Android 5.0 Lollipop represents a leap forward in security terms

News by Steve Gold

Android 5.0 - code name L for Lollipop - has been released to hardware vendors this week, with several handset vendors, notably Google and Motorola, planning to push out the updated operating system in the next few days.

Perspectives on Lollipop differ, characterised as, the good, the bad and the ugly:

The good
 
If you're lucky enough to receive an OTA (over the air) update, you'll notice that the user interface has been significantly updated, but the real beauty stems from several key security upgrades under the hood, including a remote `kill switch' and Security-Enhanced Linux (SELinux) feature to lower the risk of vulnerabilities in all applications.

In addition, with Android Lollipop, encryption is turned on automatically for new devices. This is the first time data will be encrypted by default on Android devices.

There is also Smart Lock function that allows Android phones or tablets to be secured by Bluetooth, pairing them with an Android Wear device or a car-based system, assuming the car's Bluetooth facility is running Android Auto.

The bad

With impeccable timing, Check Point researchers made a presentation at the Black Hat Europe event in Amsterdam this morning about a significant security flaw with Android - although it remains to be seen whether Android will updated Lollipop to counter the problem, which leaves every Android device vulnerable to a cyber-attack.

According to the security vendor, the flaw enables hackers to override security features leaving critical apps such as mobile banking susceptible to attack, as well as enabling hackers to override any device security leaving passwords vulnerable and personal data at risk.

The vulnerability centres on inter-process communication (IPC) tool called Binder, the system component that makes the operating system run over hardware.

Check Point claims that, a the single point of communication, the Binder is a prime target for any Android malware, meaning that users are vulnerable to an override of all security measures in place by individual applications on the device, and all their communications being exploited and intercepted.

According to Nitay Artenstein, a security researcher at Check Point, the Binder is likely to become the new frontier of mobile malware attacks.

"Its greatest value for attackers is the lack of widespread awareness about its role in the Android OS. Our hope is that with this research, the security and development communities will be better equipped to protect and secure the data going through the Binder," he explained.

And the corporate potential...

Commenting on the release of Android Lollipop, Mike McLaughlin, a senior pen tester with First Base Technologies, said that Android 5.0 represents something of a turning point for the mobile operating system, as its security features will appeal to the enterprise user.

"I think you are going to see Android 5.0 marking the point where Android starts to become a high-end hardware operating system," he said, adding that this is in marked contrast to iOS, Apple's mobile operating system, which has tended to be high-end consumer operating system.

Lollipop's security features, he explained, will appeal to the corporate IT departments, owing to its flexibility and support for some of the powerful hardware planned by Google and other smartphone/tablet vendors in the months ahead.

Google, he says, is now starting to move away from the low-end entry-level handset and tablet end of the market.

McLaughlin, who is technical team lead with First Base, went on to say that Android 5.0 will be available on the Motorola-manufactured Nexus 6 - the newest version of Google's flagship smartphone - and the Nexus 9 tablet

built by HTC.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events