Android Oreo Improves Security Options

by Tech Mainstream Staff


December 28, 2017


Android Oreo Improves Security Options


With the arrival of Android Oreo, many new security features have been introduced. Among the security enhancements, "making it safer to get apps, dropping insecure network protocols, providing more user control over identifiers, hardening the kernel, making Android easier to update, all the way to doubling the Android Security Rewards payouts."

A new hardware feature, Android Verified Boot 2.0 (AVB), part of project Treble, includes a common footer format and rollback protection for more secure and easy updates. The new OEM Lock Hardware Abstraction Layer (HAL) allows manufacturers options on how they protect whether a device is locked, unlocked, or unlockable. A security module, a physical chip found in Pixel 2 and Pixel2 XL, which "prevents deriving the encryption key without the device's passcode and limits the rate of unlock attempts, which makes many attacks infeasible due to time restrictions." New GMS devices Android Oreo shipped with Android Oreo are required to use key attestation. New security features have also been added for enterprise-managed devices

Part of Project Treble, HALs following the principle of least privilege, "only have access to the drivers and permissions that are absolutely necessary" and run in a distinctive sandbox. This separates platform and vendor code. Removal of direct hardware access from Oreo media frameworks and Control Flow Integrity (CFI), a "robust security mechanism that disallows arbitrary changes to the original control flow graph of a compiled binary," have directly heightened security. Seccomp filtering, Hardened usercopy, Privileged Access Never (PAN) emulation, Kernel Address Space Layout Randomization (KASLR) round off the Oreo platform security advancements.

Android Instant Apps, which involves apps running in a restricted sandbox which limits permissions and capabilities. WebView security has also been increased by running it in a separate process and within an isolated sandbox that restricts its resources. Yet another security plus is the significant changes to device identifiers allowing users more control.

 

 TECH IN A SECOND     

Read All News...


Upcoming Tech Events

November 17-22, 2019- Visual Studio Live! Orlando

November 19-22, 2019- Open Data Science Conference

December 2-3, 2019- Future Compute

December 8-14, 2019- NeurIPS | 2019

December 10-11, 2019- Global Growth Marketing Conference 2019

February 4-6, 2020- Social Media Strategies Summit 2020

February 19-21, 2020- SMX West 2020

February 24-26, 2020- DNN Summit 2020

February 24-28, 2020- RSA 2020

March 15-18, 2020- Strata Data Conference

March 24-25, 2020- AI World Congress 2020

April 15-17, 2020- MarTech

June 8-10, 2020- SMX Advanced 2020

 


Tech Definitions in the News

Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects. Arduino boards are able to read inputs - light on a sensor, a finger on a button, or a Twitter message - and turn it into an output - activating a motor, turning on an LED, publishing something online

Source: https://www.arduino.cc/en/Guide/Introduction/

Augmented Reality is an enhanced version of reality where live direct or indirect views of physical real-world environments are augmented with superimposed computer-generated images over a user’s view of the real-world, thus enhancing one’s current perception of reality.

Source: https://www.realitytechnologies.com/ augmented-reality/

Chatbot is a piece of software that interacts with users in a conversational way.

Source: https://snatchbot.me/insight/250/ intelligent-chatbots


Deep Learning is a new area of Machine Learning research, which has been introduced with the objective of moving Machine Learning closer to one of its original goals: Artificial Intelligence.

Source: http://deeplearning.net/


DevOps is a set of software development practices that combines software development (Dev) and information technology operations (Ops) to shorten the systems development life cycle while delivering features, fixes, and updates frequently in close alignment with business objectives. Different disciplines collaborate, making quality everyone's job.

Source: https://en.wikipedia.org/wiki/DevOps


Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package.

Source: https://opensource.com/resources/what-docker


FogHorn is an intelligent Internet of Things ( IoT) edge solution that delivers data processing and real-time inference where data is created.

Source: https://aws.amazon.com/blogs/architecture/foghorn-edge-to-edge-communication-and-deep-learning/


Hybrid Cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.

Source: https://azure.microsoft.com/en-us/overview/what-is-hybrid-cloud-computing/


Kubernetes (k8s) is an open-source system for automating deployment, scaling, and management of containerized applications.

Source: https://kubernetes.io/blog/



WWW2 and WWW3 (k8s) are hostnames or subdomains, typically used to identify a series of closely related websites within a domain, such as www.example.com, www2.example.com, and www3.example.com; the series may be continued with additional numbers: WWW4, WWW5, WWW6 etc. 

Source: https://en.wikipedia.org/wiki/WWW2


Did You Know?

Duck Duck Go Search Engine has six different themes to choose from for its search interface.


Tech Gallery

LG SIGNATURE OLED TV R9 - 4K HDR Smart TV
Image Credit: LG