In addition to supporting Bluetooth Smart and Restricted Profiles, Google says Android 4.3 operating system will be launched equipped with technology security that hackers and even the NSA (National Security Agency United States) can not snoop and exploit vulnerabilities to steal or destroy data users. Recently, Google also announced seven effective security technology has been on the latest version of the Android operating system.
SELinux
One change raises the most controversy on the Google's Android 4.3 has enabled SELinux (Security-Enhanced Linux) with the ability to control access to key applications help create a highly secure environment. However, SELinux was created by the NSA and apparently during the National Security Agency U.S. so unpopular they are very much related to snooping activity and intercept personal information illegally.
It is true that the NSA has created the basic foundation of SELinux, but now through manipulation of Google's hands, it was different before. The SELinux patches are open source and are not a secret code of the United States government can be inserted. Besides, SELinux has been integrated into the Linux kernel since 2003 and is used to create the different Distribute Linux for almost a decade now, we can rest assured that SELinux is "harmless" .
On the Android platform, SELinux is designed to address the flaws in the security model of the operating system and limit the damage caused by malicious code or software to cause harm. To do this, the UID SELinux will enhance and ensure the separation between applications.
Keychains and Keystore Providers
Android 4.3 added a new security system that allows developers to create each piece of encryptionhardware separately. This means that a separate storage area will be created to keep the personal password of the user that can not be exported to another device, even if the old equipment fails.
Along with the new system Keychain, Google also enhanced to a function that allows the application itself to create a separate user encryption that can only be used by the application and can not be seen or used by other applications. Even encryption can only operate on a specific device. Thus, even when hackers discovered a security flaw in Android and decided to exploit it, they can not download and use any encryption keys stored on
the device using Keystore Providers keychains and new systems.
the device using Keystore Providers keychains and new systems.
Nosuid
On the multi-user operating systems in general and Unix in particular, traditional design allows the user to root (superuser) is the supreme authority can perform all actions on the system.Moreover, it requires some manipulation must have root privileges can be done, for example, to change the password (to update the file / etc / passwd). For normal users can perform these operations, UNIX systems provide a mechanism for establishing the right of the actual process is executed through functions
such as setuid set permissions () / setgid (), seteuid () / setegid (), setruid () / setrgid (). The right system will actually be set automatically through the suid bit of / sgid files of the program. If a malicious program is setuid bit is set, it can destroy or steal any information it wants. And one of the common ways for hackers to exploit a system is to find a setuid program and somehow changes the nature of the system to fully obey the command that we
offer.
such as setuid set permissions () / setgid (), seteuid () / setegid (), setruid () / setrgid (). The right system will actually be set automatically through the suid bit of / sgid files of the program. If a malicious program is setuid bit is set, it can destroy or steal any information it wants. And one of the common ways for hackers to exploit a system is to find a setuid program and somehow changes the nature of the system to fully obey the command that we
offer.
With Android 4.3, the system holds a lot of programs operating system to configure the common Android apps can not use setuid function even if the flag is set. This helps reduce the risk of malicious applications that can exploit vulnerabilities in operating systems.
Wireless Security WPA2-Enterprise
When setting up a wireless network, make sure that you will see two security mode Wi-Fi Protected Access (WPA) which is different WPA2 and WPA. It can be said that the Personal mode easily install one, this is the mode or still called Pre-Shared Key (PSK). It does not require anything in addition to wireless routers, access points AP and the use of passwords for all users or devices.
One other mode which is integrated Enterprise on Android 4.3. This is a regime that businesses and organizations use, it is also known as RADIUS, 802.1X, 802.11i or EAP. This mode provides security solutions more effective, better key management and supports a number of other business functions.
Verify and Android Apps Device Manager
In addition to the security features 5 additional new Google Android 4.3 applies to all devices running Android 2.3 or higher (equivalent to approximately 96% of Android devices have the ability to access Google Play now) 2 is also available to provide other security features. It's Verify and Android Apps Device Manager.
Verify Apps is a service application detection and scanning of malware by Google for Android devices. Verify Apps users still often be confused with "Bouncer," an app for Android has the same functionality of the Google Play Store has been more or less successful and attracted the attention of the user.
However, Verify Apps will make the process of scanning applications installed on the client when the user install. Even in this application has all the scanning APK file, a source of dangerous ground attack that users hardly ever noticed.
Meanwhile, effective Android Device Manager helps Android users can track the smartphone / tablet when they are lost or stolen. After you enable the "trace" devices, users can visit the Android Device Manager (1 operations need your own website). Since then, in case the machine is lost, you can enable the device to ring at the loudest volume. With Android Device Manager, it will always ring the phone even before it
was set to voice what mode (vibrate, not ring ...), to help you easily identify their location. One more option that you can delete all the data on the remote machine in order to avoid data falling into the wrong hands.
was set to voice what mode (vibrate, not ring ...), to help you easily identify their location. One more option that you can delete all the data on the remote machine in order to avoid data falling into the wrong hands.
Post a Comment
Message from admin:
Thank you for your interest in our article.
We will proceed to consider and answer your questions
---Android Software Development Team---