Skip to main content

Google Details Android 5.0 Lollipop’s Major Security Improvements



Android’s newest update is coming soon, with devices running 5.0 Lollipop beginning to ship November 3. While the visual update might be the one that most users pay the most attention to, Android 5.0 also has a number of under-the-hood changes, including some major updates to the overall security of the platform. Google has put a lot of effort into addressing the biggest threats to Android user security, which still overwhelmingly represent lost or stolen devices, and today the company is detailing a few of these efforts.

Lollipop adds some new lock methods that make it easier to keep your device secure, which is a huge boon to the overall integrity of the platform. The biggest roadblock to mobile device security is actually user apathy, which sees people skipping basic security practices like implementing a lock screen pin code because it’s inconvenient when you’re checking your device every few minutes. Lollipop offers Smart Lock to help address this, which uses paired devices to let you tell your device it’s okay to open up without requiring a password or other means of authentication.

The device-based Smart Lock has a similar motivation, and effect, to Apple’s Touch ID: Both serve to get around user reluctance to set up on-device security measures. Using Touch ID is easier than constantly typing in a password, and using Smart Lock offers the same kind of convenience. You can set it up using any NFC or Bluetooth-enabled device that has been paired with your Android 5.0 smartphone or tablet – provided they’ve actually paired, which isn’t always true of short-range wireless communication methods. The pairing requirement adds a layer of security, meaning your smartphone won’t unlock if you happen to be near an NFC terminal you’ve used for an in-store payment at some time in the past, for instance.

Face unlock is also redesigned here, and has been rebuilt to analyze a user’s image continually, as more of a background security process than a device unlocking mechanism.

“Rather than pretending to take a picture, and analyze it, it’s analyzing a user’s face on an ongoing basis,” explained Android security engineering lead Adrian Ludwig in a briefing call. “If a user’s opted in and is using this method, at the moment it detects that a user isn’t the one that it’s expecting, it locks. That’s very different from the previous model.”

Used with something like an Android Wear smartwatch, this means that your phone will be ready to use without a lock code whenever it’s on your person. Used with something like a smart TV, it means that you’ll be safe to bypass security measures only when you’re at home, where your device is unlikely to be pickpocketed or left behind. It’s a feature that offers a lot of initial convenience, and that also has tremendous potential for increased sophistication once Google begins iterating and tying it to other Lollipop features like Guest mode and the ability to offer multiple user accounts, and segregated work data buckets.

Security is also more robust by default, thanks to automatic whole-phone encryption for newly activated devices. In Lollipop, when you power on a new smartphone or tablet, it encrypts all data automatically, and creates a unique key that remains on the device to decrypt the data. Android introduced its encryption features three years ago, but now it’s on by default on new devices, though anyone upgrading on an older device will still have to go into settings to enable it, should they want that additional level of protection.

“The question we’re posing is not ‘does the feature exist,'” Ludwig said. “The question is ‘how do we make sure that [the feature] is available and as easy to use as possible.” Ludwig says that a big barrier to users employing encryption previously has been that a user enabling it on an existing device could take hour depending on how much data was on their phone, whereas now that it’s enabled by default at the beginning of device setup, it takes no time at all.

The encryption key is also wrapped in your device unlock password, and with all Nexus devices, and other new Android hardware that supports it, a secure element located in the device hardware itself that isn’t accessible to the rest of the system.

Finally, Google is pointing to its use of Security Enhanced Linux (SELinux) to enable even further clarity around the isolation of individual apps. This really just means that users have to worry less about apps containing vulnerabilities that allow them to read info from other apps – basically it offers better visibility about how sandboxing works on the platform.

“Our goal with the security model of Android is that you should never have to care, honestly,” Ludwig explained. “I don’t think it’s realistic that the average person should think about security. That’s sort of the confidence level that we’re hoping for in Android, and SELinux gets us that much closer to it, where you don’t have to worry about security, you don’t have to spend time thinking about it.”

Ludwig says that their own research shows that actual risk to users from malware is “extraordinarily low,” with only less than 1 in 1000 Android users ever affected by a malicious local software attack. Device theft and loss is what needs to be addressed as the top immediate threat, and that’s what many of these features focus on. Google is also focusing now more on network level compromises, but in the near-term Lollipop should do a lot to help reassure IT departments worried about absent-minded employees losing track of devices.

Popular posts from this blog

ASUS VivoBook X202E Windows 8 Touchscreen Laptop Review And Giveaway

It wasn’t very long ago when prices of touchscreen Windows 8 laptops soared beyond $1000. Thankfully, those days are behind us, and portable computers can easily be purchased – touchscreen and all – for under $500. That’s precisely the demographic in which the ASUS VivoBook X202E falls. When compared to a high-end laptop, its specifications might seem modest, but for laptop buyers just looking for a way to browse the web, watch videos, use basic apps, and not spend too much money, something in this budget is perfectly suitable. The question is, of course, how does the ASUS VivoBook X202E compare to others on the market, and is it the one which you should be spending your hard-earned money on? Well, you’re just going to have to keep reading to find out. Best of all, we are giving away an ASUS VivoBook X202E to one lucky winner. Keep reading for your chance to take home this Windows 8 touchscreen laptop! Introducing the ASUS VivoBook X202E Laptop The ASUS VivoBook X202...

Samsung Galaxy Note 3 N9000 Review and Giveaway

When it comes to massive phones, nothing is more iconic than the Samsung Galaxy Note. It has gained popularity not only due to its size, but its additional features such as a stylus and a larger battery make it a more useful phone. Samsung released the third generation of the Galaxy Note in October, updating the phablet with a larger screen and improved hardware. Read through our review, then join the giveaway to win the  Samsung Galaxy Note 3 ! Competitors Of course, other Android competitors haven’t let the $640  Galaxy Note 3  be the only player in the phablet market. There are others such as the  Sony Xperia Z Ultra , the Samsung Galaxy Mega , and the other more common phones that are reaching 5″ screens such as the  Samsung Galaxy S4 , the  HTC One , and the  Nexus 5 . Unlike the normal-sized top contenders, the Galaxy Note 3 has a bigger screen and larger battery. It also offers specific features (surrounding the S Pen stylus) th...

Samsung Galaxy S5 Review and Giveaway

Few smartphones are as aggressively marketed as Samsung’s Galaxy S5. The S5 can no longer be considered brand-new — but it  is  Samsung’s flagship, at least for the next few months. With a gorgeous screen, a capable camera, a waterproof build, and a user-replaceable battery, the Galaxy S5 has a lot to offer… at least on paper. Let’s find out how good it really is. What Makes This Review Different There are about a million Galaxy S5 reviews out there. Why should you read this one? Two keys points make our review different: We bought our own device . Unlike many tech blogs, we don’t use a review unit Samsung gave us. We went out to the store and bought one, just like you would. This means everything you read here is truly impartial – we owe Samsung nothing. We used it for more than a month . Some sites rush to be the first to publish a review on a new device. That’s not how we do things. I used the Galaxy S5 as my main (and only) Android phone for nearly two months,...