Security updates in Android N

May 21, 2016 ~ hucktech ~ Leave a comment

All The New Security Improvements In Android N https://t.co/CZPDjfGnhn

— Tom's Hardware (@tomshardware) May 21, 2016

Lucian Armasu has a story in Toms Hardware about Android N security changes, summarizing a presentation from Adrian Ludwig of Android at the recent Google I/O event. The story has a link to the Google I/O video, as well. Outline of Lucian’s story:

Hardware-Backed Keystore (Now Mandatory)
Fingerprint And Smart Lock Authentication
Secure Networking
Storage Encryption
Strictly Enforced Verified Boot
Checking Device Health
Sandboxing
Other System Restrictions & Improvements

“[…] Ludwig said that a major security feature of Android these days is the hardware-backed ‘keystore’, which is available in the vast majority of Android devices thanks to various implementations of ARM’s TrustZone. Although TrustZone has been mainly implemented by chip makers and OEMs to enable stricter DRM protection, Google started making it available to application developers in the past few years. […]”

“[…] If in Android M the phone would warn the user only that the boot was modified by unknown code, in version N the device will not boot if the boot process has been maliciously modified. Google also introduced bit-level error correction in the verified boot feature, which can erase changes that would, for instance, keep a device rooted after it’s been rooted. […]”

Full story:
http://www.tomshardware.com/news/google-android-n-security-improvements,31846.html

Nexus status update

October 1, 2015 ~ hucktech ~ Leave a comment

Tom’s Hardware has an article with an interview of a few Nexus engineers, talking about upcoming releases:

Nexus Engineers Reveal More Nexus 5X, Nexus 6P Details – http://t.co/JX54IlNA1p

— Tom's Hardware (@tomshardware) October 1, 2015

Nexus Engineers Reveal More Nexus 5X, Nexus 6P Details
by Lucian Armasu

Four members of the Google Nexus team, including Hiroshi Lockheimer, David Burke, Krishna Kumar and Sandeep Waraich, took the time to answer questions from Nexus 5X and Nexus 6P fans about the two new phones. Here’s a summary of the most important details. […]

http://www.tomshardware.com/news/nexus-5x-nexus-6p-ama,30208.html#xtor=RSS-999

New Android security research

July 21, 2015 ~ hucktech ~ Leave a comment

As reported yesterday by Lucian Armasu in TomsHardware.com, there’s a research paper that talks about security issues of customizing mobile devices:

Security and system architecture: comparison of Android customizations
Roberto Gallo, Patricia Hongo, Ricardo Dahab, Luiz C. Navarro, Henrique Kawakami, Kaio Galvão, Glauber Junqueira, and Luander Ribeiro
“Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.”

https://dl.acm.org/citation.cfm?id=2766519

See the TomsHardware article for some additional comments, beyond the research.

http://www.tomshardware.com/news/customized-android-firmware-security-vulnerabilities,29631.html

(Re: ‘firmware’ use in TomHardware article, I wish there was more granularity for the term ‘firmware’, it is often used to refer to embedded OS code on mobile devices.)