Friday, 30 December 2016

Android Security Annual report details current state of Android ecosystem

Recently Google reported annual report of android security which reveals how Google protects the Android ecosystem. Previous year when a report was revealed it analyzed billions of data gathered. And in this year, the goal was increased. The company says that it scanned 400 million devices daily, although it is not clear that, this scan were automated scan or the scans done by the user or the combination of both.


Google has been enhancing its service daily to protect Android users and identifying the harmful behavior. Google says that over the course of 2016, less that 0.15 PHA (potential harmful apps) were installed and if we include the third party apps than overall ratio comes to 0.5%. Additionally, Google Chrome's Safe Browsing feature was also mentioned to have protected the hundreds of millions of users of the Internet browser on Android devices.

When Android Marshmallow was introduced it included the high-security features to protect devices. Google also highlighted that security enhancements include, the requirement of full disk encryptions, updates to the app permission that allow the users to manage their data being shared and more. All these securities made sure that device is running perfectly.

Android’s security features are progressing, since when Google joined the Google’s vulnerability reward program. In these programs, researchers were paid when they found any bug and report to Google. It fixed 100 vulnerabilities that were revealed by them in Google bug joining program. Few goals to improve Android protection are transparency and security decisions. This annual android security report was developed to reveal that, the company is not just watering away deep public security threats. One of the instance: Stagefright exploit that would allow hackers to take over Android devices remotely in a matter of seconds.

Android lead security engineer Adrian Ludwig reported that "There is a fairly big disconnect between what's in the data and what's in the public discussion," He further added that part of what Google has been going to improve security is making improvements to the security updates process. According to the blog, recently Google launched public security update program, to the open source project and security life cycle update for nexus devices.

However, much of the efforts being forth by the Google for improving Android security, it is reported that millions of active Android devices are running on the versions of the operating system are not supported by the security patches that was released. If they continue to refuse for an update of the latest Android version, especially those users of such devices it would remain vulnerable to cyberattcks. Hence it seems on android that security researchers job is never done.

No comments:

Post a Comment