s.a.c. redesign, first checkin
Change-Id: I4dead2f18bc5e4a38f204c92198a267c286e775d
diff --git a/src/source/faqs.jd b/src/source/faqs.jd
new file mode 100644
index 0000000..84ee855
--- /dev/null
+++ b/src/source/faqs.jd
@@ -0,0 +1,445 @@
+page.title=Frequently Asked Questions
+@jd:body
+
+<!--
+ Copyright 2010 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<div id="qv-wrapper">
+ <div id="qv">
+ <h2>In this document</h2>
+ <ol id="auto-toc">
+ </ol>
+ </div>
+</div>
+
+<h2 id="open-source">Open Source</h2>
+<h3 id="what-is-the-android-open-source-project">What is the Android Open Source Project?</h3>
+<p>We use the phrase "Android Open Source Project" or "AOSP" to refer to the
+people, the processes, and the source code that make up Android.</p>
+<p>The people oversee the project and develop the actual source code. The
+processes refer to the tools and procedures we use to manage the development
+of the software. The net result is the source code that you can use to build
+cell phone and other devices.</p>
+<h3 id="why-did-we-open-the-android-source-code">Why did we open the Android source code?</h3>
+<p>Google started the Android project in response to our own experiences
+launching mobile apps. We wanted to make sure that there would always be an
+open platform available for carriers, OEMs, and developers to use to make
+their innovative ideas a reality. We also wanted to make sure that there was no
+central point of failure, so that no single industry player could restrict or control
+the innovations of any other. The single most important goal of the Android
+Open-Source Project (AOSP) is to make sure that the open-source Android
+software is implemented as widely and compatibly as possible, to everyone's
+benefit.</p>
+<p>You can find more information on this topic at our Project Philosophy page.</p>
+<h3 id="what-kind-of-open-source-project-is-android">What kind of open-source project is Android?</h3>
+<p>Google oversees the development of the core Android open-source platform,
+and works to create robust developer and user communities. For the most part
+the Android source code is licensed under the permissive Apache Software
+License 2.0, rather than a "copyleft" license. The main reason for this is
+because our most important goal is widespread adoption of the software, and
+we believe that the ASL2.0 license best achieves that goal.</p>
+<p>You can find more information on this topic at our Project Philosophy and
+Licensing pages. </p>
+<h3 id="why-is-google-in-charge-of-android">Why is Google in charge of Android?</h3>
+<p>Launching a software platform is complex. Openness is vital to the
+long-term success of a platform, since openness is required to attract
+investment from developers and ensure a level playing field. However, the
+platform itself must also be a compelling product to end users.</p>
+<p>That's why Google has committed the professional engineering resources
+necessary to ensure that Android is a fully competitive software platform.
+Google treats the Android project as a full-scale product development
+operation, and strikes the business deals necessary to make sure that great
+devices running Android actually make it to market.</p>
+<p>By making sure that Android is a success with end users, we help ensure the
+vitality of Android as a platform, and as an open-source project. After all,
+who wants the source code to an unsuccessful product?</p>
+<p>Google's goal is to ensure a successful ecosystem around Android, but no
+one is required to participate, of course. We opened the Android source code
+so anyone can modify and distribute the software to meet their own needs.</p>
+<h3 id="what-is-googles-overall-strategy-for-android-product-development">What is Google's overall strategy for Android product development?</h3>
+<p>We focus on releasing great devices into a competitive marketplace, and
+then incorporate the innovations and enhancements we made into the core
+platform, as the next version.</p>
+<p>In practice, this means that the Android engineering team typically focuses
+on a small number of "flagship" devices, and develops the next version of
+the Android software to support those product launches. These flagship
+devices absorb much of the product risk and blaze a trail for the broad OEM
+community, who follow up with many more devices that take advantage of the
+new features. In this way, we make sure that the Android platform evolves
+according to the actual needs of real-world devices.</p>
+<h3 id="how-is-the-android-software-developed">How is the Android software developed?</h3>
+<p>Each platform version of Android (such as 1.5, 1.6, and so on) has a
+corresponding branch in the open-source tree. At any given moment, the most
+recent such branch will be considered the "current stable" branch version.
