As we all know by now, Android has a huge malware problem. While that's not reason enough for most users to worry about, a small percentage of devices are still very vulnerable to malware. Count the Nokia X among these devices.
Android's malware problem is not an exaggeration, but it's largely restricted to those devices that do not have official Google Play Store support. Because, despite what you may have heard about Android from its critics and proponents, Google has actually made a lot of effort to keep malware away from the official store, but these are mostly available to phones running Android 4.2 and above, since many of the changes are recent.
Unfortunately for Nokia X users, Nokia has used the Android 4.1.2 SDK from AOSP to develop the X platform. So this means some crucial security elements are missing from the Nokia X.
In 2012, Google introduced Bouncer, an always-on malware verification service that screens all apps submitted to the Play Store to see if it could execute malicious code. It works without user intervention or needing developers to go through an approval process, like on iOS. It may be hard to believe considering the slew of Android malware stories, but the Play Store is about as safe as it gets, without having a walled garden approach. Bouncer is not available in non-official app stores or third-party app stores such as Aptoide, AppLib or GetJar, which may or may not have an equivalent of such a service. You are more likely to get malware through apps installed from third-party app stores or by sideloading unofficial APKs, than through the Play Store. Nokia too could have set up processes to screen apps on their app store but no details of that are out as yet.
Besides Bouncer, Google also added the Verify Apps feature to 4.2 Jelly Bean, which verifies installation on a device level and makes sure apps installed are not malware. It does this by comparing the app and its 'signature' with other apps that have been verified in the past, including apps that have been declared as malware. So if an old malware is masquerading as a new app, Verify Apps will know and warn the users and quite possibly take action against the developer in the Play Store. With a future update, as announced recently, Verify Apps will be able to constantly monitor app for fishy activity, and not just on installation. This is a life-saver for those constantly carrying sensitive data on the phone.
Verify Apps came with Android 4.2
Admittedly, some apps do get past these screening services, but the issue is becoming less and less problematic with each version update. Google also introduced kernel security module SELinux in Android 4.2, allowing software to run using only the bare minimum privileges and not all the exhaustive privileges it may require. This means administrators can check for apps and the processes they are using, before allowing them to run in full capacity. While previously SELinux operated in 'permissive' mode meaning some apps (after being given explicit permission) could use root privileges to exploit the kernel, in Android 4.4 KitKat, Google made 'enforcing' mode default, which meant no malicious app can use administrative privileges (aka superuser access) to disable the SELinux security feature. As we have already seen the Nokia X has been rooted, which means apps that are allowed root access can mess around on a kernel-level, because SELinux is not present in the Android 4.1.2 SDK.
There are nearly seven layers of security between an end user and an Android malware. Google explained the layers of at the VirusBulletin 2013 conference. It begins with Google Play, where Bouncer works its magic. If you bypass the Play Store, then comes the on-device warning when installing from unknown sources, followed by a screen confirming the installation. So malware cannot be installed silently in the background. The fourth step is the Verify Apps question, which needs an affirmative response from the user before installation can continue. Then there's a Verify Apps warning that tells users that any new apps will be verified upon installation. Finally, there's the runtime security check, enforced by SELinux and lastly, there's a sandbox and permission-based security feature, wherein any app can be denied permission to access a certain function, thus limiting the potential of malware to spread.
Layers of security in Android (Image: Google)
The Nokia X misses out on many of these security features, which immediately makes it more vulnerable. We have yet to see Nokia address this issue when it comes to the X and we would ideally like the company to update the SDK to Android 4.2 or newer as soon as possible to mitigate these problems. At its current state, the Nokia X is a potential goldmine for those spreading malware. Whether it will eventually come to haunt the platform is anyone's guess, but it does give users less cover from malicious apps at the moment and requires them to be a lot more cautious.
Android Malware, Google Bouncer, Google SELinux Android, Google Verify Apps, Nokia X, Nokia X AOSP, Nokia X malware, Nokia X security
via Technology - Google News http://ift.tt/1dKFyLe
Put the internet to work for you.
0 comments:
Post a Comment