Ransomware and Other Threats Exist on Android, Too
I recently covered ransomware, but what I didn’t mention in that article is that ransomware threats exist on Android, too. Using a malicious mobile advertisement, the exploit installs ransomware on the device, though this version is notably less powerful than the typical Windows-based solutions. Security breaches on Android can be massive. Along with Windows and iOS, Android is one of the most widely-used operating systems on PCs and smart devices throughout the world, and because of that it’s regularly the target of major security exploits.
File-Level Encryption vs Block-Level Encryption
Android N is changing from previous versions by pushing file-level encryption instead of its previous block-level. While both forms of encryption are obvious boons to security, block level encrypted the entire device and was notably more intensive on performance. With Android N, file-level encryption is being implemented alongside a direct-boot mode that allows only phone calls/alarms/message notifications, with anything else requiring the device to be unlocked and decrypted. File level should be better for security, usability and performance, but we’ll have to wait for the update to verify that.
Seamless Updates Add to Ease of Use and Security
A common pitfall of Android updates (or, indeed, any operating system that needs to update) is that people really don’t like rebooting their devices for long installation processes, especially in urgent situations. Unlike desktops, mobile devices are expected to be available at most, if not all, times which means many users are even less inclined to start an upgrade process that could take half an hour or more. Android N is changing this by allowing seamless updates. Thanks to two system partitions (one for updates and one for the one you’re using) Android N can silently update the other system partition and switch to it the next time you reboot your device. This, of course, raises a concern for people who root and unlock devices or who are worried about new issues with system updates. I’m sure this feature will come with an opt-out option.
Advanced Sandboxing, Hardware-Backed Keystore and Other Features
Android N is implementing improvements to many security/performance-key features. These include:
SafetyNet API, which allows developers and applications to take a look at device health. This includes if it’s been tampered with or how long it’s been since an update. Mandatory hardware-backed keystore. This stores encryption keys in a special chip on the device which allows for more advanced security applications. Better sandboxing, which allows Android to isolate apps and processes from interacting with each other. Media server hardening, which means that exploits like StageFright (used to make media files a vector of infection) will no longer work. Strict Verified Boot, which prevents a device that has a modified boot from booting. While this is good for malicious security, it does have some concerns for people who like to root and unlock their devices.
Conclusion
Android N is putting a lot of work into securing Android. I’m cautiously optimistic about these changes, but I’m also fairly worried about what they mean for the future of the Android rooting, unlocking and development scene. What do you think?