How Google has been making Android a safer place since 2012

July 28, 2013

Android 4.3 security Google

Last year in June, Google brought Android Jelly Bean 4.1 to the world. It was a wonderful day, too. It brought with it Project Butter, which spelled the end for lag for a lot of people. Android was running smoother and more complete than ever. Who’d have known that just a year later, we’d be introduced to Jelly Bean not for the second time, but for the third time. Android 4.3 was a mixed bag. Some people were disappointed that it wasn’t Key Lime Pie, but most were happy to see a plethora of improvements, some new features, and even more optimizations. One little footnote that most people have skimmed over so far, though, has been the added security.

It’s not news that malware stories are everywhere. Some of them are no big deal and some are completely ridiculous. Thanks to that, anti-virus companies have been cleaning up. People are more scared of malware on Android now than ever before and they’re flocking to anti-virus apps by the millions. It’s getting to the point where apps like Lookout are coming pre-installed on many devices when they’re shipped out. All because of some malware that, most of the time, is impossible to get unless you download apps from outside the approved channels.

Well, apparently Google is going to fix this problem themselves. JR Raphael over at Computer World has written up an excellent post about how Google is quietly keeping us safe. As it turns out, that little footnote that says that Android 4.3 contains security improvements probably shouldn’t have remained a footnote. It should’ve been printed on billboards and discussed everywhere.

You may have seen inklings of these security features already. We’ve covered one of them, the Android 4.3 Permission Manager, commonly known as Apps Ops. This nifty little feature lets you control what permissions your apps can use. It’s a lovely and powerful feature that’s baked right into Android 4.3. It’s still in beta right now, but eventually that’ll be a part of everyone’s Android experience.

So what other security enhancements does Google have in store for Android 4.3?

We are glad you asked. According to JR Raphael, Google has been working on these security features for years. We’ll do a quick breakdown.

  • Starting with Android 4.2, there was a feature called Verify Apps that was added. This scans phones both downloaded and side-loaded to make sure they didn’t contain malware or pose a threat.
  • Verify Apps was eventually made available to all devices from 2.3 onward. According to JR Raphael, that’s 95% of Android devices running currently.
  • This now works in tandem with another older feature, the app scanner in the Google Play Store that scans apps as they’re submitted to Google Play to make sure they aren’t malicious. This is why you can always download from Google Play without worries.
  • All of these features are currently on Android devices right now.

But wait, there’s more. In Android 4.3 specifically, they have added yet another security feature called SELinux. This stands for Security-Enhanced Linux and it essentially keeps the important parts of your phone safe. Most notably the operating system. So there is protection everywhere.

So we’ll add this up one more time. In the last two years, Google has implemented,

  • An app scanner in the Google Play Store that scans every single app uploaded and submitted. It rejects the bad apps and keeps the good ones.
  • A system on devices from Android 2.3 and up called Verify Apps that scans every app that gets installed on your device to make sure it’s not malicious. Keep in mind that if you download an app from the Google Play Store, it gets scanned twice.
  • Apps Ops –which is still in beta– that will let you control the individual permissions of any application you download and install. So if you don’t want, say, Facebook to see your location, you can prevent that from happening.
  • SELinux, a Linux security feature that protects the core operation system functionality.

Let’s not forget what you, the consumer can do to protect yourself,

  • Only download apps from known and trusted sources. These include the Play Store and the Amazon App Store, among others.
  • Use your common sense. In most cases, malware apps are easy to spot. If you download the free Angry Birds cheat app from GivingYouMalware.com, the end result is rather predictable.

So without an anti-virus app, there are 6 things that are protecting you from the big bad malware threats. That’s a whole lot more than most people realize and it’s an ever expanding project from Google to keep everyone safe from garbage applications. Now here’s the big question. Do you think it’s enough? Or should Google keep going? If you’d like to discuss it, leave a comment below.

 

Comments

  • tysoncsmith

    Great effort so far and good to see Google actively addressing security. Complacency is the killer so as long as they keep progressing and continual review and improvement I think they do well. Joe makes a good point about common sense here too & realistically that is what i comes down to. At some point the user must take responsibility for their device.

  • APai

    “Apps Ops –which is still in beta– that will let you control the individual permissions of any application you download and install. So if you don’t want, say, Facebook to see your location, you can prevent that from happening”

    what took them so long ? a flashlight app wants to see your location, who you are connected with, you mother’s name , and other sundry personal details to switch on the led bulb on the back of the cam ? this is the part i hate most about android. there’s absolutely no way to know, other than by rotting and using LBE or something.

    (well, to be fair its the same with WP or IOS, developers request for godforsaken permissions to run an adware supported app)

    • tsunami

      well, better late than never :)

      • APai

        yup :)

    • Piyush

      BUT in ios you have option to disable it by going to setting than privacy than choose app and disable its use of location service , done.