+This current stable branch is the one that manufacturers port to their
+devices. This branch is kept suitable for release at all times.</p>
+<p>Simultaneously, there is also a "current experimental" branch, which is
+where speculative contributions, such as large next-generation features, are
+developed. Bug fixes and other contributions can be included in the current
+stable branch from the experimental branch as appropriate.</p>
+<p>Finally, Google works on the next version of the Android platform in tandem
+with developing a flagship device. This branch pulls in changes from the
+experimental and stable branches as appropriate.</p>
+<p>You can find more information on this topic at our <a href="source/code-lines.html">Branches and Releases</a>.</p>
+<h3 id="why-are-parts-of-android-developed-in-private">Why are parts of Android developed in private?</h3>
+<p>It typically takes over a year to bring a device to market, but of course
+device manufacturers want to ship the latest software they can. Developers,
+meanwhile, don't want to have to constantly track new versions of the
+platform when writing apps. Both groups experience a tension between
+shipping products, and not wanting to fall behind.</p>
+<p>To address this, some parts of the next version of Android including the
+core platform APIs are developed in a private branch. These APIs constitute
+the next version of Android. Our aim is to focus attention on the current
+stable version of the Android source code, while we create the next version
+of the platform as driven by flagship Android devices. This allows developers
+and OEMs to focus on a single version without having to track unfinished
+future work just to keep up. Other parts of the Android system that aren't
+related to application compatibility are developed in the open, however.
+It's our intention to move more of these parts to open development over
+time.</p>
+<h3 id="when-are-source-code-releases-made">When are source code releases made?</h3>
+<p>When they are ready. Some parts of Android are developed in the open,
+so that source code is always available. Other parts are developed first in
+a private tree, and that source code is released when the next platform
+version is ready.</p>
+<p>In some releases, core platform APIs will be ready far enough in advance
+that we can push the source code out for an early look in advance of the
+device's release; however in others, this isn't possible. In all cases, we
+release the platform source when we feel the version has stabilized enough,
+and when the development process permits. Releasing the source code is a
+fairly complex process.</p>
+<h3 id="what-is-involved-in-releasing-the-source-code-for-a-new-android-version">What is involved in releasing the source code for a new Android version?</h3>
+<p>Releasing the source code for a new version of the Android platform is a
+significant process. First, the software gets built into a system image for
+a device, and put through various forms of certification, including
+government regulatory certification for the regions the phones will be
+deployed. It also goes through operator testing. This is an important phase
+of the process, since it helps shake out a lot of software bugs.</p></p>
+<p>Once the release is approved by the regulators and operators, the
+manufacturer begins mass producing devices, and we turn to releasing the
+source code.</p>
+<p>Simultaneous to mass production the Google team kicks off several efforts
+to prepare the open source release. These efforts include final API changes
+and documentation (to reflect any changes that were made during
+qualification testing, for example), preparing an SDK for the new version,
+and launching the platform compatibility information.</p>
+<p>Also included is a final legal sign-off to release the code into open
+source. Just as open source contributors are required to sign a Contributors
+License Agreement attesting to their IP ownership of their contribution,
+Google too must verify that it is clear to make contributions.</p>
+<p>Starting at the time mass production begins, the software release process
+usually takes around a month, which often roughly places source code
+releases around the same time that the devices reach users.</p>
+<h3 id="how-does-the-aosp-relate-to-the-android-compatibility-program">How does the AOSP relate to the Android Compatibility Program?</h3>
+<p>The Android Open-Source Project maintains the Android software, and
+develops new versions. Since it's open-source, this software can be used for
+any purpose, including to ship devices that are not compatible with other
+devices based on the same source.</p>
+<p>The function of the Android Compatibility Program is to define a baseline
+implementation of Android that is compatible with third-party apps written
+by developers. Devices that are "Android compatible" may participate in the
+Android ecosystem, including Google Play; devices that don't meet the
