatever communications that have gone on between Google and Cyanogen in the past 48 hours, at least one Googler is pushing forward. Jean-Baptiste Queru (JBQ), in the midst of the hate, renewed a call to get the open source Android to be capable of powering an Android device without modifications. The goal is simultaneously modest (one Android version, one device) and challenging (lots of proprietary entanglements amidst the open source code). This goes along with other existing fragmented initiatives along similar lines.
Once that is done, we still need to replace proprietary drivers with open source equivalents (as has been done many a time on Linux), ensure there will be access to freely-distributable app markets with robust contents, and so on. Having a hardware vendor in our corner would help, though I can only think of one consumer device manufacturer with a truly strong track record with open source hardware.
Complain all you wish about how the Google Android applications should be freely downloadable or whatnot. But, if you are going to get seriously agitated, consider directing those energies towards something that has a chance of making a difference in society. Heaven knows we could use the help.