Security

 

In the part I will be taking
about the security on Androids. One thing these security phones have in common
is that they all run versions of google Android operation system. However,
Building on Android is much easier than building a smart phone OS from scratch.
Android have many features in a way to keep you phone safe such as the first
one Google Play Protect.

 

Google
Play Protect help work to keep your device, date and App safe. It scans your
device and is constantly improving to make sure that it is safe. One way that
is does this is that if you’ve misplaced your device, find my device have you
covered. One way that it does this is that you can locate your device by
signing into your google account, and even call it directly from the web. With
safe browsing protection in Chrome, you can browse with confidence. If you
visit a site that’s acting out of line, you’ll be warned and taken back to
safety. Is Google Play secure? The security system never sleeps. Google Play
Protect continuously works to keep your device, data and apps safe. It actively
scans your device and it constantly improving to make sure you have the latest
in mobile security. Another part of the application is that Asurion has
implemented measures to help protect against the unauthorized access, loss,
misuse and alteration of the technical data and your P11. Asurion utilizes
security measures and encryption technology to help protect the integrity of
the Technical Data and your P11.

Moveover
what is meant by protected apps is a feature in CyanogenMod and Cyanogen OS
which hides selected apps from the main interface making them hard to be
accessed by an unauthorized person. With safe browsing protection in Chrome,
you can browse with confidence. If you visit a site that’s acting out of line,
you’ll be warned and taken back to safety. This is one of the features that it
has got to secure your phone. Google Play Protect, which scans all apps for
malware before and after you install them, is automatically enable on your
device. To see more about Play protect: open you device’s google Play store
app. tap menu play protect icon.

Android’s
recently released Oreo update packs in plenty of features, including a battery
life boost and a notifications rethink. But Oreo’s most important improvements
will happen behind the scenes, with a host of security updates designed to
evolve with ever-expanding digital threats. From halting ransomware to blocking
malicious apps and easing Android’s longstanding fragmentation woes, Oreo
tackles some big problems. For the security developers who work behind the
scenes, though, it’s just one more step on a journey that never really ends.
With more than two billion monthly active devices, the majority of them not on
the latest or even recent version, Android presents a popular target for
hackers. Stopping them takes more than a yearly release. It takes the kind of long
view, holistic effort that Google has employed for years. Android’s recently
released Oreo update packs in plenty of features, including a battery life
boost and a notifications rethink. But Oreo’s most important improvements will
happen behind the scenes, with a host of security updates designed to evolve
with ever-expanding digital threats. From halting ransomware to blocking
malicious apps and easing Android’s longstanding fragmentation woes, Oreo
tackles some big problems. For the security developers who work behind the
scenes, though, it’s just one more step on a journey that never really ends.
With more than two billion monthly active devices, the majority of them not on
the latest or even recent version, Android presents a popular target for
hackers. Stopping them takes more than a yearly release. It takes the kind of long
view, holistic effort that Google has employed for years.

Take
Google Play Protect, part of Android Security’s detection and reaction
infrastructure, which scans devices for suspicious app activity. With 50
billion apps scanned per day, precision counts. The app scanning that goes into
Play Protect has existed behind the scenes under other names for years, but
Android Security surfaced the mechanism for customers this year and has used it
to do a new type of visibility research. Android data scientist Megan Ruthven
and others have developed techniques for detecting distribution of extremely
targeted malware, the type that might be narrowly distributed to high-value
marks. So far, Ruthven’s research has turned up 3,000 unique samples of
malware, each with an average of just 130 users affected. This ability to
detect such a faint signal helps protect each individual user, while also
allowing Android Security to spot nascent threats early. Android’s scanners
don’t catch everything, though, and researchers still regularly find malicious
software that has made it past Google’s protections to land in the Play Store.

In
August alone, third-party analysts discovered hundreds of compromised financial
apps, spyware, and even apps that spread malware to build Android botnets and
power DDoS (distributed denial of service attacks). DDoS attacks are when a
flood of incoming packets come through the network and overload the system causing
it to slow down or crash. Despite those recent fumbles, the dangers of
downloading apps from third-party app stores far exceed those posed by
mainstream apps in Google Play. So Android Security implemented small but
significant changes in Oreo, aimed at regularly reminding users about what
types of apps they’re downloading. For example, in previous versions of Android
a user could enable downloads from outside of Google Play through a setting
called Unknown Sources. Beginning with Oreo, users now receive a prompt to
confirm that they want to download any Unknown Source app before doing so, as a
more salient reminder to proceed with caution. Android Security also takes a
broad view. When tracking emerging attacks, the team doesn’t just rely on
Android-specific data they also survey the general web to trace malware families
and monitor malicious infrastructure.