+compatibility requirements exist outside that ecosystem.</p>
+<p>In other words, the Android Compatibility Program is how we separate
+"Android compatible devices" from devices that merely run derivatives of the
+source code. We welcome all uses of the Android source code, but only
+Android compatible devices -- as defined and tested by the Android
+Compatibility Program -- may participate in the Android ecosystem.</p>
+<h3 id="how-can-i-contribute-to-android">How can I contribute to Android?</h3>
+<p>There are a number of ways you can contribute to Android. You can report
+bugs, write apps for Android, or contribute source code to the Android
+Open-Source Project.</p>
+<p>There are some limits on the kinds of code contributions we are willing or
+able to accept. For instance, someone might want to contribute an
+alternative application API, such as a full C++-based environment. We would
+decline that contribution, since Android is focused on applications that run
+in the Dalvik VM. Alternatively, we won't accept contributions such as GPL
+or LGPL libraries that are incompatible with our licensing goals.</p>
+<p>We encourage those interested in contributing source code to contact us via
+the AOSP Community page prior to beginning any work. You can find more
+information on this topic at the Getting Involved page.</p>
+<h3 id="how-do-i-become-an-android-committer">How do I become an Android committer?</h3>
+<p>The Android Open Source Project doesn't really have a notion of a
+"committer". All contributions -- including those authored by Google
+employees -- go through a web-based system known as "gerrit" that's part of
+the Android engineering process. This system works in tandem with the git
+source code management system to cleanly manage source code
+contributions.</p>
+<p>Once submitted, changes need to be accepted by a designated Approver.
+Approvers are typically Google employees, but the same approvers are
+responsible for all submissions, regardless of origin.</p>
+<p>You can find more information on this topic at the <a href="source/submit-patches.html">Submitting Patches</a> page.</p>
+<h2 id="compatibility">Compatibility</h2>
+<h3 id="what-does-compatibility-mean">What does "compatibility" mean?</h3>
+<p>We define an "Android compatible" device as one that can run any
+application written by third-party developers using the Android SDK and NDK.
+We use this as a filter to separate devices that can participate in the
+Android app ecosystem, and those that cannot. Devices that are properly
+compatible can seek approval to use the Android trademark. Devices that are
+not compatible are merely derived from the Android source code and may not
+use the Android trademark.</p>
+<p>In other words, compatibility is a prerequisite to participate in the
+Android apps ecosystem. Anyone is welcome to use the Android source code,
+but if the device isn't compatible, it's not considered part of the Android
+ecosystem.</p>
+<h3 id="what-is-the-role-of-google-play-in-compatibility">What is the role of Google Play in compatibility?</h3>
+<p>Devices that are Android compatible may seek to license the Google Play
+client software. This allows them to become part of the Android app
+ecosystem, by allowing users to download developers' apps from a catalog
+shared by all compatible devices. This option isn't available to devices
+that aren't compatible.</p>
+<h3 id="what-kinds-of-devices-can-be-android-compatible">What kinds of devices can be Android compatible?</h3>
+<p>The Android software can be ported to a lot of different kinds of devices,
+including some on which third-party apps won't run properly. The Android
+Compatibility Definition Document (CDD) spells out the specific device
+configurations that will be considered compatible.</p>
+<p>For example, though the Android source code could be ported to run on a
+phone that doesn't have a camera, the CDD requires that in order to be
+compatible, all phones must have a camera. This allows developers to rely
+on a consistent set of capabilities when writing their apps.</p>
+<p>The CDD will evolve over time to reflect market realities. For instance,
+the 1.6 CDD only allows cell phones, but the 2.1 CDD allows devices to omit
+telephony hardware, allowing for non-phone devices such as tablet-style
+music players to be compatible. As we make these changes, we will also
+augment Google Play to allow developers to retain control over where
+their apps are available. To continue the telephony example, an app that
+manages SMS text messages would not be useful on a media player, so Google
+Play allows the developer to restrict that app exclusively to phone
+devices.</p>
+<h3 id="if-my-device-is-compatible-does-it-automatically-have-access-to-google-play-and-branding">If my device is compatible, does it automatically have access to Google Play and branding?</h3>
+<p>Google Play is a service operated by Google. Achieving compatibility is
+a prerequisite for obtaining access to the Google Play software and branding.
