I tried to find any info about license or repos and couldn't find anything. Unlike Samsung's Knox, which is FOSS, how can this be even remotely secure if it is closed source?
Seems that Google is full on the "Extinguish" phase with Android.
edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.
It's a platform feature, so it's open source, but there's always a delay between the announcement and the time the code hits the public repositories. It'll be there before too much longer.
how can this be even remotely secure if it is closed source?
It does not work that way. "Many eyes make all bugs shallow" failed to replicate. (I understand this fate is even more common for anecdata than it is for formal studies.)
edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.
My guess would be that you were being downvoted for spreading FUD and/or trolling.
The fact of the matter, is that Google usually publishes their source. They're just a bit slow at it. Most versions of android ship in binary form before source is released.
AOSP is fairly basic and somewhat limited on its own, unless you have the resources to replace all of the "gapps", including setting up your own app store. Google Play Services has been slowly taking over a lot of core (and not-so-core) phone functionality over the past year or more, and it's entirely closed source.
Google even stopped open-sourcing new versions of Google Authenticator, which you'd think would be a prime candidate for a full-blown open source project. (And hell, it's a crappy app; there are better GAuth-workalikes available.)
yet, they are just phasing all the important bits to privative code. Of course, this Android for work goes with Google Play, and guess what, it is privative, of course.
Seems that Google is full on the "Extinguish" phase with Android.
edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.