Security in Android

Android, probably the most loved mobile operating system now has over a billion active users now with over 50 billion apps been downloaded from the Google Play Store alone. Android also grabs over 80% share of all smartphone users globally. But when we talk about these numbers, do these users really have a safe and secure operating system?

The answer is yes, but, provided the user is smart enough and knows how to keep his or her phone secure enough. So what makes a user smart enough to use an android smartphone? Let’s follow some security tips to make your android even more secure.

Secure your lock screen
For some, having a PIN, Pattern or Fingerprint enabled lock screen is inconvenient and they prefer either no lock screen or swipe/slide lock screen to unlock their smartphone. This enables unauthorized person to copy the data from your phone to computer if they could connect your phone to their computer. Most android phones when connected to a computer get connected in MTP mode wherein your data from SD card can directly be copied from your phone to the computer. If the phone has PIN or Pattern enabled lock screen, the contents of the phone’s storage are not visible on the computer unless the phone is unlocked with the PIN or Pattern.

Use of Unknown Sources option
If you visit Security settings of your phone, you will find that the option ‘Unknown Sources’ is disabled by default. If that option is enabled on your phone, one can install third party applications (.apk) on your phone which might contain malware, spyware. Turning off that option, i.e. checking it off will inform the phone to download only the trusted apps like the ones that are there on the Google Play Store.

Verify Apps option
In Security settings of any android phone, one more option ‘Verify Apps’ is found which is intended for scanning any application for threats before it is installed on your phone. While an application is being installed on the phone, Google will scan the application being installed with the help of some pre-installed Google Apps.
Warning before installing malicious apps
User has a choice to continue with the installation if he knows what the application actually does, but if the app is too dangerous to install, Google will automatically block the installation so that your phone is not infected.
snp_2812914_en_v0-1
If the application was found to be dangerous at the run time, Google will notify about that malicious application.
snp_5f729752212a248c333eb15ab2f9242bfc48_6012548_en_v2
User has an option to keep that app anyway. In case Google finds the app too dangerous for your phone, it will automatically remove the app from your phone and will notify you.
snp_ab3e998a4b063a15cd83fac7c5fdf280024f_6012540_en_v1-1

USB Debugging
Android phones have a section ‘Developer Options’ in the phone’s Settings app. Which is hidden by default on Android 4.2 or greater devices. This option has a setting ‘USB Debugging’ which is used by Developers for debugging purpose. Implications of enabling this option can lead to installation of unwanted applications and modifications to your phone’s firmware. If connected to a computer, your phone opens the gate for installation of any android application using ADB tools provided. Also, using ADB tools, one can uninstall any user app, clear any app’s data, restart your phone, and most importantly change your phone’s firmware by rooting your phone. So unless you know very well when you need USB debugging to be ON, you should keep it disabled.

Use of Antivirus Software
Use of Antiviruses can help a lot in identifying the malicious apps. It can provide you the detailed info of any AdWare, SpyWare, Malware, etc. Also, many antivirus software provide you anti-theft features which are very helpful in case your phone is stolen or lost.

Update your system and Webview regularly
There are many security agencies who find loopholes in any operating system. In an attempt to find the bugs in android, recently a company called Zimperium found an exploit Stagefright by which just receiving an MMS could leave your phone jeopardized. Google is committed to fix these issues on a continual basis. The problem is, even if Google fixes these issues, it’s upto the manufacturers to publish the patches as an update to the system. As a result of which, starting from Android 4.4 (Kitkat) android uses Chromium based Webview and fixes made to it are pushed to the Google Play Store – Android Webview so that user’s can have these patches without manufacturers needing to release the updates.

Know what Rooting really means, before you root the phone
Rooted phones are the most vulnerable ones and can be considered as the least secured ones as rooting the phone can directly provide the superuser access (similar to administrator in Windows) which can lead to reading and writing of data into the system partitions as well. It’s upto the individual to decide whether to void your phone’s warranty for modding or tweaking your phone.

Conclusion
Android operating system is secure enough and one should not worry about his or her phone being compromised, provided he/she knows how to use it well. Google has taken every possible step towards making sure that your phone is always safe and secure.

http://lifehacker.com/how-secure-is-android-really-1446328680
http://lifehacker.com/how-secure-is-android-really-1446328680

Ranging from the permissions model to sandboxing and runtime security checks, everything has been layered well to make sure you get the best out of android. It’s just that the user needs to take a few steps towards making his/her Android the most secure operating system.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s