Besides rolling out Google Play Protect, Google has been releasing and continues to release several features that strengthen Android’s security credentials. These have included:
1. Monthly security patches
July 2015 will go down in Android history as a very defining moment. It is the month that news of a severe vulnerability that allowed people with malicious intent to access a device remotely by sending a media file to an unsuspecting user’s number and thereafter removing any traces of having accessed the device without the user ever knowing, first broke.
The exploit would be named Stagefright, after the Android code library responsible for processing a wide range of popular media formats where it resided.
The result of the scare that was Stagefright, which put nearly 1 billion devices at risk, was that Google introduced something new, something we hadn’t ever known on Android: monthly security updates. These would be rolled out to device makers who would then seed them to the devices they are maintaining.
2. App permissions
The arrival of Android Marshmallow last year, currently the most recent version of Android installed in most devices, brought with it a much higher level of user control over what apps can and can’t do on devices with the permissions system. Now, a mosquito repellent app can be blocked from accessing the device’s camera as well as one’s contact list.
3. Verified Boot
What if one day you woke up and turned on your phone (assuming you turn your phone off before sleeping) only to find some things you don’t understand showing on the device’s display? What would you do?
If you watch the hit geeky TV show Mr Robot then you must know how this is such a possibility, more so if you happen to have access to a lot of sensitive data/information.
To guard against such and any other malicious party that may want to hijack your device at the boot level, since 2013, Google has moved to secure the specific partitions responsible for loading up the operating system on a device. If, upon being powered on, the device is not able to ascertain the integrity of the system, then it simply won’t start up.
Verified Boot makes sure that if you shut down your device at 9PM, when you turn it on at 6AM the following day, it will still be at the same state as you left it with no one sneaking in to alter things.
Google has been making Verified Boot better and more secure and robust with each release of a new version of Android. Today, it is no longer the feature that first shipped with Android KitKat, 4 years ago.
If you have a device running Android 7.0 or Android 7.1, Nougat, and it lacks a coherent way of rooting then Verified Boot is most likely to blame. With Nougat, Google introduced Strictly Enforced Verified Boot which, as the name hints, will simply not allow a device to start up in instances where its critical system files have been corrupted either by malware, a hack taking advantage of a vulnerability as most rooting tools do or God-knows-what.
SELinux (short for Security Enforced Linux) has been around as an Android security feature since 2013 when Android 4.3, Jelly Bean, was released. Why it is important, in a nutshell, is because it furthers the boundaries established by default in the Android system where every application operates independent of the other (thanks to sandboxing). This means that no rogue app can go fishing for data or information it is not allowed to access, even when that app has superuser privileges (read: root), something that was critical before the current Android app permissions, as we know them after Android Marshmallow, came into place.
5. Reaching out to security researchers and Android developers
Google is actively notifying developers of the best practices to keep their apps secure.
According to the 2016 Android Security Report [PDF], 18 campaigns to notify application developers about vulnerabilities or recommended security improvements in their apps in the Play Store were run last year which resulted in over 275,000 apps receiving security upgrades, further narrowing the number of users in danger because of using outdated apps.
Google has also courted the security research community with a bug bounty programme that pays handsome amounts of money as rewards for finding and reporting vulnerabilities and other bugs on the platform. This explains why there’s always a scary Android malware report in the news media from some research facility. There are always teams and individuals out there looking for any flaws in the platform we love. That is good and it shouldn’t worry you.
The whole point here is to highlight that no matter the kind of gloomy picture your head paints every time an Android malware situation is mentioned, shouldn’t be there. Yes we have to be cause and not put so much faith in one person or corporate entity but in most things Android-related, Google’s got our back. By making Google Play Protect front and centre of the ordinary user experience, that is simply a reminder that all is always well even when we really can’t tell that it is.