Android has a reputation for having the most malware-targeted mobile OS. In part, this is due to its popularity as a \u201ccheaper alternative\u201d to the iOS-based devices, and partially because of the past errors in code and the persistence of the legacy devices in use. Existence of third-party app stores with under-controlled content is a major factor as well.<\/p>\n
While Google engineers argue that the security issues with Android are exaggerated, the latest joint report released in October by Kaspersky Lab and INTERPOL shows<\/a> that slightly above 98% of mobile malware targets Android-based devices worldwide, and as the user base grows, so do the threats.<\/p>\n #Security features in #Android 5.0: candies and serious stuff<\/p>Tweet<\/a><\/blockquote>\n Still, it would be unfair to say Google does nothing about it. It actually does a lot. Android 4.2 Jelly Bean, released in 2012, came with a lot of enhanced security features. Among them: a built-in malware scanner which works in combination with Google Play, but is also capable of scanning apps installed from third party sources, and an alert system which notifies the user when an app tries to send a premium-rate text message, blocking the message unless the user explicitly authorizes it.<\/p>\n What comes with Lollipop?<\/p>\n Security candies<\/strong><\/p>\n New security features in Android 5.0 include:<\/p>\n 1. SELinux enforcing mode for all applications on all devices<\/strong><\/p>\n SELinux stands for Security Enhanced Linux \u2013 Android has been built on this since last year. According to Google\u2019s official Android blog<\/a>, SELinux \u201cpushes enforcement of the Android security model further into the core of the OS and makes it easier to audit and monitor so there\u2019s less room for an attack\u201d. Simply put: The security checks are made at the kernel level. Not exactly a \u201ccorporate-oriented\u201d feature, but an extremely important one.<\/p>\n 2. Full device encryption from the start<\/strong><\/p>\n Previously disabled by default, it would require a user to dig up the device setting to find it, then wait while all the device data is being encrypted \u2013 a time-consuming task.<\/p>\n This time, Android offers to turn on encryption at the first boot-up of a new device running Lollipop, and since the device is supposed to be mostly clean of data, it will run fast and smooth. New data will be encrypted as it arrives. This feature is of utmost importance for corporate security, as well as for the safety of the users\u2019 personal data.<\/p>\n 3. Smart Lock, smart and aware<\/strong><\/p>\n While malware threats are displeasing, the possibility of losing the device or getting it stolen is a much more immediate threat. What Google offers to mitigate this is strange, but interesting. The Smart Lock feature, according to Google, \u201clets you tell your phone to unlock using Bluetooth pairing, NFC, or simply your smile \u2014 faster than before\u201d.<\/p>\n That essentially means the device will unlock itself once it discovers a certain \u201cbeacon of safety\u201d \u2013 a certain Bluetooth device or an NFC tag that marks a safe environment.<\/p>\n How safe is this particular approach? Connectivity-for-security is a good trend, well aligned with the \u201cInternet of Things\u201d paradigm, although there is reasonable concern of possible vulnerabilities in certain devices and connectivity protocol implementation issues.<\/p>\n Interestingly, according to Computerworld<\/a>, Google plans to move forward with this approach, adding features to the current Smart Lock functionality via Google Play (so you won\u2019t have to wait for the next major release to acquire them).<\/p>\n And what about \u201cwith your smile\u201d? Its Trusted Face feature unlocks the device by facial recognition. This was actually introduced with Android 4.0, but was barely usable. Now it looks more practical.<\/p>\n 4. Lend a device, not data<\/strong><\/p>\n Android 5.0 offers a set of functions for shared devices \u2013 i.e. for smartphones that more than one person uses.<\/p>\n First, there is a Guest User mode available for both phones and tablets: A guest may use their basic functions, but will not have access to the owner\u2019s personal data.<\/p>\n The other feature is more interesting. If you forget your phone, you still can call anyone or access your messages or photos by logging into another Lollypop device. That essentially means data is stored in the cloud and accessible from any Lollypop device. This approach is similar to what Google offers with the Chrome browser: Install a fresh new browser on a new PC, and once you\u2019ve logged into your Google Account, all of your bookmarks and settings are imported automatically.<\/p>\n Google recently tightened the security noose further with Chrome and Google Accounts, preventing \u2013 by default \u2013 access attempts from \u201cinsecure\u201d apps and devices. For instance, just a few days ago this blogpost author\u2019s attempt to login into Google Talk from an iPad failed, and a security alert was raised in Chrome. However, after installing Google Hangouts the problem went away on its own, without changing these new-default settings.<\/p>\n 5. Reaching out<\/strong><\/p>\n With device loss a major security concern, mobile OS simply must have functions for remote control over the device. Android offers a full range of them. Since 2013 it\u2019s equipped with Android Device Manager, which allows you to find the lost device, locate it on a map, or, if it absolutely cannot be recovered promptly, wipe out all of the data, preventing it from getting into the wrong hands.<\/p>\n This is a feature especially important for businesses. Too often sensitive data is stored on mobile devices, which are easily misplaced. Having those devices compromised could lead to long lasting and devastating repercussions.<\/p>\n There is also a Factory Reset Protection feature, a somewhat euphemistic name for remote bricking the device. Without knowing the password, the stolen smartphone or tablet will be unusable and, more importantly, unable to be wiped. This is supposed to be discouraging to thieves since they won\u2019t be able to access the data or sell it as a new device.<\/p>\n 6. Android for Work<\/strong><\/p>\n A number of system-level, enterprise-oriented features have been added to Lollipop. Samsung, which is a hardware mainstay for Android, contributed its Knox security framework for segregating personal and work-oriented data from each other on a device, along with a few accompanying APIs for managing the environment. IT personnel will be able to deploy apps in bulk to business-user devices and maintain centralized control over sensitive functions, which is a necessity for keeping BYOD in good health, diminishing the headache it causes to admins.<\/p>\n 7. The right stuff<\/strong><\/p>\n Google does a great job with improving security. This, however, doesn\u2019t mean that all security issues with Android will be sorted out with 5.0.<\/p>\n #Lollipop is good with security, but how fast is it going to be adopted?<\/p>Tweet<\/a><\/blockquote>\n First, adoption rates of new versions of Android are notoriously slow. The most popular version today is last year\u2019s Kitkat (4.4) with 30.2% distribution share, but Jelly Bean 4.1.x and 4.2.x, released in July and November 2012, hold 22.8% and 20.8%, respectively (summing to over 40% together). And yet older and weaker 2.3.x Gingerbread versions still hold slightly below 10%.<\/p>\n All of the older versions had a lot of room for improving security \u2013 just a week ago a new critical bug was discovered, affecting all Android versions below 5.0. Eventually we will most likely see some critical bugs in Lollipop too, as no software is flawless.<\/p>\n![\"wide\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2014\/11\/06020213\/wide2-1.png\")
<\/a><\/p>\n