ITKarma picture

Speaking about the advantages of the Android platform, most users usually call customizability, a variety of devices and flexible prices. And for some reason, there is no question of security. Apparently, most just do not think Android is safe. The biggest reason may be that the Google Play Store is an open area: uploading malware there is much easier than with the Apple AppStore. And it really happened. Repeatedly .

This is a real problem. But it is connected with Google’s insufficiently rigid policy on the platform. Although this seems to be gradually changing . In any case, you should always remember which software should be trusted and which not. On any platform.

Recently, I was looking for a new phone and at the same time decided to find out what level of security of the Android platform is now and which phone is the most secure. It turned out that Android has a good security model.

First of all, the device manufacturer must make sure that his Android OS phone complies with the Android Compatibility Definition Document ( CDD ). If the device does not meet the hardware requirements, it will not be able to work with this OS. If the provider changes the Android system and violates the CDD, this system can no longer be called "Android". Therefore, if you buy a device and it is clearly indicated that it is running Android, it means that compatibility with CDD is guaranteed.

CDD guarantees security


There is an entire section on security in the CDD for Android 10. This document is huge and refers to many other huge documents. I will try to formulate very briefly.

The permission system must follow the Android Security Reference . It covers issues such as the ability to revoke permissions after they have been granted, how permission requests work, what permissions can only be granted to system applications, and much more.

The sandbox must be organized correctly. Details are described in this document . In fact, each application has a unique UNIX user ID and directories that belong to this and only this user. Since Android does not have a root user, other applications cannot access the data stored in these directories. Therefore, introducing root into the system will violate the security model. That is why we will never see the Android phone, which is rutted by default. In addition to all this, there are also SELinux policies for force access control.

Thus, Mandatory Access Control (MAC) SELinux must provide an isolated environment for kernel applications. Mandatory access control policies allow you to set and apply restrictions. They cannot be changed or overwritten by any user and, therefore, this is virtually beyond the power of malware.

Encryption


CDD also requires that the /data and /sdcard sections of the built-in storage be encrypted “out of the box”. The /data section contains personal data for each application. Section /sdcard - general-purpose storage: for example, your photos and documents are stored there.

Therefore, if the device is turned off, and in such a state it falls into someone's hands, it will be almost impossible to extract data from the built-in storage.

Verified download


First of all, such a download should also work correct :

  • All executable code must be obtained from a reliable source (usually device manufacturers), and not from an attacker. At each stage of the download, the integrity and authenticity of the component is checked before passing execution to it.
  • In addition to the fact that the devices are running a safe version of Android, the correct version of the OS is checked. Rollback protection helps prevent potential exploits from being saved, as devices only upgrade to newer versions of Android.

Many believe that such a boot ensures the security of the device only when the attacker has physical access to the machine, and thus downplay the importance of this feature. But when it comes to mobile devices, first of all, it is physical access that is worth considering.

Moreover, verified downloads ensure that unwanted code will not be executed during or immediately after downloads. This makes life difficult for any type of malware. After a reboot, we automatically remove this software if it suddenly gets into the system. For example, jailbreak exploits such as checkra1n are not saved after a reboot. Let me remind you that iOS also uses verified downloads.

Data Access Control


For encryption, you need keys that must be stored somewhere. Android can use Keymaster and Strongbox technologies to protect keys, even if the kernel or hardware exploits are compromised (for example, Meltdown and Specter ).

Samsung KNOX, for example, goes even further: after flashing the bootloader, kernel or Recovery to a user’s one, and also when it gets root on the device -Right electronic fuse will be activated. After its activation, the user will no longer be able to pay for purchases through the Samsung Pay mobile payment service, and the device will lose access to data from protected directories.

Stop paying for memory errors


Recent study Microsoft showed that about 70% of all vulnerabilities in Microsoft products are associated with a memory vulnerability. A Google study showed the same thing for Chrome. So, of course, there is reason to believe that this is true for Android.

And Google decided to fix this problem. In Android 11, they used a new memory allocator, several safer ways to initialize the kernel and user space, as well as error detection methods real-time memory.

Memory errors certainly will not disappear completely, but they will probably be much smaller now.

The tip of the iceberg...


All of the above is just the tip of the iceberg. There are many more interesting details that you can learn about the security of Android-based systems. For example, you can write a separate large article about the same Samsung KNOX.

So, contrary to popular belief, modern Android devices are pretty safe.



As advertising


Secure virtual servers with protection against DDoS attacks and powerful hardware. All this about our epic servers . Maximum configuration - 128 CPU cores, 512 GB RAM, 4000 GB NVMe.

ITKarma picture.

Source