+Device manufacturers should contact Google to obtain access to Google
+Play.</p>
+<h3 id="if-i-am-not-a-manufacturer-how-can-i-get-google-play">If I am not a manufacturer, how can I get Google Play?</h3>
+<p>Google Play is only licensed to handset manufacturers shipping devices.
+For questions about specific cases, contact android-partnerships@google.com.</p>
+<h3 id="how-can-i-get-access-to-the-google-apps-for-android-such-as-maps">How can I get access to the Google apps for Android, such as Maps?</h3>
+<p>The Google apps for Android, such as YouTube, Google Maps and Navigation,
+Gmail, and so on are Google properties that are not part of Android, and
+are licensed separately. Contact android-partnerships@google.com for
+inquiries related to those apps.</p>
+<h3 id="is-compatibility-mandatory">Is compatibility mandatory?</h3>
+<p>No. The Android Compatibility Program is optional. Since the Android source
+code is open, anyone can use it to build any kind of device. However, if a
+manufacturer wishes to use the Android name with their product, or wants
+access to Google Play, they must first demonstrate that the device is
+compatible.</p>
+<h3 id="how-much-does-compatibility-certification-cost">How much does compatibility certification cost?</h3>
+<p>There is no cost to obtain Android compatibility for a device. The
+Compatibility Test Suite is open-source and available to anyone to use to
+test a device.</p>
+<h3 id="how-long-does-compatibility-take">How long does compatibility take?</h3>
+<p>The process is automated. The Compatibility Test Suite generates a report
+that can be provided to Google to verify compatibility. Eventually we intend
+to provide self-service tools to upload these reports to a public database.</p>
+<h3 id="who-determines-what-will-be-part-of-the-compatibility-definition">Who determines what will be part of the compatibility definition?</h3>
+<p>Since Google is responsible for the overall direction of Android as a
+platform and product, Google maintains the Compatibility Definition Document
+for each release. We draft the CDD for a new Android version in consultation
+with a number of OEMs, who provide input on its contents.</p>
+<h3 id="how-long-will-each-android-version-be-supported-for-new-devices">How long will each Android version be supported for new devices?</h3>
+<p>Since Android's code is open-source, we can't prevent someone from using an
+old version to launch a device. Instead, Google chooses not to license the
+Google Play client software for use on versions that are considered
+obsolete. This allows anyone to continue to ship old versions of Android,
+but those devices won't use the Android name and will exist outside the
+Android apps ecosystem, just as if they were non-compatible.</p>
+<h3 id="can-a-device-have-a-different-user-interface-and-still-be-compatible">Can a device have a different user interface and still be compatible?</h3>
+<p>The Android Compatibility Program focuses on whether a device can run
+third-party applications. The user interface components shipped with a
+device (such as home screen, dialer, color scheme, and so on) does not
+generally have much effect on third-party apps. As such, device builders are
+free to customize the user interface as much as they like. The Compatibility
+Definition Document does restrict the degree to which OEMs may alter the
+system user interface for areas that do impact third-party apps.</p>
+<h3 id="when-are-compatibility-definitions-released-for-new-android-versions">When are compatibility definitions released for new Android versions?</h3>
+<p>Our goal is to release new versions of Android Compatibility Definition
+Documents (CDDs) once the corresponding Android platform version has
+converged enough to permit it. While we can't release a final draft of a CDD
+for an Android software version before the first flagship device ships with
+that software, final CDDs will always be released after the first device.