In
the case of mobile ransomware, a small but growing type of attack, Android
already had some defence advantages because it silos every app into a sandbox,
rather than letting them all run together in an open environment. As a result,
Android can contain malicious activity more effectively than a more open
platform like Windows. While tracking 30 families of Android ransomware, the
team discovered versions that exploited flaws to block users from accessing
their phone at the lock screen, through visual overlays, and by encrypting some
data. Oreo adds reinforcements to Android’s sandboxing to plug many of these
holes. The team also says that to this point it has still never seen ransomware
that can render an Android device completely unusable. Android Security has
already worked to bring a number of big device makers on to a monthly update
schedule, which has helped improve fragmentation a bit. The effort has a number
of limitations, though; only a few dozen models end up getting regular updates.
So Oreo is working to address the tension head-on with a new feature called
Project Treble. Make Android easier to update regardless of device and carrier,
by segmenting Android’s code into portions that interact with vendor-specific
attributes and portions that deal with the more general, platform-agnostic
operating system. Ideally, that makes it possible to push software updates to
the core Android component of every device without dealing with vendor-specific
incompatibilities. Manufacturers could also ship updates for their tailored
portions of the code. Though many security features are conceptually broad to
protect against a variety of both present and future unknown threats, Android
Security developers note that they have some additional foresight into where
attackers will focus simply because they know where they have already bolstered
their defences and made attacks impractical.

In
practice, here’s how that plays out: In 2014 only about 4 percent of Android
bugs targeted the kernel (the central coordinator of an operating system). By
2016 the number was up to 44 percent, because security enhancements had cut off
easier routes for attackers. 

The Android
Security team can’t be sure of what attacks will spike in the future, and Oreo
will give them a leg up regardless. But whatever is up next, the team won’t be
waiting until the big 2018 Android release to combat it.

 

In
a mobile security, a sandbox is a security mechanism for separating running
programs, usually in an effort to mitigate system failures or software
vulnerabilities from spreading. It is often used to execute untested or
untrusted programs or code, possibly from unverified or untrusted third
parties, suppliers, users or websites, without risking harm to the host machine
or operating system. A sandbox typically provides a tightly controlled set of
resources for guest programs to run in, such as scratch space on disk and
memory. Network access, the ability to inspect the host system or read from
input devices are usually disallowed or heavily restricted.

In
the sense of providing a highly controlled environment, sandboxes may be seen
as a specific example of virtualization. Sandboxing is frequently used to test
unverified programs that may contain a virus or other malicious code, without
allowing the software to harm the host device

Android
has built-in security features that significantly reduce the frequency and
impact of application security issues. The system is designed so that you can
typically build your apps with the default system and file permissions and
avoid difficult decisions about security.

The
following core security features help you build secure apps:

The
Android Application Sandbox, which isolates your app data and code execution
from other apps. An application framework with robust implementations of common
security functionality such as cryptography, permissions, and secure IPC.
Technologies like ASLR, NX, ProPolice, safe_iop, OpenBSD dlmalloc, OpenBSD
calloc, and Linux mmap_min_addr to mitigate risks associated with common memory
management errors. An encrypted file system that can be enabled to protect data
on lost or stolen devices. User-granted permissions to restrict access to
system features and user data. Application-defined permissions to control
application data on a per-app basis. It is important that you be familiar with
the Android security best practices in this document. Following these practices
as general coding habits reduces the likelihood of inadvertently introducing
security issues that adversely affect your users.

In
a Java programming language and development environment, the sandbox is the
program area and set of rules that programmers need to use when creating Java
code called an applet that is sent as part of a page. Since a Java applet is
sent automatically as part of the page and can be executed as soon as it
arrives, the applet can easily do harm, either accidentally or as the result of
malicious intent, if it is allowed unlimited access to memory and operating
system services. The sandbox restrictions provide strict limitations on what
system resources the applet can request or access. The sandbox is implemented
not only by requiring programmers to conform to certain rules but also by
providing code checkers. The Java language itself provides features such as
automatic memory management, garbage collection, and the checking of address
ranges in strings and arrays that inherently help to guarantee safe code. In
addition, Java includes a compiled code Java’s compiled code is known as
bytecode verifier that guarantees adherence to certain limitations. Java also
provides for a local name space within which code may be restricted. The Java
virtual machine the layer that interprets the Java bytecode for a given
computer platform also mediates access to system resources and ensures that
sandbox code is restricted. To conclude these security features are there to
make safe your Android phone by doing all the things that’s mentioned in the
above and android try to make it easier for the end user to go though there day
to day life.