Android Oreo Improves Security Options

by Tech Mainstream Staff


December 28, 2017


Android Oreo Improves Security Options


With the arrival of Android Oreo, many new security features have been introduced. Among the security enhancements, "making it safer to get apps, dropping insecure network protocols, providing more user control over identifiers, hardening the kernel, making Android easier to update, all the way to doubling the Android Security Rewards payouts."

A new hardware feature, Android Verified Boot 2.0 (AVB), part of project Treble, includes a common footer format and rollback protection for more secure and easy updates. The new OEM Lock Hardware Abstraction Layer (HAL) allows manufacturers options on how they protect whether a device is locked, unlocked, or unlockable. A security module, a physical chip found in Pixel 2 and Pixel2 XL, which "prevents deriving the encryption key without the device's passcode and limits the rate of unlock attempts, which makes many attacks infeasible due to time restrictions." New GMS devices Android Oreo shipped with Android Oreo are required to use key attestation. New security features have also been added for enterprise-managed devices

Part of Project Treble, HALs following the principle of least privilege, "only have access to the drivers and permissions that are absolutely necessary" and run in a distinctive sandbox. This separates platform and vendor code. Removal of direct hardware access from Oreo media frameworks and Control Flow Integrity (CFI), a "robust security mechanism that disallows arbitrary changes to the original control flow graph of a compiled binary," have directly heightened security. Seccomp filtering, Hardened usercopy, Privileged Access Never (PAN) emulation, Kernel Address Space Layout Randomization (KASLR) round off the Oreo platform security advancements.

Android Instant Apps, which involves apps running in a restricted sandbox which limits permissions and capabilities. WebView security has also been increased by running it in a separate process and within an isolated sandbox that restricts its resources. Yet another security plus is the significant changes to device identifiers allowing users more control.

 

 

Visit Tech Mainstream's homepage for more stories.

 

 TECH IN A SECOND     

  • 4-6-20 Latest ‘Simply Windows’ video: A work from home episode shows how to use Quick Assist
  • 4-6-20 Samsung Demonstrates World’s First MCPTX Video Call on AWS
  • 4-6-20 Facebook asks users about coronavirus symptoms, releases friendship data to researchers
  • 4-5-20 10th Gen Intel Core H-series Introduces the World’s Fastest Mobile Processor at 5.3 GHz | Intel Newsroom
  • 4-5-20 Video: 8 takeaways for B2B advertisers in the time of COVID-19
  • 4-5-20 Mysterious Shroud of Turin on virtual display for coronavirus prayer
  • 4-4-20 There's now COVID-19 malware that will wipe your PC and rewrite your MBR
  • 4-4-20 How a church sings when the choir can't meet
  • 4-4-20 Working from Home, Dev Team Ships Visual Studio 2019 v16.6 Preview 2
  • 4-4-20 Genesys Helps Organizations Manage Increased Customer Service Demands and Establish Remote Workforces During COVID-19 Pandemic
  • 4-4-20 TurboTax to Help Millions of Americans Get Their Stimulus Payments with Launch of Free Stimulus Registration Product
  • 4-4-20 Cisco's Webex draws record 324 million users in March
  • 4-4-20 Exclusive: Amazon in contact with coronavirus test makers for potential screenings on employees
  • 4-3-20 Poland works on smartphone app to help stop coronavirus outbreak
  • 4-3-20 Google data shines light on whether coronavirus lockdowns worldwide are working
  • 4-3-20 Exclusive: Amazon to delay marketing event Prime Day due to coronavirus
  • 4-2-20 Microsoft Shifts 2020 Events To Be Online Only
  • 4-2-20 IBM Offers "Watson Assistant for Citizens" to Provide Responses to COVID-19 Questions
  • 4-2-20 Amid Pandemic, Richard Lander Updates .NET Team Status: 'We're Doing Well'
  • 4-2-20 Google to allow some coronavirus ads, starting with hospitals, then political ads
  • 4-1-20 Two Zoom Zero-Day Flaws Uncovered
  • 4-1-20 YouTube reportedly working on TikTok competitor called Shorts
  • 4-1-20 MIT Develops Low-Cost Open Source Ventilator For Coronavirus Patients
  • 4-1-20 Critical WordPress Plugin Bug Can Lock Admins Out of Websites
  • 4-1-20 SEO for recreational and commercial vehicles in a COVID-19 world
  • 4-1-20 Meal delivery firms branch out into groceries during crisis
  • 3-31-20 Microsoft Browser Support for TLS 1.0 and 1.1 Ending 2H 2020
  • 4-1-20 Amazon warehouse workers protest near Detroit, days after NYC walkout
  • 4-1-20 Tommy the robot nurse helps keep Italy doctors safe from coronavirus
  • 3-31-20 Marriott says 5.2 million guests exposed in new data breach
  • 3-31-20 Zoom takes lead over Microsoft Teams as coronavirus keeps Americans at home
  • 3-31-20 Virtually Free GTC: 40,000 Developers and AI Researchers Sign Up to Access Hundreds of Hours of No-Cost Sessions at GTC Digital
  • 3-31-20 Moz Outpaces SEO Industry Leaders With More, High-Quality Links Than Ever Before
  • 3-30-20 Oracle Ramps Up Free Online Learning and Certifications for Oracle Cloud Infrastructure and Oracle Autonomous Database
  • 3-30-20 Adobe Enables Distance Learning Globally for Schools Impacted by COVID-19
  • 3-30-20 Google Posts, ‘temporarily disabled,’ now back
  • 3-30-20 Luminati Participates In Covid-19 Task Force Launched To Test Blood Oxygen Levels Through Smart Devices
  • 3-30-20 Facebook commits $100 million to support news media hurt by virus crisis
  • 3-29-20 Disaster Management Group Launches New App to Streamline COVID-19 Testing
  • 3-29-20 IBM Offers Free Tools Based on Trusted Data to Track COVID-19 Cases on Your Phone and Online
  • 3-28-20 Search marketers are volunteering services, support to help small businesses get through COVID-19
  • 3-28-20 Businesses should limit, not disable, their sites during temporary closures, Google says
  • 3-28-20 Intel Allocates $6 Million for Coronavirus Relief, Builds on Previous Efforts | Intel Newsroom
  • 3-28-20 Phunware Launches National Ventilator Registry
  • 3-28-20 Plug and Play Announces Launch of COVID-19 Startup Accelerator
  • 3-28-20 Sermo Invites All Doctors Globally to Participate in the Largest COVID-19 Real Time Study; Unprecedented Data From Doctors in 30 Countries Will Provide a Weekly Perspective of the COVID-19 Battle From the Frontlines
  • 3-28-20 Microsoft to divest AnyVision stake, end face recognition investing
  • 3-28-20 Exclusive: Amazon entices warehouse employees to grocery unit with higher pay

