As more and more aspects of our lives become digitised, the risks that come with a more connected world also grow. Security in the digital world has quickly become a personal concern of everyone. Even those that don’t consider themselves ‘tech’ people are deeply concerned about the wellbeing of their information online.
When the personal and financial information of most of the world was put online, it fundamentally revolutionised everything forever. We can instantaneously communicate and trade with anyone, anywhere, in ways that seemed like science fiction only a generation ago and continue to gradually dissolve the illusion of separation and enforce a sense of global identity. The benefits are innumerable. This growing connection though, has brought with it a host of those looking to exploit those connections. This year in America alone there have been 269 data breaches exposing the information of almost 12 million people
. With our entire lives existing online we are all potentially just a few lines of code away from having a very bad day. The trust we place in the companies who store and aggregate our information is paramount as, without it, there would be no business. Such is the case with Google, who has released its Android Security Report for 2016 detailing its continued efforts to secure Android's ecosystem.
Android is the most prevalent operating system in the world, powering mobiles, tablets, TVs, and now beginning to make its way to desktops
and even cars
. The OS is especially popular in the developing nations of Asia and Africa where Android’s low operational requirements and versatility is a boon. With over 1 billion devices powered by Google, this puts an unprecedented amount of information in their care.
The security report details Google’s efforts to improve its machine learning and event correlation, allowing them to distinguish hazardous user behaviour. Using this technique, Google can protect users from potentially harmful apps (PHAs) and malware. Through its Google Play app market, Google scans approximately 6 billion apps, per day, as they are installed on users’ devices.
Checking 400 million devices a day, Google also defends its users from attacks both network-based and on-device, bringing the Safe Browsing feature, which has already protected more than a billion desktop users, to the Android version of the Chrome web browser
, adding another line of defense against malware and unwanted software installations. Notifying users when a site is, either intentionally or unintentionally compromising their security, gives web surfers piece of mind that, even if they do stumble into an unseemly corner of the internet, Google is looking out for them.
Most people have seen this warning pop up at some point (we won’t ask what you were looking at - judgment-free free zone) letting you know that something is phishy on the current web page. With more than 5 million of theses warnings going out every day, Google saves its users tremendous amounts of frustration and panic. Almost gone are the days of endless pop ups and phishing scams. For more info about the potential dangers of the internet and Google’s efforts to protect you, check out their security transparency report here
Adrian Ludwig, Lead Engineer of Android Security at Google elucidates on the company's commitment to sharing information. “Greater transparency helps drive a well-informed discussion about security, and from there, more safety for all users. We'll continue our ongoing efforts to improve Android’s protections, and we look forward to engaging with the ecosystem and security community in 2016 and beyond.”
In the report, Google also details many of the new protections that join the plethora of other groundbreaking features as part of the newest version of Android, 6.0 Marshmallow. Google has also enlisted potential Black Hats
by bringing Android into their Vulnerability Rewards Program. Launched in 2010, the security reward program entices coders and hackers to report vulnerabilities in Google’s products and services. In 2014 alone, Google dished out $1.5 million to security researchers. Now Android users can reap the benefits of the program, which also extends to Google’s pure Android Nexus devices, making the Nexus the first flagship mobile line to have a program that rewards those that report vulnerabilities instead of exploiting them.
Since the program was implemented last June, Google has fixed more than 100 reported vulnerabilities and paid out $200,000 plus to researchers for the help.
“We’re working to foster Android security research and making investments to strengthen protections across the ecosystem now and in the long run,” Adrian adds.