      • Xing

        But you’re forgetting the all important point of IOS being under customizable, that’s what makes it much more secure… Which is also very annoying as apps that always need your location (Such as latitude) Can not function correctly

        • Piyush

          What is important security or customization , look we people know more about tech ,its about average consumers that don’t understand that safety precaution should be taken against malware that’s the reason apple focuses on security more than customization.

      • APai

        its not only location. its adware in general abusing a number of permissions. there was this recent report where apple’s problems are equally worse. security by obscurity was never good

        • Piyush

          LIKE WHAT

          • APai

            http://readwrite.com/2013/02/28/android-apps-less-risky-to-privacy-than-ios-apps#awesm=~od0kqqZoKXlm7E

            also, free apps are increasing in number, for a good reason, on both platforms. after a good run, app developers realize that their steady income comes to a stop. so the only way to have a continuous monetizing strategy is by offering free apps. look at the amazon store daily free app – it’s got like 3-4 adware, analytics, etc.

            path was caught uploading entire phonebook to their servers. so its not related to any platform. it’s just abusive behaviour by companies. why will those companies behave nicely if they are on apple ?

          • Piyush

            so amazon has adware doesn’t mean ios appstore also has you did be fooled if you think ios is like android , apps are totally sandboxed in ios they cant do anything without your permission like using your photos,contacts or location.

          • APai

            so how did path upload the entire phonebook to their servers ?
            how are apps on ios vaccuming personal data – calendar/ contacts list ?

            http://www.abcactionnews.com/dpp/news/science_tech/privacy-problem-iphone-ios-apps-can-steal-contacts-without-permission

            to say ios/ apple is/ was pristine is drinking their koolaid

          • Piyush

            it was before ios 5 now its all security tight and every os has few flaws but that doesn’t mean its bad and by the way thats 2yr old article.

          • APai

            “thats 2yr old article.”
            of course, i did mention that.

            you speak of apple as if they were perfect from before. ios6 is just 10 months old. millions of users’ data was exposed to ad networks before that, arguably for a number of years, and apple claiming themselves to be above privacy problems. that’s a bit of a joke

          • Piyush

            ok , both os are not perfect .same can be said about android , and even today there are more android malware problem than ios.

          • APai

            exactly my point, that they are not solving the problems of the users. instead they are happy about their ecosystems, their developers, basically the monetizing aspect. and now, the free apps increasing means that it just is going to get worse (despite checks and balances coming in)

  • Ivan Budiutama

    The problem with lags are sometimes because the App is roughly ported from another OS, See whatsapp before and after reworked (adapting Holo UI etc). While people easily notice the UI change, but the real improvement is on the performance. It is blazing fast and smooth now. The Android IMHO already a powerful platform, but as powerful as it may be, the application built based on “just port” contribute a lot to the laggy problem. We need more developer to follow Whatsapp example in implementing their built app specifically for Android.

    • MasterMuffin

      Wrong article? This article is about security features in Android, not lagging of Android apps :)

      • Ivan Budiutama

        no, just saying, the article mentioned about the 4.1 Project butter. While of course that was the best thing may happened to Android, but the lack of dev to properly optimized their app is sometimes very stressful. I’m done talking, sue me now.

        • MasterMuffin

          I’ll leave the suing to Apple. I have to say that I agree with you, but I just had to point out that your comment was a little off-topic :)

          BTW I think that Project Butter is second in the list of best things that have happened to Android, Holo (#holoyolo) being the first

  • tsunami

    I always think Android security is an afterthought. Still need lot improvement:

    – Better disk encryption. Separate password between disk encryption & lockscreen. Longer password for disk encrypt (16 is ridiculous for current standard). Full disk encryption on ALL android (my sony ics phone still didn’t have any disk encryption). SD card encryption on ALL android (most phone only support ‘/data’ encryption).

    – Firewall built-in. Specify which app can access internet. Not background restriction like current ICS does. Filter ip address. Log address that accessed by each app.
    I think Google will never implement a proper firewall in android, because principally it can also block ads (like adblocker).
    .

    I have high hope with Android 4.3 Permission Manager Apps Ops. Some features I look forward:

    – On-demand permission. Don’t grant all permission upon install. When later they need specific permission, a pop-up can be displayed so user can allow/reject requested permission.

    – Disable Background process permission. User can prevent specific app/service run in background. Can prevent those nasty service, battery hogs, popup, background malware, etc. Current ‘developer options’ to limit background process can’t specify app.
    As comparison, WindowsPhone has this feature (Settings->applications->background tasks->block)

    – Disable Internet access permission. Similar to firewall, user can prevent specific app to access internet as needed.

    • Lil bit

      Your wife must be the best hacker Ever if you need all that to prevent her from getting the contact details of your girlfriends.

      A 3 line unlock pattern does the job for me.

  • Simon Belmont

    The Scan and Install feature in Google Play Services has been around on versions older than Android 4.2 for a while. At least since early spring of this year.

    I noticed it on my EVO 3D running ICS. I also noticed it on my old HTC Hero running Gingerbread.