Read All News...


Upcoming Tech Events

March 23-26, 2020- GTC GPU Technology Conference

March 24-25, 2020- AI World Congress 2020

March 30-April 1, 2020- IRI Growth Summit

March 30-April 3, 2020- Visual Studio Live! 

April 6-9, 2020- IEEE International Conference on Soft Robotics

April 15-17, 2020- MarTech

May 4-6, 2020- Salesforce Connections ’20

May 5-6, 2020- XR Immersive Enterprise

May 5-7, 2020- Digital Summit

May 12-13, 2020- Insurance AI and Innovative Tech USA 2020

May 18-22, 2020- DrupalCon

June 3-5, 2020- SocialWest

June 8-10, 2020- SMX Advanced 2020

June 15-18, 2020- Software Architecture Conference

June 22-26, 2020- 17th International Conference on Ubiquitous Robots

June 24-26, 2020- Linux Security Summit North America

August 31- September 2, 2020- Digital Transformation Connect

September 15-16, 2020- Automotive Linux Summit

October 13-16, 2020- HR Tech 2020

October 19-22, 2020- TensorFlow World

October 26-29, 2020- Sitecore Symposium

November 9-12, 2020- Dreamforce

November 11-12, 2020- The MarTech Summit

November 17-20, 2020- KubeCon + CloudNativeCon North America

 


Tech Definitions in the News

Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects. Arduino boards are able to read inputs - light on a sensor, a finger on a button, or a Twitter message - and turn it into an output - activating a motor, turning on an LED, publishing something online

Source: https://www.arduino.cc/en/Guide/Introduction/

Augmented Reality is an enhanced version of reality where live direct or indirect views of physical real-world environments are augmented with superimposed computer-generated images over a user’s view of the real-world, thus enhancing one’s current perception of reality.

Source: https://www.realitytechnologies.com/ augmented-reality/

Chatbot is a piece of software that interacts with users in a conversational way.

Source: https://snatchbot.me/insight/250/ intelligent-chatbots


Deep Learning is a new area of Machine Learning research, which has been introduced with the objective of moving Machine Learning closer to one of its original goals: Artificial Intelligence.

Source: http://deeplearning.net/


DevOps is a set of software development practices that combines software development (Dev) and information technology operations (Ops) to shorten the systems development life cycle while delivering features, fixes, and updates frequently in close alignment with business objectives. Different disciplines collaborate, making quality everyone's job.

Source: https://en.wikipedia.org/wiki/DevOps


Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package.

Source: https://opensource.com/resources/what-docker


Edge computing is a distributed computing paradigm which brings computation and data storage closer to the location where it is needed, to improve response times and save bandwidth.

Source: https://en.wikipedia.org/wiki/Edge_computing


FogHorn is an intelligent Internet of Things ( IoT) edge solution that delivers data processing and real-time inference where data is created.

Source: https://aws.amazon.com/blogs/architecture/foghorn-edge-to-edge-communication-and-deep-learning/


Hybrid Cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.

Source: https://azure.microsoft.com/en-us/overview/what-is-hybrid-cloud-computing/


Kubernetes (k8s) is an open-source system for automating deployment, scaling, and management of containerized applications.

Source: https://kubernetes.io/blog/



WWW2 and WWW3 (k8s) are hostnames or subdomains, typically used to identify a series of closely related websites within a domain, such as www.example.com, www2.example.com, and www3.example.com; the series may be continued with additional numbers: WWW4, WWW5, WWW6 etc. 

Source: https://en.wikipedia.org/wiki/WWW2


Did You Know?

Duck Duck Go Search Engine has six different themes to choose from for its search interface.