A sneak peek at security features in the upcoming Android L release
Fix It

Google says the upcoming Android L release will be far more secure than its predecessors.
Despite the immense popularity of the Android mobile operating system, one significant damper on the euphoria is the lingering sense that Android devices lack security. Although virtually any business laptop today comes with convenient features for encrypting the hard disk, comparable features in Android smartphones are rare. Smartphone security in general, and security of Android phones in particular, is not good if you believe the media reports.
Kaspersky Lab had already discovered the 10-millionth Android malware app by the end of January 2014, despite the fact that Google Play lists hardly more than a million apps. Of the 350,000 unique mobile threats and more than 840 threat families, 98-99 percent now target Android.
The full gamut of Windows malware also exists in the Android universe: worms, adware, backdoors, monitors, risk tools, malicious remote admin tools, SMS flooders, and a full set of trojans: downloaders, droppers, fake AV, PSW, SMS, spyware, clickers, bankers, and ransom tools.
According to Christian Funk, a senior virus analyst with Kaspersky, the reasons for Android's security issues are wrapped up in developer practices and program verification. "The way access privileges for interfaces and user information have been implemented on Android is okay in principle. But what we see is that app programmers very often ask for access to areas that have nothing to do with the way their app works. Attackers take such permissive apps, inject malicious code, and offer them on sites other than Google Play."
To give users some peace of mind, Google plans nothing less than a total revamp of the security features for the upcoming Android L release (Figure 1). Although the L release is still a work in progress, and it doesn't even have a dessert name yet (although Lollipop is a likely candidate), many details of the new security architecture have already reached the public (Figure 2).


Opportunity Knox
One of the more interesting developments is that Samsung is helping Google implement additional security for the L version. The fact that Google is leaving it to Samsung is not surprising: Unlike most other manufacturers of Android phones, Samsung has offered its proprietary security framework for Android for some time; it goes by the name of Knox [1] (Figure 3). The Knox framework is named for Fort Knox, the super-secure facility where the United States government stores its gold.

Knox offers many features that are of critical importance in the enterprise. One important principle is establishing a "secure path" for the execution of programs. As long as UEFI is enabled, the BIOS executes only operating systems that a well-known manufacturer has digitally signed. Verifying the identity of the app could theoretically prevent an attacker from doctoring up an app with malicious code and posting it independently for download. (One could possibly work around this protection and still have a working device, but you would void the warranty, and, obviously, you would be foregoing the security benefits of the new feature.)
Knox offers many more security features, such as TIMA, the Trust zone-based Integrity Measurement Architecture [2]. TIMA combines several tools that protect the system kernel at run time. Options for biometric or smartcard authentication prevent unauthorized access, especially if the device falls into the wrong hands.
And then there are the managed profiles: Knox lets you separate business data from personal information on smartphones. Users can do whatever they want in the private part of the profile, but any business data is kept safe on the same smartphone. You'll find profiles along with other (fairly unsurprising) security features in the Android Settings app below Settings | Security (Figure 4).

At last: SE Linux becomes Android SE
Android also integrates the SE Linux [3] security feature, in the form of Android SE. The SE Linux tool, which provides sophisticated policy-based access control for Linux desktop and server systems, plays a central role in the security architecture of Android L.
SE Linux prevent programs from executing functions that they are not allowed to run, and if a program does gain unauthorized access, the protections integrated through SE Linux will help prevent privilege escalation. (A side effect is that you might have a more difficult time rooting your own phone.) Clamping down on the privileges assigned to a application at the policy level should help prevent attackers from modifying programs to do things they were never intended to do.
Updates
Security updates for older devices have been an issue with Android in the past. Porting these modifications to new versions of Android costs a lot of money, and because new Android smartphones are continually pouring onto the market, updates are regularly discontinued for devices that sometimes are little more than a year old. Even maintenance updates for patching well-known vulnerabilities sometimes don't find their way to users. Devices that don't receive regular updates pose a problem regardless of how many new security features you add to the operating system. Integrating SE Linux features could certainly add an additional barrier for malware slipping onto the system, but any way you look at it, a system that isn't receiving updates is still vulnerable.
Users have the option of installing aftermarket firmware. Tools such as Cyanogenmod [4], Paranoid Android [5], or Mokee [6] offer users an alternative to the update dead-end, but these solutions can sometimes have nasty side effects. Also, installing aftermarket firmware invalidates any form of app verification, because you first need to unlock the bootloader.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
Kubuntu Focus Announces XE Gen 2 Linux Laptop
Another Kubuntu-based laptop has arrived to be your next ultra-portable powerhouse with a Linux heart.
-
MNT Seeks Financial Backing for New Seven-Inch Linux Laptop
MNT Pocket Reform is a tiny laptop that is modular, upgradable, recyclable, reusable, and ships with Debian Linux.
-
Ubuntu Flatpak Remix Adds Flatpak Support Preinstalled
If you're looking for a version of Ubuntu that includes Flatpak support out of the box, there's one clear option.
-
Gnome 44 Release Candidate Now Available
The Gnome 44 release candidate has officially arrived and adds a few changes into the mix.
-
Flathub Vying to Become the Standard Linux App Store
If the Flathub team has any say in the matter, their product will become the default tool for installing Linux apps in 2023.
-
Debian 12 to Ship with KDE Plasma 5.27
The Debian development team has shifted to the latest version of KDE for their testing branch.
-
Planet Computers Launches ARM-based Linux Desktop PCs
The firm that originally released a line of mobile keyboards has taken a different direction and has developed a new line of out-of-the-box mini Linux desktop computers.
-
Ubuntu No Longer Shipping with Flatpak
In a move that probably won’t come as a shock to many, Ubuntu and all of its official spins will no longer ship with Flatpak installed.
-
openSUSE Leap 15.5 Beta Now Available
The final version of the Leap 15 series of openSUSE is available for beta testing and offers only new software versions.
-
Linux Kernel 6.2 Released with New Hardware Support
Find out what's new in the most recent release from Linus Torvalds and the Linux kernel team.