Android’s Operating System Review

Android’s operating system is extremely safe and really hard for malicious users to get into other peoples phones and corrupt them without the user granting them permission but this wasn’t always the case. As the Linux kernel can be accessed directly this means developers have to use advanced software and hardware to ensure integrity of applications, data and the network is kept also confidentiality.

Main security features incorporated by Android to protect the phone or tablet is the Google Play app this where users download majority their applications from. Google play now has a license verification and Google Play Protect which scans apps when you download them from the app store. Android also have an app and a website to locate if a device is stolen/lost. It also has a feature that when you download from a website for example and the device can’t verify the application certificate it has a pop up that users have to untick to allow installation from an unknown source. Also the device if enabled can go through periodic scans that will inform a user of potentially harmful apps. This is shown in the diagram.

Androids basic security features presented is a pin, password and pattern or in some of the newer devices can be unlocked via the users face.

One service that Android phones offer is device encryption. This involves scrabbling the data on the device and only when the device is presented with the correct key could you access the data for example a password or pin. If a user doesn’t enter the correct pass after a certain amount of tries users are sometimes able to set an erase all option. Android uses dm-crypt to encrypt the data. This encrypts data all the way down to the root file system thus working at the kernel level and has a 128 bit algorithm. It allows the whole disk to be encrypted. However once this encryption key is set there is no option to change it without a hard reset of the device and losing all of the data. Newer Android versions have incorporated fast encryption meaning you are prompted to enter your key in at start up, this leads to a slightly long time to get the device started.

On the application level Android has introduced sandbox security and permission. Sandbox is an old concept and originated from the UNIX operating system which would split file permissions from processes. This means once the application is up and running unless granted permission by the user the application stays in its parameters and run on a virtual machine. This ensures one app doesn’t have access to another app. It sort of works like a sand toy i.e. once sand is in the toy unless the child allows the sand to come out the sand will never leave the sand boxes walls. This is seen when users first download their app from the Play Store or once downloaded the go to the applications settings and can edit it from there. For example simple applications like a photo editing application shouldn’t be accessing your phone but however it may need to access your storage such as photos or videos, it may also ask for permission to access your camera. With Android there isn’t a specific way an app has to enforce its security. Due to the apps being “sandboxed” at OS memory corruption doesn’t occur, this also means the native code at the Linux kernel is just as secure as the code operating on the “virtual machine”.

Authentication is being able to identify the user or users and allowing them access to the system. Android uses “user-authentication-gated cryptographic keys”. On initial start-up authenticator tokens are available to receive information from the user. Users on Android must use a pin/pattern or password. This then generates a 64bit User SID. This works as the “key to the lock”. This 64Bit code is paired with the users’ password/pin or pattern. When users want to change this they must provide the original password thus giving the original 64bit user SID. If they don’t provide the exact key all the information hidden by the key is lost and this is what is known as an “untrusted enrol”.