+However, wherever practical we will make draft versions of CDDs available.</p>
+<h3 id="how-are-device-manufacturers-compatibility-claims-validated">How are device manufacturers' compatibility claims validated?</h3>
+<p>There is no validation process for Android device compatibility. However,
+if the device is to include Google Play, Google will typically validate
+the device for compatibility before agreeing to license the Google Play client
+software.</p>
+<h3 id="what-happens-if-a-device-that-claims-compatibility-is-later-found-to-have-compatibility-problems">What happens if a device that claims compatibility is later found to have compatibility problems?</h3>
+<p>Typically, Google's relationships with Google Play licensees allow us to
+ask them to release updated system images that fix the problems.</p>
+<h2 id="compatibility-test-suite">Compatibility Test Suite</h2>
+<h3 id="what-is-the-purpose-of-the-cts">What is the purpose of the CTS?</h3>
+<p>The Compatibility Test Suite is a tool used by device manufacturers to help
+ensure their devices are compatible, and to report test results for
+validations. The CTS is intended to be run frequently by OEMs throughout the
+engineering process to catch compatibility issues early.</p>
+<h3 id="what-kinds-of-things-does-the-cts-test">What kinds of things does the CTS test?</h3>
+<p>The CTS currently tests that all of the supported Android strong-typed APIs
+are present and behave correctly. It also tests other non-API system
+behaviors such as application lifecycle and performance. We plan to add
+support in future CTS versions to test "soft" APIs such as Intents as
+well.</p>
+<h3 id="will-the-cts-reports-be-made-public">Will the CTS reports be made public?</h3>
+<p>Yes. While not currently implemented, Google intends to provide web-based
+self-service tools for OEMs to publish CTS reports so that they can be
+viewed by anyone. CTS reports can be shared as widely as manufacturers
+prefer.</p>
+<h3 id="how-is-the-cts-licensed">How is the CTS licensed?</h3>
+<p>The CTS is licensed under the same Apache Software License 2.0 that the
+bulk of Android uses.</p>
+<h3 id="does-the-cts-accept-contributions">Does the CTS accept contributions?</h3>
+<p>Yes please! The Android Open-Source Project accepts contributions to
+improve the CTS in the same way as for any other component. In fact,
+improving the coverage and quality of the CTS test cases is one of the best
+ways to help out Android.</p>
+<h3 id="can-anyone-use-the-cts-on-existing-devices">Can anyone use the CTS on existing devices?</h3>
+<p>The Compatibility Definition Document requires that compatible devices
+implement the 'adb' debugging utility. This means that any compatible device
+-- including ones available at retail -- must be able to run the CTS
+tests.</p>
+
+
+<h2>Security</h2>
+<h3 id="secure">Is Android secure?</h3>
+
+<p>The security and privacy of our users' data is of primary importance to the
+Android Open Source Project. We are dedicated to building and maintaining one
+of the most secure mobile platforms available while still fulfilling our goal
+of opening the mobile device space to innovation and competition.</p>
+
+<p> A comprehensive overview of the <a
+href="http://source.android.com/tech/security/index.html">Android
+security model and Android security processes</a> is provided in the Android
+Open Source Project Website.</p>
+
+<p>Application developers play an important part in the security of Android.
+The Android Platform provides developers with a rich <a
+href="http://code.google.com/android/devel/security.html">security model</a>
+that to request the capabilities, or access, needed by their
+application and to define new capabilities that other applications can request.
+The Android user can choose to grant or deny an application's request for
+certain capabilities on the handset.</p>
+
+<p>We have made great efforts to secure the Android platform, but it is
+inevitable that security bugs will be found in any system of this complexity.
+Therefore, the Android team works hard to find new bugs internally and responds
+quickly and professionally to vulnerability reports from external researchers.
