By Corinne Smith –
Android, although being an Operating System that has only been around for eight years, is a piece of software that has gone through many security enhancements over the course of its releases.
Before Ice Cream Sandwich (Android 4.0) the most notable security features on Android were protections against things such as double frees, integer overflows, and stack buffer overruns. Android 4.0 kicked off the implementation of security features by introducing Address Space Layout Randomization (ASLR) to their security model.
Jelly Bean (Android 4.1-4.3)
The first iteration of Jelly Bean introduced support for Position Independent Executables (PIE) and added some protections against leaking kernel addresses by enabling dmesg_restrict and kptr_restrict.
Android 4.2 implemented several important enhancements. 4.2 introduced support for certificate pinning in the Android core libraries. Another large change was modifying the default implementation of SecureRandom and Cipher.RSA to use OpenSSL and adding support for TLS versions 1.1 and 1.2 through OpenSSL. The second iteration of Jelly Bean also changed some security settings on the user end as well. Newly introduced is the option to have applications screened by an application verifier before install if the user desires. Also, how application permissions were displayed to the user was revamped, grouping the permissions by type, which allows users to make more informed decisions about the applications that they are installing.
The final Jelly Bean update (Android 4.3) included multiple changes that reduce the likelihood of an attacker acquiring privileged access. All setuid and setgid programs were removed, and the android debugger (ADB) was modified to drop unnecessary capabilities before executing the application. This version release also updated the sandbox to use SELinux in permissive mode to ensure compatibility. Also included is a security enhancement that allows applications to create exclusive key pairs and a place to store them.
KitKat (Android 4.4)
The introduction of KitKat also introduced a number of security improvements. KitKat improved upon the SELinux sandboxing introduced in Android 4.3, changing the mode from permissive to enforcing. The keystore also introduced in version 4.3 is improved to allow the use of the DSA and ECDSA algorithms. One enhancement that is visible to the end user is that if a certificate is installed that would allow for monitoring of encrypted network traffic, the Android systems provides a warning to the user.
Lollipop (Android 5.0)
While the first iteration of Jelly Bean introduced support for PIEs, Lollipop went one step further and removed support for non-PIEs. Lollipop also updated the cryptography used for TLS in that it enabled AES with GCM and TLS v1.2 and v1.1, marked Forward Secrecy as preferred, and disabled weaker cipher suites such as MD5 and export grade suites. Android 5.0 also enables full disk encryption (FDE) by default on new devices and users can turn on FDE on devices that upgraded from KitKat to Lollipop. The user noticeable change that was introduced in Lollipop is the increased flexibility of unlocking devices. Lollipop introduced trustlets that allow the device to be unlocked under certain conditions, be it near a specific device, at a specific location, or when being used by a trusted face.
Marshmallow (Android 6.0)
With Marshmallow came the introduction of reading fingerprints for authentication. Applications can also utilize fingerprints to lock and unlock encryption keys. Marshmallow also introduced the Hardware Abstraction Layer (HAL) to protect keys against local hardware attacks and kernel compromise. This version of Android introduced a set of cryptographic checks on the system software at boot to ensure that the device is healthy called Verified Boot. Android 6.0 introduced two user noticeable changes. First, when connecting through USB the default state is Charge Only and the user must give explicit approval to allow access to storage. Also with Android 6.0 applications request permissions when run instead of on install. Users can change these permissions for all applications at any time even if they were installed before upgrading to Marshmallow.
Nougat (Android 7.0)
The recently released Android Nougat included enhancements to the SELinux configuration. ALSR also received an upgrade generated by increased randomness from the library load order being randomized. Nougat introduced file-based encryption for Android, and a Trusted Certificate Authority store. Nougat also made the Verified Boot introduced in Marshmallow mandatory.
All of the Android versions also included security fixes for Android-specific vulnerabilities as well as vulnerabilities found in the packages they use. More information on Android’s security can be found in the following resources: