| Robert Ly | 9ca4369 | 2013-04-16 13:10:20 -0700 | [diff] [blame^] | 1 | page.title=Security Enhancements in Android 4.2 |
| 2 | @jd:body |
| 3 | |
| 4 | <p> |
| 5 | Android provides a multi-layered security model described in the <a href="{@docRoot}devices/tech/security/index.html">Android |
| 6 | Security Overview</a>. Each update to Android includes dozens of |
| 7 | security enhancements to protect users. The following are some of the security |
| 8 | enhancements introduced in Android 4.2:</p> |
| 9 | |
| 10 | <ul> |
| 11 | <li><strong>Application verification</strong> - Users can choose to enable “Verify Apps" and |
| 12 | have applications screened by an application verifier, prior to installation. |
| 13 | App verification can alert the user if they try to install an app that might be |
| 14 | harmful; if an application is especially bad, it can block installation.</li> |
| 15 | <li><strong>More control of premium SMS</strong> - Android will provide a notification if an |
| 16 | application attempts to send SMS to a short code that uses premium services |
| 17 | which might cause additional charges. The user can choose whether to allow the |
| 18 | application to send the message or block it.</li> |
| 19 | |
| 20 | <li><strong>Always-on VPN</strong> - VPN can be configured so that applications will not have |
| 21 | access to the network until a VPN connection is established. This prevents |
| 22 | applications from sending data across other networks.</li> |
| 23 | |
| 24 | <li><strong>Certificate Pinning</strong> - The Android core libraries now support |
| 25 | <a href="https://developer.android.com/reference/android/net/http/X509TrustManagerExtensions.html">certificate pinning</a>. |
| 26 | Pinned domains will receive a certificate validation |
| 27 | failure if the certificate does not chain to a set of expected certificates. |
| 28 | This protects against possible compromise of Certificate Authorities.</li> |
| 29 | |
| 30 | <li><strong>Improved display of Android permissions</strong> - Permissions have been organized |
| 31 | into groups that are more easily understood by users. During review of the |
| 32 | permissions, the user can click on the permission to see more detailed |
| 33 | information about the permission.</li> |
| 34 | |
| 35 | <li><strong>installd hardening</strong> - The <code>installd</code> daemon does not run as the root user, |
| 36 | reducing potential attack surface for root privilege escalation.</li> |
| 37 | |
| 38 | <li><strong>init script hardening</strong> - init scripts now apply <code>O_NOFOLLOW</code> semantics to |
| 39 | prevent symlink related attacks.</li> |
| 40 | |
| 41 | <li><strong>FORTIFY_SOURCE</strong> - Android now implements <code>FORTIFY_SOURCE</code>. This is used by |
| 42 | system libraries and applications to prevent memory corruption.</li> |
| 43 | |
| 44 | <li><strong>ContentProvider default configuration</strong> - Applications which target API |
| 45 | level 17 will have "export" set to "false" by default for each |
| 46 | <a href="https://developer.android.com/reference/android/content/ContentProvider.html">Content |
| 47 | Provider</a>, reducing default attack surface for applications.</li> |
| 48 | |
| 49 | <li><strong>Cryptography</strong> - Modified the default implementations of SecureRandom and |
| 50 | Cipher.RSA to use OpenSSL. Added SSL Socket support for TLSv1.1 and TLSv1.2 |
| 51 | using OpenSSL 1.0.1</li> |
| 52 | |
| 53 | <li><strong>Security Fixes</strong> - Upgraded open source libraries with security fixes include |
| 54 | WebKit, libpng, OpenSSL, and LibXML. Android 4.2 also includes fixes for |
| 55 | Android-specific vulnerabilities. Information about these vulnerabilities has |
| 56 | been provided to Open Handset Alliance members and fixes are available in |
| 57 | Android Open Source Project. To improve security, some devices with earlier |
| 58 | versions of Android may also include these fixes.</li> |
| 59 | |
| 60 | </ul> |