+</p>
+
+
+<h3 id="issue">I think I found a security flaw. How do I
+report it?</h3>
+
+<p>You can reach the Android security team at <a
+href="mailto:security@android.com">security@android.com</a>. If you like, you
+can protect your message using our <a
+href="http://code.google.com/android/security_at_android_dot_com.txt">PGP
+key</a>.</p>
+
+<p>We appreciate researchers practicing responsible disclosure by emailing us
+with a detailed summary of the issue and keeping the issue confidential while
+users are at risk. In return, we will make sure to keep the researcher informed
+of our progress in issuing a fix. </p>
+
+
+<h3 id="informed">How can I stay informed about Android security?</h3>
+
+<p>For general discussion of Android platform security, or how to use
+security features in your Android application, please subscribe to <a
+href="http://groups.google.com/group/android-security-discuss">android-security-discuss</a>.
+</p>
+
+
+<h3 id="use">How do I securely use my Android phone?</h3>
+
+<p>Android was designed so that you can safely use your phone without making
+any changes to the device or installing any special software. Android applications
+run in an Application Sandbox that limits access to sensitive information or data
+with the users permission.</p>
+
+<p>To fully benefit from the security protections in Android, it is important that
+users only download and install software from known sources.</p>
+
+<p>As an open platform, Android allows users to visit any website and load
+software from any developer onto a device. As with a home PC, the user must be
+aware of who is providing the software they are downloading and must decide
+whether they want to grant the application the capabilities it requests.
+This decision can be informed by the user's judgment of the software
+developer's trustworthiness, and where the software came from.</p>
+
+
+<h3 id="malware">I think I found malicious software being
+distributed for Android. How can I help?</h3>
+
+<p>Like any other platform, it will be possible for unethical developers
+to create malicious software, known as <a
+href="http://en.wikipedia.org/wiki/Malware">malware</a>, for Android. If you
+think somebody is trying to spread malware, please let us know at <a
+href="mailto:security@android.com">security@android.com</a>. Please include as
+much detail about the application as possible, with the location it is
+being distributed from and why you suspect it of being malicious software.</p>
+
+<p>The term <i>malicious software</i> is subjective, and we cannot make an
+exhaustive definition. Some examples of what the Android Security Team believes
+to be malicious software is any application that:
+<ul>
+ <li>uses a bug or security vulnerability to gain permissions that have not
+ been granted by the user</li>
+ <li>shows the user unsolicited messages (especially messages urging the
+ user to buy something);</li>
+ <li>resists (or attempts to resist) the user's effort to uninstall it;</li>
+ <li>attempts to automatically spread itself to other devices;</li>
+ <li>hides its files and/or processes;</li>
+ <li>discloses the user's private information to a third party, without the
+ user's knowledge and consent;</li>
+ <li>destroys the user's data (or the device itself) without the user's
+ knowledge and consent;</li>
+ <li>impersonates the user (such as by sending email or buying things from a
+ web store) without the user's knowledge and consent; or</li>
+ <li>otherwise degrades the user's experience with the device.</li>
+</ul>
+</p>
+
+<h3 id="fixes">How do Android-powered devices receive security
+fixes?</h3>
+
+<p>The manufacturer of each device is responsible for distributing software
+upgrades for it, including security fixes. Many devices will update themselves
+automatically with software downloaded "over the air", while some devices
+require the user to upgrade them manually.</p>
+
+<p>Google provides software updates for a number of Android devices, including
+the <a href="http://www.google.com/nexus">Nexus</a>
+series of devices, using an "over the air" (OTA) update. These updates may include
+security fixes as well as new features.</p>
+
+<h3 id="directfix">Can I get a fix directly from the
+Android Platform Project?</h3>
+
+<p>Android is a mobile platform that is released as open source and
+available for free use by anybody. This means that there are many
+Android-based products available to consumers, and most of them are created
+without the knowledge or participation of the Android Open Source Project. Like
+the maintainers of other open source projects, we cannot build and release
+patches for the entire ecosystem of products using Android. Instead, we will
+work diligently to find and fix flaws as quickly as possible and to distribute
+those fixes to the manufacturers of the products through the open source project.</p>
+
+<p>If you are making an Android-powered device and would like to know how you can
+properly support your customers by keeping abreast of software updates, please
+contact us at <a
+href="mailto:info@openhandsetalliance.com">info@openhandsetalliance.com</a>.</p>
+