Advertisement

Google touts improved Android security in 2017 review

By Sommer Brokaw
Google touts improved Android security in 2017 review
Google headquarters in Mountain View, Calif. File photo by Asif Islam/Shutterstock

March 15 (UPI) -- Android's latest software update, dubbed the 8.0 Oreo, has been updated to be safer than its predecessors, Google's annual review published Thursday shows.

With faster security updates in the operating system, Google says Android is now able to "lead the industry," in its fourth annual review. The report analyzed the number of devices installing Potentially Harmful Applications and found a reduced number in 2017.

Advertisement

While this is "great news" for Oreo users, PC World reported that not all Android phones are able to download the update -- so far Pixel and the soon-to-be released Galaxy 9 can. That means 1 percent of Android devices are using Oreo while 28 percent each are using Nougat or Marshmallow.

Google also introduced HackerOne, an app offering developers monetary incentives to find bugs, the review said.

Advertisement

A CNET report further found that after years of hacks -- from the StageFright bug in 2015 to the HummingBad, in 2016 -- Android is now as safe as other phones.

Google's head of security, David Kleidermacher told CNET, "without naming any names, Android is now as safe as the competition."

The Android 8.0 Oreo has an opt-in safe browsing feature that allows users protection from PHAs and phishing while browsing. Oreo users are also now the most likely to benefit from secure lock screening, the review said. In 2017, 85 percent of Android 8.0 devices with a fingerprint sensor had a secure lock screen compared to 73 percent of Nougat and 74 percent of Marshmallow users.

RELATED Chance of cancer from cell phones slim, but not zero

Android also made another security updates on the platform level with Project Treble, which gives apps a way to mitigate "sophisticated attacking techniques," the 2017 review stated. In 2017, Verified Boot, which already prevented devices from booting up with tampered software, was updated with rollback protection to prevent someone from returning to an old image that is vulnerable to attack.

Google found that all Android devices that only download mobile applications from Google Play are nine times less likely to get a PHA than those that use other sources.

Advertisement

Further, Google Play Protect, enabled on more than 2 billion devices running Android 4.3-plus, has run periodic scans for PHAs since 2014, and the scans have improved over the years, the review noted. In 2016, scans increased from about once a week to daily. In early 2017, more PHA scans were investigated and research showed that 35 percent of PHAs were installed when devices were offline or lost connectivity. Google added offline scanning to address this in October.

RELATED California bill would require smartphone manufacturers to provide repair info

The mobile device operator has also introduced security patches to fix vulnerabilities. In 2017, the number of Android devices receiving these patches increased by 30 percent, according to the report.

Cybersecurity software company Symantec in April 2017 said threat detections on mobile devices doubled in 2016 -- a total of 18.4 million malware detections. From 2014 to 2016, Apple's mobile operating system iOS, had about the same number of vulnerabilities. Meanwhile, the number of malicious Android apps increased by 105 percent in 2016.

"The point is because Android is basically open source, anyone can look at what's in Android. You can't do that with iOS," Jack Gold, principal analyst with J. Gold Associates, told ComputerWorld in August. "If you're LG, for example, and you put out a phone with modification to the OS, and you didn't do a good job with it, there's a potential vulnerability. And, in this day and age, someone will find it."

Advertisement

Latest Headlines

Advertisement
Advertisement

Follow Us

Advertisement