The Storage Situation: Where Google Went Astray

There is a lot of confusion regarding Android’s storage model. That confusion has only increased with Android 4.4’s changes to that storage model. There are countless StackOverflow questions and the like where they clearly do not quite grok the various pieces of Android’s storage model.

This is the fourth post in a five-part series covering this storage model, to help clarify what is going on. Today, we will look at why Google may have done what it did with respect to removable storage, and what it should have done (or should be doing) as part of that decision.

If your offering differs from norms, you must communicate those differences.

The norms, in this case, are expectations for what can be done with removable media.

In 1973, three interesting things occurred, among other events:

  1. Larry Page was born

  2. Sergey Brin was born

  3. IBM released a read/write floppy disk drive

The floppy disk was adopted as a primary storage medium by the wave of “microcomputers” in the 1970’s, and the world’s relationship with removable media began.

Mr. Page and Mr. Brin recovered from being born in the middle of the disco era and went on to found a little firm named Google… in 1998.

Hence, people have been using removable media for far longer than Google has been around, and far longer than many Googlers have been around.

The world’s perception of how removable media is supposed to work has been based on their collective experiences with desktop operating systems, particularly Windows. Windows is the reason why removable media standardized on FAT, then FAT32, each of which offers limited security options. Programs running on Windows can generally read and write removable media with impunity, and that same behavior has continued with other desktop operating systems when working with FAT/FAT32 removable media.

It is safe to venture that most of the billion Android device users have, at one time or another, used removable media on a desktop OS, and therefore have a perception of how removable media should work based upon those experiences.

Android 4.4 breaks those expectations, at least where third-party apps are concerned. The offering (no write access to removable media for third-party apps) differs from the norms (anything can do anything).

This is not to say that Google’s decision here is the wrong one.

The security of removable media has been atrocious throughout history, as the NSA will readily attest to. Just because we made decisions back in the 1970’s and 1980’s about how removable media gets used does not mean that we have to stick with those decisions until the end of time. Google is getting a fair bit of pressure to better lock down external storage and removable storage for privacy reasons… even if the expectations of those privacy advocates also differs from the norms of society with respect to that removable media.

Google could have made a Solomonic “half a baby for everyone” decision, with some option in Settings to toggle removable media behavior between the Android 4.4 read-only state and unfettered access. Google has been reticent to add capabilities targeted at “power users” (e.g., optional/revocable permissions), and so it is not shocking that they decided that “one size fits all” in terms of removable media behavior.

And that’s fine, except for one thing: Google has not communicated much of anything about this. When the only information from Google that users and developers alike can get on a subject come from a handful of posts on the android-platform Google Group, we have a Cool Hand Luke-style “failure to communicate”.

If removable media were a Google invention, and there were no expectations for how it should behave, and Android 4.4 was the first release of Android, this lack of communications would be unfortunate but not unreasonable. However, not only has removable media been around for ~40 years, but Android itself had different behavior for removable media since 2008.

If your offering differs from norms, you must communicate those differences.

However, just because Google is unwilling to communicate does not mean that you should be unwilling to communicate… and that’s the topic that I will explore in tomorrow conclusion to this blog post series.

The Rest of the Posts

The entire blog post series covers: